Jump to content

Leila

Honorary Members
  • Posts

    135
  • Joined

  • Last visited

Posts posted by Leila

  1. The laptop had belonged to the college age daughter of a neighbor who said his daughter had bought a new computer and had left her old one in the garage and he was cleaning out the garage and getting rid of unwanted clutter.  He asked if I could use that laptop.

     

    The laptop computer I was gifted with is an ASUS with an Intel Premium processor, 500 gig hard drive, and Windows 7 installed.  It has a manufacture date of June 2012, so it's less than 2 years old, and probably used about a year.  I've had it since just before Thanksgiving 2013 and didn't want to deal with it over the holidays. 

     

    I couldn't get it to boot up and took it to a computer store.  The technician checked it out and said it had nothing on it..........whoever owned it had wiped the hard drive including the Windows 7.  Then, when they opened it up, they found the hard drive damaged.

     

    I bought a Seagate 500 gig hard drive for $64.99 and am paying for installing Windows 7 on the laptop and installing the new hard drive.  It comes to less than $200.00.  So, I'm essentially starting out with a clean slate.

     

    I could have put that money toward a new laptop, but they all come with Windows 8.0 or 8.1 installed, and I don't want Windows 8.  I figure it will be a year or so before Windows 8 is perfected. 

     

    I've never had a laptop computer before.........always have had a desktop.  So I may have a lot of questions.   I started out with an Apple 2e back in the late 1980s and graduated to an IBM clone in the early 1990s.  My current desktop is an almost 3-year-old Lenovo with Windows 7.

  2. At the present time, I'm using McAfee anti-virus on my desktop PC, and it's been suggested that I should look into another anti-virus. 

     

    In addition to my desktop PC, I've been gifted with a not quite 2-year-old laptop and need to put an anti-virus on that computer.

     

    I also have the pro version of Malwarebytes on my desktop.  Do I need to buy another copy of the pro version for the laptop too?

     

    Any suggestions as to what anti-virus I should get.

     

     

     

  3. The computer is running just fine now.  It's running smoothly and quickly.  I don't see any signs of infection at all. 

     

    I haven't downloaded and installed Malwarebytes Pro yet, as I wanted to make sure everything was running normally first.  If I understand correctly, I'm to disable my antivirus, then download and install Malwarebytes Pro. 

     

    Upon installation will Malwarebytes Pro automatically ignore the 9 McAfee components and put them on the ignore list, or do I have to manually put them on the ignore list?

  4. Here's the log for  Security Check...............................

     

     Results of screen317's Security Check version 0.99.76  
     Windows 7 Service Pack 1 x64 (UAC is enabled)  
     Internet Explorer 10  
    ``````````````Antivirus/Firewall Check:``````````````
     Windows Firewall Enabled!  
    McAfee Anti-Virus and Anti-Spyware   
     WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
     Malwarebytes Anti-Malware version 1.75.0.1300  
     JavaFX 2.1.1    
     Java 7 Update 45  
     Adobe Flash Player 11.9.900.117  
     Adobe Reader 10.1.8 Adobe Reader out of Date!  
     Mozilla Firefox (25.0)
     Google Chrome 30.0.1599.101  
     Google Chrome 30.0.1599.69  
    ````````Process Check: objlist.exe by Laurent````````  
     Malwarebytes Anti-Malware mbamservice.exe  
     Malwarebytes Anti-Malware mbamgui.exe  
     Malwarebytes' Anti-Malware mbamscheduler.exe   
     McAfee Online Backup MOBK400backup.exe   
    `````````````````System Health check`````````````````
     Total Fragmentation on Drive C: 0%
    ````````````````````End of Log``````````````````````
     

  5. Here's the Combofix log.  I hope I did it right this time.   :) 

     

    ComboFix 13-11-07.01 - Linda 11/08/2013  14:31:30.4.4 - x64
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5992.3805 [GMT -8:00]
    Running from: c:\users\Linda\Desktop\ComboFix.exe
    Command switches used :: c:\users\Linda\Desktop\CFScript.txt
    AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\temp\ScorpionSaver.msi"
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\ScorpionSaver
    c:\program files (x86)\ScorpionSaver\CustomActionInstall
    c:\program files (x86)\ScorpionSaver\CustomActionUninstall
    c:\program files (x86)\ScorpionSaver\IECore.dll
    c:\program files (x86)\ScorpionSaver\Microsoft.Deployment.WindowsInstaller.dll
    c:\program files (x86)\ScorpionSaver\Microsoft.Deployment.WindowsInstaller.xml
    c:\program files (x86)\ScorpionSaver\SendJson.dll
    c:\temp\ScorpionSaver.msi
    .
    .
    (((((((((((((((((((((((((   Files Created from 2013-10-08 to 2013-11-08  )))))))))))))))))))))))))))))))
    .
    .
    2013-11-08 22:35 . 2013-11-08 22:35    --------    d-----w-    c:\users\Default\AppData\Local\temp
    2013-11-01 02:28 . 2013-11-01 02:28    --------    d-----w-    c:\program files (x86)\Level Quality Watcher
    2013-11-01 01:42 . 2013-11-01 01:42    --------    d-----w-    c:\windows\ERUNT
    2013-10-31 06:23 . 2013-10-31 06:51    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
    2013-10-31 06:23 . 2013-10-31 06:40    116440    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
    2013-10-31 06:18 . 2013-10-31 06:39    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
    2013-10-31 04:09 . 2013-10-31 04:32    --------    d-----w-    c:\users\Linda\AppData\Roaming\U3
    2013-10-30 19:41 . 2013-10-30 19:41    --------    d-----w-    c:\users\Linda\AppData\Roaming\Malwarebytes
    2013-10-30 19:40 . 2013-10-30 19:40    --------    d-----w-    c:\programdata\Malwarebytes
    2013-10-30 19:40 . 2013-10-30 19:41    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
    2013-10-30 19:40 . 2013-04-04 21:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
    2013-10-30 19:40 . 2013-10-30 19:40    --------    d-----w-    c:\users\Linda\AppData\Local\Programs
    2013-10-30 04:39 . 2013-10-30 04:39    --------    d-----w-    c:\programdata\Oracle
    2013-10-30 04:39 . 2013-10-30 04:39    --------    d-----w-    c:\program files (x86)\Common Files\Java
    2013-10-30 04:38 . 2013-10-30 04:38    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-10-30 04:38 . 2013-10-30 04:38    --------    d-----w-    c:\program files (x86)\Java
    2013-10-29 20:56 . 2013-10-29 20:56    --------    d--h--w-    c:\programdata\Common Files
    2013-10-22 01:10 . 2013-10-22 01:10    --------    d-----w-    c:\program files\McAfee Security Scan
    2013-10-16 03:02 . 2013-09-23 20:49    197704    ----a-w-    c:\windows\system32\drivers\HipShieldK.sys
    2013-10-10 23:58 . 2013-10-10 23:58    --------    d-----w-    c:\users\Linda\AppData\Local\McAfee File Lock
    2013-10-10 10:05 . 2013-09-23 01:25    775256    ----a-w-    c:\program files\Internet Explorer\iexplore.exe
    2013-10-10 03:49 . 2013-07-04 12:50    633856    ----a-w-    c:\windows\system32\comctl32.dll
    2013-10-10 03:49 . 2013-07-04 11:50    530432    ----a-w-    c:\windows\SysWow64\comctl32.dll
    2013-10-10 03:49 . 2013-07-12 10:41    100864    ----a-w-    c:\windows\system32\drivers\usbcir.sys
    2013-10-10 03:49 . 2013-07-12 10:40    109824    ----a-w-    c:\windows\system32\drivers\USBAUDIO.sys
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-10-10 10:02 . 2011-07-08 00:34    80541720    ----a-w-    c:\windows\system32\MRT.exe
    2013-10-09 02:59 . 2012-04-12 10:18    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2013-10-09 02:59 . 2011-07-09 00:49    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-10-02 21:14 . 2013-10-02 21:14    58192    ----a-w-    c:\windows\system32\drivers\lsnfd.sys
    2013-09-25 03:29 . 2013-05-13 23:30    70112    ----a-w-    c:\windows\system32\drivers\cfwids.sys
    2013-09-25 03:25 . 2013-02-19 20:56    343568    ----a-w-    c:\windows\system32\drivers\mfewfpk.sys
    2013-09-25 03:25 . 2013-05-13 23:24    182752    ----a-w-    c:\windows\system32\mfevtps.exe
    2013-09-25 03:22 . 2013-02-19 20:54    781312    ----a-w-    c:\windows\system32\drivers\mfehidk.sys
    2013-09-25 03:21 . 2013-05-13 23:30    519192    ----a-w-    c:\windows\system32\drivers\mfefirek.sys
    2013-09-25 03:20 . 2013-05-13 23:30    310224    ----a-w-    c:\windows\system32\drivers\mfeavfk.sys
    2013-09-25 03:19 . 2013-02-19 20:52    179664    ----a-w-    c:\windows\system32\drivers\mfeapfk.sys
    2013-09-20 16:38 . 2013-09-20 16:38    10856    ----a-w-    c:\windows\system32\drivers\mfeclnrk.sys
    2013-09-20 16:38 . 2013-09-20 16:38    95984    ----a-w-    c:\windows\system32\drivers\mfencrk.sys
    2013-09-20 16:37 . 2013-09-20 16:37    390552    ----a-w-    c:\windows\system32\drivers\mfencbdc.sys
    2013-09-09 18:11 . 2013-05-13 23:30    74560    ----a-w-    c:\windows\system32\drivers\McPvDrv.sys
    2013-08-29 01:48 . 2013-10-10 03:48    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    .
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "GoogleChromeAutoLaunch_72A69F45706A1906C3BB8A81AA94F778"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-10-09 844752]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "jmekey"="c:\program files (x86)\jmesoft\hotkey.exe" [2009-07-16 114688]
    "Lenovo Eye Distance System"="c:\program files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe" [2010-09-09 265216]
    "Lenovo Dynamic Brightness System"="c:\program files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe" [2010-10-08 285696]
    "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 958576]
    "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
    "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
    .
    c:\users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Launch Utility Application.lnk - c:\users\Linda\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe [2012-8-31 903096]
    Monitor Ink Alerts - HP Officejet 4620 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN28V2412305RT;CONNECTION=USB;MONITOR=1; [2009-7-13 45568]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
    R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
    R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
    R3 ssmirrdr;ssmirrdr;c:\windows\system32\DRIVERS\ssmirrdr.sys;c:\windows\SYSNATIVE\DRIVERS\ssmirrdr.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
    S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
    S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys;c:\windows\SYSNATIVE\drivers\McPvDrv.sys [x]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
    S0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
    S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
    S1 MOBK400Filter;MOBK400Filter;c:\windows\system32\DRIVERS\MOBK400.sys;c:\windows\SYSNATIVE\DRIVERS\MOBK400.sys [x]
    S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
    S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
    S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
    S2 MOBK400backup;McAfee Online Backup;c:\program files (x86)\McAfee Online Backup\MOBK400backup.exe;c:\program files (x86)\McAfee Online Backup\MOBK400backup.exe [x]
    S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
    S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys;c:\windows\SYSNATIVE\DRIVERS\GeneStor.sys [x]
    S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
    S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2013-10-18 17:01    1185744    ----a-w-    c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-11-08 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 02:59]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK400]
    @="{73552f1f-bf89-9213-24d3-b502f837bb93}"
    [HKEY_CLASSES_ROOT\CLSID\{73552f1f-bf89-9213-24d3-b502f837bb93}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK4002]
    @="{81d6082a-73e9-8567-a371-6ad62982aca6}"
    [HKEY_CLASSES_ROOT\CLSID\{81d6082a-73e9-8567-a371-6ad62982aca6}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK4003]
    @="{44391887-365b-8585-2ab9-799a50b9ef5e}"
    [HKEY_CLASSES_ROOT\CLSID\{44391887-365b-8585-2ab9-799a50b9ef5e}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-18 167960]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-18 391704]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-18 417304]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-26 11543656]
    "UMonit"="c:\windows\SysWOW64\UMonit.exe" [2010-12-01 28672]
    "Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-05-19 114688]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm

    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <-loopback>
    Trusted Zone: microsoft.com\.windowsupdate
    Trusted Zone: windowsupdate.com
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\jeuc81t6.default-1383517261482\
    FF - ExtSQL: 2013-11-03 09:50; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files (x86)\McAfee\SiteAdvisor
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-10 - (no file)
    AddRemove-Browsersafeguard - c:\program files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe
    AddRemove-Linksicle - c:\program files (x86)\Linksicle\Uninstall.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
       00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2013-11-08  14:37:20
    ComboFix-quarantined-files.txt  2013-11-08 22:37
    ComboFix2.txt  2013-11-08 04:24
    .
    Pre-Run: 1,407,087,366,144 bytes free
    Post-Run: 1,407,020,204,032 bytes free
    .
    - - End Of File - - 48455FA4A4957B33EC54E79E6F1F2FE6
    A36C5E4F47E84449FF07ED3517B43A31
     

  6. Here's the Combofix log......................................

     

    ComboFix 13-11-07.01 - Linda 11/07/2013  20:19:32.3.4 - x64
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5992.3617 [GMT -8:00]
    Running from: c:\users\Linda\Desktop\ComboFix.exe
    AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((   Files Created from 2013-10-08 to 2013-11-08  )))))))))))))))))))))))))))))))
    .
    .
    2013-11-08 04:22 . 2013-11-08 04:22    --------    d-----w-    c:\users\Default\AppData\Local\temp
    2013-11-01 02:28 . 2013-11-01 02:28    --------    d-----w-    c:\program files (x86)\ScorpionSaver
    2013-11-01 02:28 . 2013-11-01 02:28    --------    d-----w-    c:\program files (x86)\Level Quality Watcher
    2013-11-01 01:42 . 2013-11-01 01:42    --------    d-----w-    c:\windows\ERUNT
    2013-10-31 06:23 . 2013-10-31 06:51    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
    2013-10-31 06:23 . 2013-10-31 06:40    116440    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
    2013-10-31 06:18 . 2013-10-31 06:39    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
    2013-10-31 04:09 . 2013-10-31 04:32    --------    d-----w-    c:\users\Linda\AppData\Roaming\U3
    2013-10-30 19:41 . 2013-10-30 19:41    --------    d-----w-    c:\users\Linda\AppData\Roaming\Malwarebytes
    2013-10-30 19:40 . 2013-10-30 19:40    --------    d-----w-    c:\programdata\Malwarebytes
    2013-10-30 19:40 . 2013-10-30 19:41    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
    2013-10-30 19:40 . 2013-04-04 21:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
    2013-10-30 19:40 . 2013-10-30 19:40    --------    d-----w-    c:\users\Linda\AppData\Local\Programs
    2013-10-30 04:39 . 2013-10-30 04:39    --------    d-----w-    c:\programdata\Oracle
    2013-10-30 04:39 . 2013-10-30 04:39    --------    d-----w-    c:\program files (x86)\Common Files\Java
    2013-10-30 04:38 . 2013-10-30 04:38    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-10-30 04:38 . 2013-10-30 04:38    --------    d-----w-    c:\program files (x86)\Java
    2013-10-29 20:56 . 2013-10-29 20:56    --------    d--h--w-    c:\programdata\Common Files
    2013-10-22 01:10 . 2013-10-22 01:10    --------    d-----w-    c:\program files\McAfee Security Scan
    2013-10-16 03:02 . 2013-09-23 20:49    197704    ----a-w-    c:\windows\system32\drivers\HipShieldK.sys
    2013-10-10 23:58 . 2013-10-10 23:58    --------    d-----w-    c:\users\Linda\AppData\Local\McAfee File Lock
    2013-10-10 10:05 . 2013-09-23 01:25    775256    ----a-w-    c:\program files\Internet Explorer\iexplore.exe
    2013-10-10 03:49 . 2013-07-04 12:50    633856    ----a-w-    c:\windows\system32\comctl32.dll
    2013-10-10 03:49 . 2013-07-04 11:50    530432    ----a-w-    c:\windows\SysWow64\comctl32.dll
    2013-10-10 03:49 . 2013-07-12 10:41    100864    ----a-w-    c:\windows\system32\drivers\usbcir.sys
    2013-10-10 03:49 . 2013-07-12 10:40    109824    ----a-w-    c:\windows\system32\drivers\USBAUDIO.sys
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-10-10 10:02 . 2011-07-08 00:34    80541720    ----a-w-    c:\windows\system32\MRT.exe
    2013-10-09 02:59 . 2012-04-12 10:18    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2013-10-09 02:59 . 2011-07-09 00:49    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-10-02 21:14 . 2013-10-02 21:14    58192    ----a-w-    c:\windows\system32\drivers\lsnfd.sys
    2013-09-25 03:29 . 2013-05-13 23:30    70112    ----a-w-    c:\windows\system32\drivers\cfwids.sys
    2013-09-25 03:25 . 2013-02-19 20:56    343568    ----a-w-    c:\windows\system32\drivers\mfewfpk.sys
    2013-09-25 03:25 . 2013-05-13 23:24    182752    ----a-w-    c:\windows\system32\mfevtps.exe
    2013-09-25 03:22 . 2013-02-19 20:54    781312    ----a-w-    c:\windows\system32\drivers\mfehidk.sys
    2013-09-25 03:21 . 2013-05-13 23:30    519192    ----a-w-    c:\windows\system32\drivers\mfefirek.sys
    2013-09-25 03:20 . 2013-05-13 23:30    310224    ----a-w-    c:\windows\system32\drivers\mfeavfk.sys
    2013-09-25 03:19 . 2013-02-19 20:52    179664    ----a-w-    c:\windows\system32\drivers\mfeapfk.sys
    2013-09-20 16:38 . 2013-09-20 16:38    10856    ----a-w-    c:\windows\system32\drivers\mfeclnrk.sys
    2013-09-20 16:38 . 2013-09-20 16:38    95984    ----a-w-    c:\windows\system32\drivers\mfencrk.sys
    2013-09-20 16:37 . 2013-09-20 16:37    390552    ----a-w-    c:\windows\system32\drivers\mfencbdc.sys
    2013-09-09 18:11 . 2013-05-13 23:30    74560    ----a-w-    c:\windows\system32\drivers\McPvDrv.sys
    2013-08-29 01:48 . 2013-10-10 03:48    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    .
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "GoogleChromeAutoLaunch_72A69F45706A1906C3BB8A81AA94F778"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-10-09 844752]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "jmekey"="c:\program files (x86)\jmesoft\hotkey.exe" [2009-07-16 114688]
    "Lenovo Eye Distance System"="c:\program files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe" [2010-09-09 265216]
    "Lenovo Dynamic Brightness System"="c:\program files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe" [2010-10-08 285696]
    "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 958576]
    "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
    "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
    .
    c:\users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Launch Utility Application.lnk - c:\users\Linda\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe [2012-8-31 903096]
    Monitor Ink Alerts - HP Officejet 4620 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN28V2412305RT;CONNECTION=USB;MONITOR=1; [2009-7-13 45568]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
    R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
    R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
    R3 ssmirrdr;ssmirrdr;c:\windows\system32\DRIVERS\ssmirrdr.sys;c:\windows\SYSNATIVE\DRIVERS\ssmirrdr.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
    S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
    S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys;c:\windows\SYSNATIVE\drivers\McPvDrv.sys [x]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
    S0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
    S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
    S1 MOBK400Filter;MOBK400Filter;c:\windows\system32\DRIVERS\MOBK400.sys;c:\windows\SYSNATIVE\DRIVERS\MOBK400.sys [x]
    S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
    S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
    S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
    S2 MOBK400backup;McAfee Online Backup;c:\program files (x86)\McAfee Online Backup\MOBK400backup.exe;c:\program files (x86)\McAfee Online Backup\MOBK400backup.exe [x]
    S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
    S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys;c:\windows\SYSNATIVE\DRIVERS\GeneStor.sys [x]
    S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
    S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2013-10-18 17:01    1185744    ----a-w-    c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-11-08 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 02:59]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK400]
    @="{73552f1f-bf89-9213-24d3-b502f837bb93}"
    [HKEY_CLASSES_ROOT\CLSID\{73552f1f-bf89-9213-24d3-b502f837bb93}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK4002]
    @="{81d6082a-73e9-8567-a371-6ad62982aca6}"
    [HKEY_CLASSES_ROOT\CLSID\{81d6082a-73e9-8567-a371-6ad62982aca6}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK4003]
    @="{44391887-365b-8585-2ab9-799a50b9ef5e}"
    [HKEY_CLASSES_ROOT\CLSID\{44391887-365b-8585-2ab9-799a50b9ef5e}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-18 167960]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-18 391704]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-18 417304]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-26 11543656]
    "UMonit"="c:\windows\SysWOW64\UMonit.exe" [2010-12-01 28672]
    "Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-05-19 114688]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm

    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <-loopback>
    Trusted Zone: microsoft.com\.windowsupdate
    Trusted Zone: windowsupdate.com
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\jeuc81t6.default-1383517261482\
    FF - ExtSQL: 2013-11-03 09:50; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files (x86)\McAfee\SiteAdvisor
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-10 - (no file)
    SafeBoot-34745535.sys
    SafeBoot-64969591.sys
    AddRemove-Browsersafeguard - c:\program files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe
    AddRemove-Linksicle - c:\program files (x86)\Linksicle\Uninstall.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
       00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2013-11-07  20:24:14
    ComboFix-quarantined-files.txt  2013-11-08 04:24
    .
    Pre-Run: 1,407,308,095,488 bytes free
    Post-Run: 1,407,242,588,160 bytes free
    .
    - - End Of File - - EA054749379D7D98E9EB8BC0DF4B9271
    A36C5E4F47E84449FF07ED3517B43A31

  7. Here is the log for SystemLook.............................

     

    SystemLook 30.07.11 by jpshortstuff
    Log created at 15:28 on 07/11/2013 by Linda
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "*Scorpion*"
    C:\temp\ScorpionSaver.msi    --a---- 3166208 bytes    [02:28 01/11/2013]    [02:28 01/11/2013] 834EAC4E8DCB1E25D97C86CD1C673F5B
    C:\Users\Linda\Pictures\Winter Pictures 2011-2012\Desert with Phacelia (scorpion weed) blooms every few years.jpg    --a---- 85432 bytes    [04:43 18/01/2012]    [04:43 18/01/2012] 9733A877CA4DAFA53A543B0D66238BFF

    Searching for "*Adpeak*"
    No files found.

    ========== folderfind ==========

    Searching for "*Scorpion*"
    C:\Program Files (x86)\ScorpionSaver    d------    [02:28 01/11/2013]

    Searching for "*Adpeak*"
    No folders found.

    ========== regfind ==========

    Searching for "Scorpion"
    [HKEY_CURRENT_USER\Software\Adpeak, Inc.\ScorpionSaver]
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\ScorpionSaver]
    [HKEY_CURRENT_USER\Software\ScorpionSaver]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8BA5CD9129705784F8B198C6A5C96EEA\SourceList]
    "PackageName"="scorpionsaver_20131010.msi"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A1F1E372A1B7C6347A384A8A9CA70D63]
    "ProductName"="ScorpionSaver"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A1F1E372A1B7C6347A384A8A9CA70D63\SourceList]
    "PackageName"="ScorpionSaver.msi"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Wow6432Node\CLSID\422332B5-F3A6-47F6-93EF-792299EF24DC]
    @="ScorpionSaver"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Wow6432Node\CLSID\422332B5-F3A6-47F6-93EF-792299EF24DC\InProcServer32]
    @="C:\Program Files(x86)\ScorpionSaver\IECore.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "c:\Program Files (x86)\ScorpionSaver\"=""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\ff_bootstrap.js"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\SendJson.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\CustomActionInstall"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="c:\Program Files (x86)\ScorpionSaver\IECore.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CD07F81309AB63E4D8592E422645EB73]
    "8BA5CD9129705784F8B198C6A5C96EEA"="01:\Software\AppDataLow\Software\ScorpionSaver\key"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A1F1E372A1B7C6347A384A8A9CA70D63\InstallProperties]
    "DisplayName"="ScorpionSaver"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}]
    "DisplayName"="ScorpionSaver"
    [HKEY_USERS\S-1-5-21-588712172-2151725499-4229388137-1001\Software\Adpeak, Inc.\ScorpionSaver]
    [HKEY_USERS\S-1-5-21-588712172-2151725499-4229388137-1001\Software\AppDataLow\Software\ScorpionSaver]
    [HKEY_USERS\S-1-5-21-588712172-2151725499-4229388137-1001\Software\ScorpionSaver]

    Searching for "Adpeak"
    [HKEY_CURRENT_USER\Software\Adpeak, Inc.]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937]
    "A1F1E372A1B7C6347A384A8A9CA70D63"="01:\Software\Adpeak, Inc.\ScorpionSaver\Chrome\"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8BA5CD9129705784F8B198C6A5C96EEA\InstallProperties]
    "Publisher"="Adpeak, Inc."
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A1F1E372A1B7C6347A384A8A9CA70D63\InstallProperties]
    "HelpLink"="http://www.adpeak.com/"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A1F1E372A1B7C6347A384A8A9CA70D63\InstallProperties]
    "Publisher"="Adpeak, Inc."
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}]
    "Publisher"="Adpeak, Inc."
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}]
    "HelpLink"="http://www.adpeak.com/"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}]
    "Publisher"="Adpeak, Inc."
    [HKEY_USERS\S-1-5-21-588712172-2151725499-4229388137-1001\Software\Adpeak, Inc.]

    -= EOF =-

  8. I've uninstalled Combofix and have downloaded and run OTCleanIt.  All of the programs and tools are gone from my desktop except for Security Check. 

     

    I went to my programs and I had removed ESET after the first time I used it.  In going through the programs list I noticed a program there and I'm wondering if it's a legitimate program.  It's called Scorpion Saver by Adpeak.  It was installed on October 31, 2013 during the time my computer had the virus/trojan.  Is this a program that I should uninstall?

     

    I want to thank you for all your help!   You've worked wonders for my computer!  Thank You!   :)

  9. Sorry it's taken so long to get back to this.  We had to make another long 140 mil round trip to the bank today and I'm just now getting online.  Here's the log from Security Check.  So far everything seems to be running smoothly.  I can now access the Google search engine, and I haven't had any alerts from McAfee.

     

    I was concerned about FireFox as I've had things show up in the "Add-Ons" and I've never subscribed to any add on features.  I had that Linsicle add on that turned words in my posts to links and that's now gone.  Yesterday, McAfee SiteAdvisor and a Mozilla programs called Default 25, a theme design program, showed up in the Add-Ons.  Today, the only item left is the McAfee SiteAdvisor, which I think is okay. 

     

     Results of screen317's Security Check version 0.99.76  
     Windows 7 Service Pack 1 x64 (UAC is enabled)  
     Internet Explorer 10  
    ``````````````Antivirus/Firewall Check:``````````````
     Windows Firewall Enabled!  
    McAfee Anti-Virus and Anti-Spyware   
     WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
     Malwarebytes Anti-Malware version 1.75.0.1300  
     JavaFX 2.1.1    
     Java 7 Update 45  
     Adobe Flash Player 11.9.900.117  
     Adobe Reader 10.1.8 Adobe Reader out of Date!  
     Mozilla Firefox (25.0)
     Google Chrome 30.0.1599.101  
     Google Chrome 30.0.1599.69  
    ````````Process Check: objlist.exe by Laurent````````  
     Malwarebytes Anti-Malware mbamservice.exe  
     Malwarebytes Anti-Malware mbamgui.exe  
     Malwarebytes' Anti-Malware mbamscheduler.exe   
     McAfee Online Backup MOBK400backup.exe   
    `````````````````System Health check`````````````````
     Total Fragmentation on Drive C: 0%
    ````````````````````End of Log`````

  10. Here's the Combofix log............................

     

    ComboFix 13-11-04.01 - Linda 11/05/2013  22:34:28.2.4 - x64
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5992.3938 [GMT -8:00]
    Running from: c:\users\Linda\Desktop\ComboFix.exe
    AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     * Created a new restore point
    .
    .
    (((((((((((((((((((((((((   Files Created from 2013-10-06 to 2013-11-06  )))))))))))))))))))))))))))))))
    .
    .
    2013-11-06 06:37 . 2013-11-06 06:37    --------    d-----w-    c:\users\Default\AppData\Local\temp
    2013-11-01 02:28 . 2013-11-01 02:28    --------    d-----w-    c:\program files (x86)\ScorpionSaver
    2013-11-01 02:28 . 2013-11-01 02:28    --------    d-----w-    c:\program files (x86)\Level Quality Watcher
    2013-11-01 01:42 . 2013-11-01 01:42    --------    d-----w-    c:\windows\ERUNT
    2013-10-31 06:23 . 2013-10-31 06:51    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
    2013-10-31 06:23 . 2013-10-31 06:40    116440    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
    2013-10-31 06:18 . 2013-10-31 06:39    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
    2013-10-31 04:09 . 2013-10-31 04:32    --------    d-----w-    c:\users\Linda\AppData\Roaming\U3
    2013-10-30 19:41 . 2013-10-30 19:41    --------    d-----w-    c:\users\Linda\AppData\Roaming\Malwarebytes
    2013-10-30 19:40 . 2013-10-30 19:40    --------    d-----w-    c:\programdata\Malwarebytes
    2013-10-30 19:40 . 2013-10-30 19:41    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
    2013-10-30 19:40 . 2013-04-04 21:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
    2013-10-30 19:40 . 2013-10-30 19:40    --------    d-----w-    c:\users\Linda\AppData\Local\Programs
    2013-10-30 04:39 . 2013-10-30 04:39    --------    d-----w-    c:\programdata\Oracle
    2013-10-30 04:39 . 2013-10-30 04:39    --------    d-----w-    c:\program files (x86)\Common Files\Java
    2013-10-30 04:38 . 2013-10-30 04:38    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-10-30 04:38 . 2013-10-30 04:38    --------    d-----w-    c:\program files (x86)\Java
    2013-10-29 20:56 . 2013-10-29 20:56    --------    d--h--w-    c:\programdata\Common Files
    2013-10-22 01:10 . 2013-10-22 01:10    --------    d-----w-    c:\program files\McAfee Security Scan
    2013-10-16 03:02 . 2013-09-23 20:49    197704    ----a-w-    c:\windows\system32\drivers\HipShieldK.sys
    2013-10-10 23:58 . 2013-10-10 23:58    --------    d-----w-    c:\users\Linda\AppData\Local\McAfee File Lock
    2013-10-10 10:05 . 2013-09-23 01:25    775256    ----a-w-    c:\program files\Internet Explorer\iexplore.exe
    2013-10-10 03:49 . 2013-07-04 12:50    633856    ----a-w-    c:\windows\system32\comctl32.dll
    2013-10-10 03:49 . 2013-07-04 11:50    530432    ----a-w-    c:\windows\SysWow64\comctl32.dll
    2013-10-10 03:49 . 2013-07-12 10:41    100864    ----a-w-    c:\windows\system32\drivers\usbcir.sys
    2013-10-10 03:49 . 2013-07-12 10:40    109824    ----a-w-    c:\windows\system32\drivers\USBAUDIO.sys
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-10-10 10:02 . 2011-07-08 00:34    80541720    ----a-w-    c:\windows\system32\MRT.exe
    2013-10-09 02:59 . 2012-04-12 10:18    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2013-10-09 02:59 . 2011-07-09 00:49    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-10-02 21:14 . 2013-10-02 21:14    58192    ----a-w-    c:\windows\system32\drivers\lsnfd.sys
    2013-09-25 03:29 . 2013-05-13 23:30    70112    ----a-w-    c:\windows\system32\drivers\cfwids.sys
    2013-09-25 03:25 . 2013-02-19 20:56    343568    ----a-w-    c:\windows\system32\drivers\mfewfpk.sys
    2013-09-25 03:25 . 2013-05-13 23:24    182752    ----a-w-    c:\windows\system32\mfevtps.exe
    2013-09-25 03:22 . 2013-02-19 20:54    781312    ----a-w-    c:\windows\system32\drivers\mfehidk.sys
    2013-09-25 03:21 . 2013-05-13 23:30    519192    ----a-w-    c:\windows\system32\drivers\mfefirek.sys
    2013-09-25 03:20 . 2013-05-13 23:30    310224    ----a-w-    c:\windows\system32\drivers\mfeavfk.sys
    2013-09-25 03:19 . 2013-02-19 20:52    179664    ----a-w-    c:\windows\system32\drivers\mfeapfk.sys
    2013-09-20 16:38 . 2013-09-20 16:38    10856    ----a-w-    c:\windows\system32\drivers\mfeclnrk.sys
    2013-09-20 16:38 . 2013-09-20 16:38    95984    ----a-w-    c:\windows\system32\drivers\mfencrk.sys
    2013-09-20 16:37 . 2013-09-20 16:37    390552    ----a-w-    c:\windows\system32\drivers\mfencbdc.sys
    2013-09-09 18:11 . 2013-05-13 23:30    74560    ----a-w-    c:\windows\system32\drivers\McPvDrv.sys
    2013-08-29 01:48 . 2013-10-10 03:48    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    .
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "jmekey"="c:\program files (x86)\jmesoft\hotkey.exe" [2009-07-16 114688]
    "Lenovo Eye Distance System"="c:\program files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe" [2010-09-09 265216]
    "Lenovo Dynamic Brightness System"="c:\program files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe" [2010-10-08 285696]
    "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 958576]
    "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
    "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
    .
    c:\users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Launch Utility Application.lnk - c:\users\Linda\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe [2012-8-31 903096]
    Monitor Ink Alerts - HP Officejet 4620 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN28V2412305RT;CONNECTION=USB;MONITOR=1; [2009-7-13 45568]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
    R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
    R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
    R3 ssmirrdr;ssmirrdr;c:\windows\system32\DRIVERS\ssmirrdr.sys;c:\windows\SYSNATIVE\DRIVERS\ssmirrdr.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
    S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
    S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys;c:\windows\SYSNATIVE\drivers\McPvDrv.sys [x]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
    S0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
    S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
    S1 MOBK400Filter;MOBK400Filter;c:\windows\system32\DRIVERS\MOBK400.sys;c:\windows\SYSNATIVE\DRIVERS\MOBK400.sys [x]
    S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
    S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
    S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
    S2 MOBK400backup;McAfee Online Backup;c:\program files (x86)\McAfee Online Backup\MOBK400backup.exe;c:\program files (x86)\McAfee Online Backup\MOBK400backup.exe [x]
    S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
    S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys;c:\windows\SYSNATIVE\DRIVERS\GeneStor.sys [x]
    S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
    S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2013-10-18 17:01    1185744    ----a-w-    c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-11-06 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 02:59]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK400]
    @="{73552f1f-bf89-9213-24d3-b502f837bb93}"
    [HKEY_CLASSES_ROOT\CLSID\{73552f1f-bf89-9213-24d3-b502f837bb93}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK4002]
    @="{81d6082a-73e9-8567-a371-6ad62982aca6}"
    [HKEY_CLASSES_ROOT\CLSID\{81d6082a-73e9-8567-a371-6ad62982aca6}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK4003]
    @="{44391887-365b-8585-2ab9-799a50b9ef5e}"
    [HKEY_CLASSES_ROOT\CLSID\{44391887-365b-8585-2ab9-799a50b9ef5e}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-18 167960]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-18 391704]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-18 417304]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-26 11543656]
    "UMonit"="c:\windows\SysWOW64\UMonit.exe" [2010-12-01 28672]
    "Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-05-19 114688]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm

    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <-loopback>
    Trusted Zone: microsoft.com\.windowsupdate
    Trusted Zone: windowsupdate.com
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\jeuc81t6.default-1383517261482\
    FF - ExtSQL: 2013-11-03 09:50; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files (x86)\McAfee\SiteAdvisor
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-10 - (no file)
    SafeBoot-34745535.sys
    SafeBoot-64969591.sys
    AddRemove-Browsersafeguard - c:\program files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe
    AddRemove-Linksicle - c:\program files (x86)\Linksicle\Uninstall.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
       00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2013-11-05  22:39:24
    ComboFix-quarantined-files.txt  2013-11-06 06:39
    ComboFix2.txt  2013-11-05 04:20
    .
    Pre-Run: 1,407,967,416,320 bytes free
    Post-Run: 1,407,896,870,912 bytes free
    .
    - - End Of File - - E79E5071FD6D2D0AFFBAD311A67DF618
    A36C5E4F47E84449FF07ED3517B43A31

  11. Here is the fixlist log.............................

     

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013
    Ran by Linda at 2013-11-05 20:14:48 Run:1
    Running from C:\Users\Linda\Desktop
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    HKCU\...\Run: [browserSafeguard] - C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [573952 2013-10-29] (BrowserSafeguard)
    C:\Program Files (x86)\Browsersafeguard
    HKCU\...\Run: [GoogleChromeAutoLaunch_72A69F45706A1906C3BB8A81AA94F778] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-08] (Google Inc.)
    HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    ProxyEnable: Internet Explorer proxy is enabled.
    ProxyServer: http=127.0.0.1:49163;https=127.0.0.1:49163
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
    FF Extension: Linksicle - C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
    FF Extension: Linksicle - C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
    CHR Extension: (Linksicle) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohhkpbcblcpnaghfmnkfangnkkagacg\1.8.2.0_0
    R1 lsnfd; C:\Windows\System32\drivers\lsnfd.sys [58192 2013-10-02] (Linksicle)
    C:\Users\Linda\Downloads\JRT(2).exe
    C:\Users\Linda\Downloads\JRT(1).exe
    C:\Users\Linda\Downloads\mbar-1.07.0.1007(1).exe
    C:\Users\Linda\Downloads\dds(2).com
    C:\Users\Linda\Downloads\dds(1).com
    C:\Users\Linda\AppData\Local\Temp\{907F5CBA-2CCF-4C53-9258-32861164B423}.exe

    *****************

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BrowserSafeguard => Value deleted successfully.
    C:\Program Files (x86)\Browsersafeguard => Moved successfully.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_72A69F45706A1906C3BB8A81AA94F778 => Value deleted successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
    HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5} => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5} => Key not found.
    C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com => Moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com not found.
    C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohhkpbcblcpnaghfmnkfangnkkagacg => Moved successfully.
    lsnfd => Service deleted successfully.
    C:\Users\Linda\Downloads\JRT(2).exe => Moved successfully.
    C:\Users\Linda\Downloads\JRT(1).exe => Moved successfully.
    C:\Users\Linda\Downloads\mbar-1.07.0.1007(1).exe => Moved successfully.
    C:\Users\Linda\Downloads\dds(2).com => Moved successfully.
    C:\Users\Linda\Downloads\dds(1).com => Moved successfully.
    C:\Users\Linda\AppData\Local\Temp\{907F5CBA-2CCF-4C53-9258-32861164B423}.exe => Moved successfully.


    The system needs a manual reboot.

    ==== End of Fixlog ====

  12. I posted the Addition log above.  This is the Farbar Recovery Scan Tool.  I download both versions of the FRST.txt, but only the 64 bit would run on my computer.  I realized after I did the scan that my antivirus was on.  Was I supposed to turn it off?

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
    Ran by Linda (administrator) on LINDA-PC on 05-11-2013 14:52:37
    Running from C:\Users\Linda\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
    (McAfee, Inc.) C:\windows\system32\mfevtps.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    () C:\Windows\SysWOW64\UMonit.exe
    (BrowserSafeguard) C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
    (Samsung Electronics Co. Ltd.) C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
    (JME) C:\Program Files (x86)\jmesoft\hotkey.exe
    (Lenovo) C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
    (Lenovo) C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
    (Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBK400backup.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBK400backup.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
    (McAfee, Inc.) C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
    (McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
    HKLM\...\Run: [uMonit] - C:\Windows\SysWOW64\UMonit.exe [28672 2010-11-30] ()
    HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-05-19] (Lenovo)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKCU\...\Run: [browserSafeguard] - C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [573952 2013-10-29] (BrowserSafeguard)
    HKCU\...\Run: [GoogleChromeAutoLaunch_72A69F45706A1906C3BB8A81AA94F778] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-08] (Google Inc.)
    HKLM-x32\...\Run: [jmekey] - C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
    HKLM-x32\...\Run: [Lenovo Eye Distance System] - C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
    HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] - C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
    HKLM-x32\...\Run: [updatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2012-12-02] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
    HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
    HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    Startup: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Utility Application.lnk
    ShortcutTarget: Launch Utility Application.lnk -> C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe (Samsung Electronics Co. Ltd.)
    Startup: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 4620 series.lnk
    ShortcutTarget: Monitor Ink Alerts - HP Officejet 4620 series.lnk -> C:\Program Files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)

    ==================== Internet (Whitelisted) ====================

    ProxyEnable: Internet Explorer proxy is enabled.
    ProxyServer: http=127.0.0.1:49163;https=127.0.0.1:49163
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\jeuc81t6.default-1383517261482
    FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
    FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
    FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
    FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
    FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
    FF Extension: Linksicle - C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF HKLM-x32\...\Firefox\Extensions: [linksicle@linksicle.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
    FF Extension: Linksicle - C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK

    Chrome:
    =======


    CHR DefaultSearchURL: (McAfee) - http://search.yahoo.com/search?fr=mcafee&p={searchTerms}
    CHR DefaultSuggestURL: (McAfee) -       "suggest_url": "",
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
    CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll ()
    CHR Extension: (SiteAdvisor) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271_0
    CHR Extension: (Linksicle) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohhkpbcblcpnaghfmnkfangnkkagacg\1.8.2.0_0
    CHR Extension: (Google Wallet) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
    CHR Extension: (Scorpion Saver) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
    CHR HKLM-x32\...\Chrome\Extension: [gohhkpbcblcpnaghfmnkfangnkkagacg] - C:\Program Files (x86)\Linksicle\Chrome\gohhkpbcblcpnaghfmnkfangnkkagacg.crx

    ==================== Services (Whitelisted) =================

    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
    R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-09-24] (McAfee, Inc.)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-09-24] (McAfee, Inc.)
    R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-09-24] (McAfee, Inc.)
    R2 MOBK400backup; C:\Program Files (x86)\McAfee Online Backup\MOBK400backup.exe [231224 2010-06-01] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

    ==================== Drivers (Whitelisted) ====================

    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-09-24] (McAfee, Inc.)
    R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [57856 2010-12-16] (GenesysLogic)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
    R1 lsnfd; C:\Windows\System32\drivers\lsnfd.sys [58192 2013-10-02] (Linksicle)
    R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
    R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-09-24] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-09-24] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519192 2013-09-24] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [781312 2013-09-24] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-09-24] (McAfee, Inc.)
    R1 MOBK400Filter; C:\Windows\System32\DRIVERS\MOBK400.sys [66040 2010-06-01] (Mozy, Inc.)
    S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-06-10] (support.com, Inc)
    R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
    R0 WinI2C-DDC; C:\Windows\SysWow64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    S3 catchme; \??\C:\ComboFix\catchme.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-11-05 14:52 - 2013-11-05 14:52 - 00000000 ____D C:\FRST
    2013-11-05 14:51 - 2013-11-05 14:51 - 01957098 _____ (Farbar) C:\Users\Linda\Desktop\FRST64.exe
    2013-11-05 14:50 - 2013-11-05 14:50 - 01089445 _____ (Farbar) C:\Users\Linda\Desktop\FRST.exe
    2013-11-05 11:58 - 2013-11-05 11:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-11-05 10:41 - 2013-11-05 10:42 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Linda\Desktop\tdsskiller.exe
    2013-11-04 20:20 - 2013-11-04 20:20 - 00022067 _____ C:\ComboFix.txt
    2013-11-04 20:13 - 2013-11-04 20:20 - 00000000 ____D C:\Qoobox
    2013-11-04 20:13 - 2013-11-04 20:19 - 00000000 ____D C:\windows\erdnt
    2013-11-04 20:13 - 2011-06-25 22:45 - 00256000 _____ C:\windows\PEV.exe
    2013-11-04 20:13 - 2010-11-07 09:20 - 00208896 _____ C:\windows\MBR.exe
    2013-11-04 20:13 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
    2013-11-04 20:13 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
    2013-11-04 20:13 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
    2013-11-04 20:13 - 2000-08-30 16:00 - 00098816 _____ C:\windows\sed.exe
    2013-11-04 20:13 - 2000-08-30 16:00 - 00080412 _____ C:\windows\grep.exe
    2013-11-04 20:13 - 2000-08-30 16:00 - 00068096 _____ C:\windows\zip.exe
    2013-11-04 20:11 - 2013-11-04 20:11 - 05143677 ____R (Swearware) C:\Users\Linda\Desktop\ComboFix.exe
    2013-11-04 17:27 - 2013-11-04 17:27 - 00359085 _____ (Farbar) C:\Users\Linda\Desktop\FSS.exe
    2013-11-03 14:18 - 2013-11-03 14:18 - 00659968 _____ C:\Users\Linda\Desktop\MicrosoftFixit50195.msi
    2013-11-03 13:58 - 2013-11-03 13:58 - 00448512 _____ (OldTimer Tools) C:\Users\Linda\Desktop\TFC.exe
    2013-10-31 21:22 - 2013-10-31 21:29 - 00043782 _____ C:\Users\Linda\Downloads\FRST.txt
    2013-10-31 21:22 - 2013-10-31 21:22 - 00018836 _____ C:\Users\Linda\Downloads\Addition.txt
    2013-10-31 19:12 - 2013-10-31 19:12 - 01060070 _____ C:\Users\Linda\Downloads\AdwCleaner.exe
    2013-10-31 18:28 - 2013-10-31 18:28 - 00000258 __RSH C:\Users\Linda\ntuser.pol
    2013-10-31 18:28 - 2013-10-31 18:28 - 00000000 ____D C:\Program Files (x86)\ScorpionSaver
    2013-10-31 18:28 - 2013-10-31 18:28 - 00000000 ____D C:\Program Files (x86)\Level Quality Watcher
    2013-10-31 18:28 - 2013-10-31 18:28 - 00000000 ____D C:\Program Files (x86)\Browsersafeguard
    2013-10-31 18:27 - 2013-10-31 18:27 - 00000000 ____D C:\ProgramData\Real
    2013-10-31 17:42 - 2013-10-31 17:42 - 00000000 ____D C:\windows\ERUNT
    2013-10-31 17:41 - 2013-10-31 17:41 - 01033335 _____ (Thisisu) C:\Users\Linda\Downloads\JRT(2).exe
    2013-10-31 17:41 - 2013-10-31 17:41 - 01033335 _____ (Thisisu) C:\Users\Linda\Downloads\JRT(1).exe
    2013-10-31 17:21 - 2013-10-31 17:21 - 01033335 _____ (Thisisu) C:\Users\Linda\Downloads\JRT.exe
    2013-10-30 22:38 - 2013-10-30 22:38 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Linda\Downloads\mbar-1.07.0.1007(1).exe
    2013-10-30 22:23 - 2013-10-30 22:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2013-10-30 22:23 - 2013-10-30 22:40 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2013-10-30 22:18 - 2013-10-30 22:51 - 00000000 ____D C:\Users\Linda\Desktop\mbar
    2013-10-30 22:18 - 2013-10-30 22:39 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
    2013-10-30 22:18 - 2013-10-30 22:18 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Linda\Downloads\mbar-1.07.0.1007.exe
    2013-10-30 20:52 - 2013-10-30 20:52 - 00688992 ____R (Swearware) C:\Users\Linda\Downloads\dds(2).com
    2013-10-30 20:51 - 2013-10-30 20:50 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds(1).com
    2013-10-30 20:47 - 2013-10-30 20:46 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds.com
    2013-10-30 20:43 - 2013-10-30 20:43 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds.scr
    2013-10-30 20:09 - 2013-10-30 20:32 - 00000000 ____D C:\Users\Linda\AppData\Roaming\U3
    2013-10-30 11:41 - 2013-10-30 11:41 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-10-30 11:41 - 2013-10-30 11:41 - 00000000 ____D C:\Users\Linda\AppData\Roaming\Malwarebytes
    2013-10-30 11:40 - 2013-10-30 11:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-10-30 11:40 - 2013-10-30 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes
    2013-10-30 11:40 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
    2013-10-30 11:38 - 2013-10-30 11:38 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Linda\Downloads\mbam-setup-1.75.0.1300(3).exe
    2013-10-30 11:37 - 2013-10-30 11:37 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Linda\Downloads\mbam-setup-1.75.0.1300(2).exe
    2013-10-30 11:37 - 2013-10-30 11:37 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Linda\Downloads\mbam-setup-1.75.0.1300(1).exe
    2013-10-30 11:34 - 2013-10-30 11:19 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Linda\Downloads\mbam-setup-1.75.0.1300.exe
    2013-10-29 20:39 - 2013-10-29 20:39 - 00000000 ____D C:\ProgramData\Oracle
    2013-10-29 20:38 - 2013-10-29 20:38 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
    2013-10-29 20:38 - 2013-10-29 20:38 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
    2013-10-29 20:38 - 2013-10-29 20:38 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
    2013-10-29 20:38 - 2013-10-29 20:38 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-10-29 20:38 - 2013-10-29 20:38 - 00000000 ____D C:\Program Files (x86)\Java
    2013-10-29 12:59 - 2013-10-29 13:01 - 372627488 _____ C:\Users\Linda\Documents\American Blackout 2013 National Geographic.mp4
    2013-10-21 17:10 - 2013-10-21 17:10 - 00000000 ____D C:\Program Files\McAfee Security Scan
    2013-10-15 19:02 - 2013-09-23 12:49 - 00197704 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys
    2013-10-10 15:58 - 2013-10-10 15:58 - 00000000 ____D C:\Users\Linda\AppData\Local\McAfee File Lock
    2013-10-10 02:06 - 2013-09-22 15:27 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2013-10-10 02:06 - 2013-09-22 15:27 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
    2013-10-10 02:06 - 2013-09-22 15:27 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
    2013-10-10 02:06 - 2013-09-22 15:27 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
    2013-10-10 02:06 - 2013-09-22 14:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2013-10-10 02:06 - 2013-09-22 14:54 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2013-10-10 02:06 - 2013-09-22 14:54 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
    2013-10-10 02:06 - 2013-09-22 14:54 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
    2013-10-10 02:06 - 2013-09-20 19:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
    2013-10-10 02:06 - 2013-09-20 19:30 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
    2013-10-10 02:06 - 2013-09-20 18:39 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
    2013-10-10 02:05 - 2013-09-22 15:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2013-10-10 02:05 - 2013-09-22 15:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2013-10-10 02:05 - 2013-09-22 15:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2013-10-10 02:05 - 2013-09-22 15:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2013-10-10 02:05 - 2013-09-22 15:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2013-10-10 02:05 - 2013-09-22 15:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2013-10-10 02:05 - 2013-09-22 15:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
    2013-10-10 02:05 - 2013-09-22 15:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2013-10-10 02:05 - 2013-09-22 15:27 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
    2013-10-10 02:05 - 2013-09-22 14:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2013-10-10 02:05 - 2013-09-22 14:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2013-10-10 02:05 - 2013-09-22 14:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2013-10-10 02:05 - 2013-09-22 14:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2013-10-10 02:05 - 2013-09-22 14:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2013-10-10 02:05 - 2013-09-22 14:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2013-10-10 02:05 - 2013-09-22 14:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
    2013-10-10 02:05 - 2013-09-22 14:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2013-10-10 02:05 - 2013-09-22 14:54 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
    2013-10-10 02:05 - 2013-09-22 14:54 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
    2013-10-10 02:05 - 2013-09-20 18:48 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
    2013-10-09 19:49 - 2013-07-12 02:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
    2013-10-09 19:49 - 2013-07-12 02:40 - 00109824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
    2013-10-09 19:49 - 2013-07-04 04:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
    2013-10-09 19:49 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
    2013-10-09 19:48 - 2013-09-13 17:10 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
    2013-10-09 19:48 - 2013-09-07 18:30 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
    2013-10-09 19:48 - 2013-09-07 18:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
    2013-10-09 19:48 - 2013-09-07 18:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
    2013-10-09 19:48 - 2013-08-28 18:17 - 05549504 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
    2013-10-09 19:48 - 2013-08-28 18:16 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
    2013-10-09 19:48 - 2013-08-28 18:16 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
    2013-10-09 19:48 - 2013-08-28 18:16 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
    2013-10-09 19:48 - 2013-08-28 18:13 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
    2013-10-09 19:48 - 2013-08-28 17:51 - 03969472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
    2013-10-09 19:48 - 2013-08-28 17:51 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
    2013-10-09 19:48 - 2013-08-28 17:50 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
    2013-10-09 19:48 - 2013-08-28 17:50 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
    2013-10-09 19:48 - 2013-08-28 17:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
    2013-10-09 19:48 - 2013-08-28 17:48 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
    2013-10-09 19:48 - 2013-08-28 16:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
    2013-10-09 19:48 - 2013-08-28 16:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
    2013-10-09 19:48 - 2013-08-28 16:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
    2013-10-09 19:48 - 2013-08-28 16:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
    2013-10-09 19:48 - 2013-08-27 17:21 - 03155968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2013-10-09 19:48 - 2013-08-27 17:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
    2013-10-09 19:48 - 2013-08-01 04:09 - 00983488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
    2013-10-09 19:48 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2013-10-09 19:48 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2013-10-09 19:48 - 2013-07-04 04:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
    2013-10-09 19:48 - 2013-07-04 04:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
    2013-10-09 19:48 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
    2013-10-09 19:48 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
    2013-10-09 19:48 - 2013-07-04 02:11 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
    2013-10-09 19:48 - 2013-07-02 20:40 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
    2013-10-09 19:48 - 2013-07-02 20:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
    2013-10-09 19:48 - 2013-07-02 20:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
    2013-10-09 19:48 - 2013-06-25 14:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
    2013-10-09 19:48 - 2013-06-05 21:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
    2013-10-09 19:48 - 2013-06-05 21:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
    2013-10-09 19:48 - 2013-06-05 21:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
    2013-10-09 19:48 - 2013-06-05 21:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
    2013-10-09 19:48 - 2013-06-05 20:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
    2013-10-09 19:48 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
    2013-10-09 19:48 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
    2013-10-09 19:48 - 2013-06-05 19:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
    2013-10-09 19:48 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
    2013-10-09 19:48 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll

    ==================== One Month Modified Files and Folders =======

    2013-11-05 14:52 - 2013-11-05 14:52 - 00000000 ____D C:\FRST
    2013-11-05 14:51 - 2013-11-05 14:51 - 01957098 _____ (Farbar) C:\Users\Linda\Desktop\FRST64.exe
    2013-11-05 14:50 - 2013-11-05 14:50 - 01089445 _____ (Farbar) C:\Users\Linda\Desktop\FRST.exe
    2013-11-05 14:13 - 2011-05-18 19:57 - 01211491 _____ C:\windows\WindowsUpdate.log
    2013-11-05 13:59 - 2012-06-11 23:16 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
    2013-11-05 12:21 - 2009-07-13 20:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-11-05 12:21 - 2009-07-13 20:45 - 00020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-11-05 12:18 - 2013-05-13 15:31 - 00001844 _____ C:\Users\Public\Desktop\McAfee Total Protection.lnk
    2013-11-05 12:18 - 2012-04-26 00:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2013-11-05 12:18 - 2009-07-13 21:13 - 00726444 _____ C:\windows\system32\PerfStringBackup.INI
    2013-11-05 12:15 - 2011-07-07 16:05 - 00000000 __RSD C:\Users\Linda\Documents\McAfee Vaults
    2013-11-05 12:14 - 2012-10-07 18:18 - 00000000 ____D C:\Users\Public\Documents\Verizon_Android
    2013-11-05 12:14 - 2011-05-19 08:29 - 00135181 _____ C:\windows\system32\fastboot.set
    2013-11-05 12:13 - 2009-07-13 21:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
    2013-11-05 12:13 - 2009-07-13 20:51 - 00060109 _____ C:\windows\setupact.log
    2013-11-05 11:58 - 2013-11-05 11:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-11-05 10:42 - 2013-11-05 10:41 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Linda\Desktop\tdsskiller.exe
    2013-11-04 20:25 - 2010-11-20 19:47 - 00087906 _____ C:\windows\PFRO.log
    2013-11-04 20:20 - 2013-11-04 20:20 - 00022067 _____ C:\ComboFix.txt
    2013-11-04 20:20 - 2013-11-04 20:13 - 00000000 ____D C:\Qoobox
    2013-11-04 20:19 - 2013-11-04 20:13 - 00000000 ____D C:\windows\erdnt
    2013-11-04 20:19 - 2011-07-08 15:38 - 00000000 ____D C:\Users\Linda
    2013-11-04 20:19 - 2009-07-13 18:34 - 00000215 _____ C:\windows\system.ini
    2013-11-04 20:11 - 2013-11-04 20:11 - 05143677 ____R (Swearware) C:\Users\Linda\Desktop\ComboFix.exe
    2013-11-04 17:27 - 2013-11-04 17:27 - 00359085 _____ (Farbar) C:\Users\Linda\Desktop\FSS.exe
    2013-11-03 14:21 - 2012-11-17 15:21 - 00000000 ____D C:\Users\Linda\Desktop\Old Firefox Data
    2013-11-03 14:18 - 2013-11-03 14:18 - 00659968 _____ C:\Users\Linda\Desktop\MicrosoftFixit50195.msi
    2013-11-03 13:58 - 2013-11-03 13:58 - 00448512 _____ (OldTimer Tools) C:\Users\Linda\Desktop\TFC.exe
    2013-10-31 21:29 - 2013-10-31 21:22 - 00043782 _____ C:\Users\Linda\Downloads\FRST.txt
    2013-10-31 21:22 - 2013-10-31 21:22 - 00018836 _____ C:\Users\Linda\Downloads\Addition.txt
    2013-10-31 19:12 - 2013-10-31 19:12 - 01060070 _____ C:\Users\Linda\Downloads\AdwCleaner.exe
    2013-10-31 18:28 - 2013-10-31 18:28 - 00000258 __RSH C:\Users\Linda\ntuser.pol
    2013-10-31 18:28 - 2013-10-31 18:28 - 00000000 ____D C:\Program Files (x86)\ScorpionSaver
    2013-10-31 18:28 - 2013-10-31 18:28 - 00000000 ____D C:\Program Files (x86)\Level Quality Watcher
    2013-10-31 18:28 - 2013-10-31 18:28 - 00000000 ____D C:\Program Files (x86)\Browsersafeguard
    2013-10-31 18:28 - 2009-07-13 19:20 - 00000000 ___HD C:\windows\system32\GroupPolicy
    2013-10-31 18:28 - 2009-07-13 19:20 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
    2013-10-31 18:27 - 2013-10-31 18:27 - 00000000 ____D C:\ProgramData\Real
    2013-10-31 18:02 - 2009-07-13 19:20 - 00000000 ____D C:\windows\system32\NDF
    2013-10-31 17:42 - 2013-10-31 17:42 - 00000000 ____D C:\windows\ERUNT
    2013-10-31 17:41 - 2013-10-31 17:41 - 01033335 _____ (Thisisu) C:\Users\Linda\Downloads\JRT(2).exe
    2013-10-31 17:41 - 2013-10-31 17:41 - 01033335 _____ (Thisisu) C:\Users\Linda\Downloads\JRT(1).exe
    2013-10-31 17:21 - 2013-10-31 17:21 - 01033335 _____ (Thisisu) C:\Users\Linda\Downloads\JRT.exe
    2013-10-30 22:51 - 2013-10-30 22:23 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2013-10-30 22:51 - 2013-10-30 22:18 - 00000000 ____D C:\Users\Linda\Desktop\mbar
    2013-10-30 22:40 - 2013-10-30 22:23 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2013-10-30 22:39 - 2013-10-30 22:18 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
    2013-10-30 22:38 - 2013-10-30 22:38 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Linda\Downloads\mbar-1.07.0.1007(1).exe
    2013-10-30 22:18 - 2013-10-30 22:18 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Linda\Downloads\mbar-1.07.0.1007.exe
    2013-10-30 20:52 - 2013-10-30 20:52 - 00688992 ____R (Swearware) C:\Users\Linda\Downloads\dds(2).com
    2013-10-30 20:50 - 2013-10-30 20:51 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds(1).com
    2013-10-30 20:46 - 2013-10-30 20:47 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds.com
    2013-10-30 20:43 - 2013-10-30 20:43 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds.scr
    2013-10-30 20:32 - 2013-10-30 20:09 - 00000000 ____D C:\Users\Linda\AppData\Roaming\U3
    2013-10-30 14:02 - 2013-05-13 15:29 - 00000000 ____D C:\Program Files (x86)\McAfee
    2013-10-30 11:41 - 2013-10-30 11:41 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-10-30 11:41 - 2013-10-30 11:41 - 00000000 ____D C:\Users\Linda\AppData\Roaming\Malwarebytes
    2013-10-30 11:41 - 2013-10-30 11:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-10-30 11:40 - 2013-10-30 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes
    2013-10-30 11:38 - 2013-10-30 11:38 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Linda\Downloads\mbam-setup-1.75.0.1300(3).exe
    2013-10-30 11:37 - 2013-10-30 11:37 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Linda\Downloads\mbam-setup-1.75.0.1300(2).exe
    2013-10-30 11:37 - 2013-10-30 11:37 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Linda\Downloads\mbam-setup-1.75.0.1300(1).exe
    2013-10-30 11:19 - 2013-10-30 11:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Linda\Downloads\mbam-setup-1.75.0.1300.exe
    2013-10-29 20:39 - 2013-10-29 20:39 - 00000000 ____D C:\ProgramData\Oracle
    2013-10-29 20:38 - 2013-10-29 20:38 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
    2013-10-29 20:38 - 2013-10-29 20:38 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
    2013-10-29 20:38 - 2013-10-29 20:38 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
    2013-10-29 20:38 - 2013-10-29 20:38 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-10-29 20:38 - 2013-10-29 20:38 - 00000000 ____D C:\Program Files (x86)\Java
    2013-10-29 13:01 - 2013-10-29 12:59 - 372627488 _____ C:\Users\Linda\Documents\American Blackout 2013 National Geographic.mp4
    2013-10-24 17:04 - 2008-12-08 23:02 - 00000000 ____D C:\Users\Linda\Documents\Thomas Blaine Simpson
    2013-10-24 17:04 - 2005-09-12 22:17 - 00000000 ____D C:\Users\Linda\Documents\Telephone Numbers & Addresses
    2013-10-24 17:03 - 2010-01-31 12:31 - 00000000 ____D C:\Users\Linda\Documents\Tom Simpson
    2013-10-21 17:10 - 2013-10-21 17:10 - 00000000 ____D C:\Program Files\McAfee Security Scan
    2013-10-21 17:10 - 2012-08-27 14:59 - 00001931 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2013-10-18 09:02 - 2011-05-19 08:28 - 00002183 _____ C:\Users\Public\Desktop\Internet Browser.lnk
    2013-10-15 18:56 - 2011-07-07 16:04 - 00000000 ____D C:\Program Files\Common Files\McAfee
    2013-10-11 10:30 - 2011-05-19 08:26 - 00000000 ____D C:\ProgramData\McAfee
    2013-10-10 15:58 - 2013-10-10 15:58 - 00000000 ____D C:\Users\Linda\AppData\Local\McAfee File Lock
    2013-10-10 13:41 - 2009-07-13 19:20 - 00000000 ____D C:\windows\rescache
    2013-10-10 02:24 - 2009-07-13 20:45 - 00428512 _____ C:\windows\system32\FNTCACHE.DAT
    2013-10-10 02:03 - 2013-08-15 02:00 - 00000000 ____D C:\windows\system32\MRT
    2013-10-10 02:02 - 2011-07-07 16:34 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2013-10-08 18:59 - 2012-06-11 23:16 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
    2013-10-08 18:59 - 2012-04-12 02:18 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2013-10-08 18:59 - 2011-07-08 16:49 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-10-08 11:49 - 2012-11-03 15:03 - 00000000 ____D C:\Users\Linda\AppData\Local\HP

    Some content of TEMP:
    ====================
    C:\Users\Linda\AppData\Local\Temp\{907F5CBA-2CCF-4C53-9258-32861164B423}.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-10-31 09:08

    ==================== End Of Log =======

  13. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
    Ran by Linda at 2013-11-05 14:53:45
    Running from C:\Users\Linda\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
    AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

    ==================== Installed Programs ======================

    Adobe AIR (x32 Version: 3.0.0.4080)
    Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
    Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
    Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
    Bing Bar (x32 Version: 7.0.826.0)
    BrowserSafeguard (x32)
    Cisco EAP-FAST Module (x32 Version: 2.2.14)
    Cisco LEAP Module (x32 Version: 1.0.19)
    Cisco PEAP Module (x32 Version: 1.1.6)
    Genesys USB Mass Storage Device (x32 Version: 4.0.1.1)
    Google Chrome (x32 Version: 30.0.1599.101)
    Google Update Helper (x32 Version: 1.3.21.165)
    HP Officejet 4620 series Basic Device Software (Version: 26.0.784.0)
    HP Officejet 4620 series Help (x32 Version: 6.0.0)
    HP Officejet 4620 series Product Improvement Study (Version: 26.0.784.0)
    HP Photo Creations (x32 Version: 1.0.0.9572)
    HP Update (x32 Version: 5.005.000.002)
    HPDiagnosticAlert (x32 Version: 1.00.0000)
    I.R.I.S. OCR (x32 Version: 12.3.4.0)
    Intel® Control Center (x32 Version: 1.2.1.1007)
    Intel® Management Engine Components (x32 Version: 7.0.0.1118)
    Intel® Network Connections Drivers (Version: 15.4)
    Intel® Processor Graphics (x32 Version: 8.15.10.2246)
    Java 7 Update 45 (x32 Version: 7.0.450)
    Java Auto Updater (x32 Version: 2.1.9.8)
    JavaFX 2.1.1 (x32 Version: 2.1.1)
    Lenovo Driver and Application Installation (x32 Version: 5.10.1809)
    Lenovo Dynamic Brightness System (x32 Version: 4.0.00.22080)
    Lenovo EE Boot Optimizer (Version: 0.0.1.6)
    Lenovo Eye Distance System (x32 Version: 4.0.00.21090)
    Lenovo Rescue System (Version: 3.0.1409)
    Lenovo Rescue System (x32 Version: 3.0.1409)
    Level Quality Watcher (x32 Version: 1.0.0.0)
    Linksicle (x32 Version: 1.8.2.0)
    LVT (x32 Version: 4.1.2.0919)
    LXH-JME2207FN Hotkey Driver (x32 Version: 5.1.0804)
    Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
    McAfee Online Backup (Version: 1.16.6.1)
    McAfee Online Backup (x32)
    McAfee Security Scan Plus (Version: 3.8.130.8)
    McAfee Total Protection (x32 Version: 12.8.856)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
    Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Home and Student 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
    Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
    Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Single Image 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
    Mozilla Firefox 25.0 (x86 en-US) (x32 Version: 25.0)
    Mozilla Maintenance Service (x32 Version: 25.0)
    MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
    MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
    MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
    Realtek High Definition Audio Driver (x32 Version: 6.0.1.6230)
    REALTEK Wireless LAN Driver (x32 Version: 1.00.0159)
    SAMSUNG USB Driver for Mobile Phones (Version: 1.3.2380.0)
    ScorpionSaver (x32 Version: 1.0.0.0)
    Shared C Run-time for x64 (Version: 10.0.0)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
    Verizon Wireless Software Utility Application for Android - Samsung (x32 Version: 1.11.0305)
    Verizon Wireless Software Utility Application for Android - Samsung (x32 Version: 2.12.0807)

    ==================== Restore Points  =========================


    ==================== Hosts content: ==========================

    2009-07-13 18:34 - 2013-11-04 20:19 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {CB476DAF-38EC-4678-92A3-590F591A4634} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
    Task: {DFB432CD-66F8-418C-B6DA-7D52F3E38F60} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Loaded Modules (whitelisted) =============

    2010-11-19 02:22 - 2010-11-11 20:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2011-05-19 08:21 - 2009-07-16 08:20 - 00032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
    2011-05-19 08:21 - 2007-12-31 09:27 - 00007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
    2011-05-19 08:28 - 2010-09-09 10:19 - 00210432 _____ () C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll
    2011-05-19 08:28 - 2010-09-09 10:18 - 00211456 _____ () C:\Program Files\Lenovo\Lenovo Eye Distance System\VideoPlayer.dll
    2011-05-19 08:28 - 2010-09-20 09:08 - 00210432 _____ () C:\Program Files\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll
    2011-05-19 08:28 - 2010-09-20 17:55 - 00182272 _____ () C:\Program Files\Lenovo\Lenovo Brightness System\DDCHelperWraper.dll
    2013-10-18 09:02 - 2013-10-08 16:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
    2013-10-18 09:02 - 2013-10-08 16:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
    2013-10-18 09:02 - 2013-10-08 16:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
    2013-10-18 09:02 - 2013-10-08 16:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
    2013-10-18 09:02 - 2013-10-08 16:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
    2013-11-05 11:58 - 2013-11-05 11:58 - 03368048 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========


    ==================== Safe Mode (whitelisted) ===================

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\34745535.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\64969591.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\34745535.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\64969591.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/05/2013 02:36:29 PM) (Source: System Restore) (User: )
    Description: Failed to create restore point (Process = C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).

    Error: (11/05/2013 00:16:12 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
       Gathering Writer Data

    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {70a90d35-2b74-4c8a-ba44-8dae8752b52f}

    Error: (11/05/2013 00:15:36 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/05/2013 00:14:24 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (11/05/2013 00:14:23 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (11/05/2013 00:10:19 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
       Gathering Writer Data

    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {b18a4e88-7ec1-4a01-aa08-9389b7ec8106}

    Error: (11/05/2013 00:09:50 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/05/2013 00:08:34 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (11/05/2013 00:08:20 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (11/05/2013 11:38:51 AM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
       Gathering Writer Data

    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {0a6743cf-4fd8-48bd-8b9e-5dc4df77054a}


    System errors:
    =============
    Error: (11/04/2013 08:19:24 PM) (Source: Service Control Manager) (User: )
    Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

    Error: (11/04/2013 08:19:01 PM) (Source: Application Popup) (User: )
    Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

    Error: (11/04/2013 08:17:06 PM) (Source: Service Control Manager) (User: )
    Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

    Error: (11/03/2013 04:16:17 PM) (Source: DCOM) (User: )
    Description: {209500FC-6B45-4693-8871-6296C4843751}

    Error: (11/03/2013 01:59:34 PM) (Source: Service Control Manager) (User: )
    Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).

    Error: (10/31/2013 07:23:15 PM) (Source: Service Control Manager) (User: )
    Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).

    Error: (10/31/2013 06:42:57 PM) (Source: DCOM) (User: )
    Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

    Error: (10/31/2013 06:30:11 PM) (Source: Service Control Manager) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Installer service, but this action failed with the following error:
    %%1056

    Error: (10/31/2013 06:28:44 PM) (Source: Service Control Manager) (User: )
    Description: The DefaultTabSearch service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

    Error: (10/31/2013 06:28:38 PM) (Source: Service Control Manager) (User: )
    Description: The DefaultTabSearch service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.


    Microsoft Office Sessions:
    =========================
    Error: (11/05/2013 02:36:29 PM) (Source: System Restore)(User: )
    Description: C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422

    Error: (11/05/2013 00:16:12 PM) (Source: VSS)(User: )
    Description: 0x80070005, Access is denied.


    Operation:
       Gathering Writer Data

    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {70a90d35-2b74-4c8a-ba44-8dae8752b52f}

    Error: (11/05/2013 00:15:36 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/05/2013 00:14:24 PM) (Source: SideBySide)(User: )
    Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\MFC80U.DLL

    Error: (11/05/2013 00:14:23 PM) (Source: SideBySide)(User: )
    Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80U.DLL

    Error: (11/05/2013 00:10:19 PM) (Source: VSS)(User: )
    Description: 0x80070005, Access is denied.


    Operation:
       Gathering Writer Data

    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {b18a4e88-7ec1-4a01-aa08-9389b7ec8106}

    Error: (11/05/2013 00:09:50 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/05/2013 00:08:34 PM) (Source: SideBySide)(User: )
    Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\MFC80U.DLL

    Error: (11/05/2013 00:08:20 PM) (Source: SideBySide)(User: )
    Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80U.DLL

    Error: (11/05/2013 11:38:51 AM) (Source: VSS)(User: )
    Description: 0x80070005, Access is denied.


    Operation:
       Gathering Writer Data

    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {0a6743cf-4fd8-48bd-8b9e-5dc4df77054a}


    CodeIntegrity Errors:
    ===================================
      Date: 2013-11-04 20:19:01.213
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2013-11-04 20:19:01.125
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Percentage of memory in use: 41%
    Total physical RAM: 5992.43 MB
    Available physical RAM: 3523.92 MB
    Total Pagefile: 11983.03 MB
    Available Pagefile: 9222.97 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.8 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:1372.09 GB) (Free:1311.04 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: D31A27F4)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=-725749858304) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=25 GB) - (Type=12)

    ==================== End Of Log ===========

  14. 12:16:33.0924 0x1534  [ 33A77D477EF9D7A5C65A950129DF2E47, 4276E3DA2966785530F1538CEA8BA6D8DDA2A0310722679028857AF70AD71A44 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
    12:16:33.0924 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok
    12:16:33.0939 0x1534  [ 2342EC9254F4C60CA98441BD65C89E12, 7FDCAEB5D021E291A1C9B94DD4D49913CE363BF94D37518E466DB3DD72C41D05 ] C:\Windows\SysWOW64\dciman32.dll
    12:16:33.0939 0x1534  C:\Windows\SysWOW64\dciman32.dll - ok
    12:16:33.0939 0x1534  [ DF50659F3A4275EF2C8B37F893107692, 466DA44786EFF616F506906809348DDBED696CF28EF9B282C1DB86AFF466C25C ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\SUAComnCtrl.dll
    12:16:33.0939 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\SUAComnCtrl.dll - ok
    12:16:33.0939 0x1534  [ ABA457BFC7EC0B5E130B2F1E0F549DFF, C944C75C351A276952D0A869F9ED3DF8674E9479797EE7B03D13E8FDCDEB2DC4 ] C:\Windows\SysWOW64\odbcint.dll
    12:16:33.0939 0x1534  C:\Windows\SysWOW64\odbcint.dll - ok
    12:16:33.0939 0x1534  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
    12:16:33.0939 0x1534  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
    12:16:33.0939 0x1534  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
    12:16:33.0939 0x1534  C:\Windows\SysWOW64\comdlg32.dll - ok
    12:16:33.0939 0x1534  [ 09A116FB06C5E362EF8938D29CDAB27B, 887B39388C39FF262FBBE3047FA1F5F47EB649AF3D760865AFE614DE64160D33 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
    12:16:33.0939 0x1534  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
    12:16:33.0955 0x1534  [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
    12:16:33.0955 0x1534  C:\Windows\SysWOW64\oledlg.dll - ok
    12:16:33.0955 0x1534  [ 98E27A50D037BFCFE095AED77745692D, 4D42962079F94609CDB9CBB4F77016C3D9C70758B88CDF7C68C26939D53B3A27 ] C:\Program Files (x86)\jmesoft\hotkey.exe
    12:16:33.0955 0x1534  C:\Program Files (x86)\jmesoft\hotkey.exe - ok
    12:16:33.0955 0x1534  [ 5B2E4E90C04FB9AE9F2C5E99FF59B283, 69DC06F246C3983934CA92149B4010A51868667D6E9A54A36338B1953B4CB21E ] C:\Windows\SysWOW64\WindowsCodecs.dll
    12:16:33.0955 0x1534  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
    12:16:33.0955 0x1534  [ CA6DB5CB169E09209D0BA380E398D87B, 2ED8F1D59B4ECECD25873AEA5D8932E99AD5231F0AF4DD53AE4677F8E057D2E8 ] C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    12:16:33.0955 0x1534  C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE - ok
    12:16:33.0955 0x1534  [ D144849E9B48A7DFB942281ED7EDB1C1, 425988980C080FF07DFC4713170BA1049BAB052ADC62CEEF2C85CE83E926C399 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
    12:16:33.0955 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll - ok
    12:16:33.0970 0x1534  [ 00C258A28E60367721D2DE20F879590F, 5948FCCA99E23398596079123C916CCC89FB3F2B59DC8CF540D364BB133B5AAD ] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
    12:16:33.0970 0x1534  C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe - ok
    12:16:33.0970 0x1534  [ E2C48CD0132D4D1DC7D0DF9A6BEF686A, 52D1A8AA992AF2F727DA4B16522D604648D700997B1620CCB67D05838C127674 ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\mfc80u.dll
    12:16:33.0970 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\mfc80u.dll - ok
    12:16:33.0970 0x1534  [ 3FF91352B70C1DD93859168A9D5D088D, 4F97E2A20CC11663FF3D022547ADB1B181DEF83B38A5F7867A065CE96B750614 ] C:\Windows\System32\igfxdev.dll
    12:16:33.0970 0x1534  C:\Windows\System32\igfxdev.dll - ok
    12:16:33.0970 0x1534  [ 77515D65E4D2735773A6626EBF86B838, 8E87E09199983B349D98C2D175FBA44CA534B6FF6AB1F51E117B5E2600EF95C2 ] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
    12:16:33.0970 0x1534  C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe - ok
    12:16:33.0970 0x1534  [ 6C885DD270446B351257FF0216AB1586, 8ACC7057F983AF29A8791461C87A57441862D913927472B07DD90ACCE2F908C0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
    12:16:33.0970 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll - ok
    12:16:33.0986 0x1534  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\msvcr80.dll
    12:16:33.0986 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\msvcr80.dll - ok
    12:16:33.0986 0x1534  [ D4F264FE23F8953D840904418220C15E, 72EAF30265A0CC88DEC0FCA7869734D8C93572457C61A2BF1BDFFB20C061DBCD ] C:\Windows\SysWOW64\dxgi.dll
    12:16:33.0986 0x1534  C:\Windows\SysWOW64\dxgi.dll - ok
    12:16:33.0986 0x1534  [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe
    12:16:33.0986 0x1534  C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe - ok
    12:16:33.0986 0x1534  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    12:16:33.0986 0x1534  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
    12:16:33.0986 0x1534  [ 33E8BE80F5A3CBD4166C482B4E2C72B2, 01C2F5C0AA72ACCF0DC9AEE71C0E46982851B789BD51206EBA30FD06F6752E75 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
    12:16:33.0986 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll - ok
    12:16:34.0002 0x1534  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    12:16:34.0002 0x1534  C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
    12:16:34.0002 0x1534  [ B6856ED83EB3121ECA6C7B3CDA407264, EFBF7AE88D02FE0A62D21C36583807BE3DD4F8C6B6D57579704FA7CDBD44FE3F ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\UTEngine.dll
    12:16:34.0002 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\UTEngine.dll - ok
    12:16:34.0002 0x1534  [ 912649A1B3F9E6ACB3899FBDABA2ED5F, 049DFA9EA45A888B984E459B927A0F8AA4C10B9D36C6C0A0FE57F6329BEAF555 ] C:\Windows\SysWOW64\stobject.dll
    12:16:34.0002 0x1534  C:\Windows\SysWOW64\stobject.dll - ok
    12:16:34.0002 0x1534  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
    12:16:34.0002 0x1534  C:\Windows\System32\stobject.dll - ok
    12:16:34.0002 0x1534  [ EFA334917657A01479ED0CF1920FCE9C, 34166E7EEF202D2DF3EFC528ACFBC43798AEE8B0A0D73A01A42C5BB88B4798F0 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
    12:16:34.0002 0x1534  C:\Program Files\McAfee.com\Agent\mcagent.exe - ok
    12:16:34.0017 0x1534  [ 555F35AF3B56EAAE367D767B9E2F1E8B, CB399AB961612318D244D51B90D30A24B0E76CC95ED4E73CFF2807EE799CCC04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
    12:16:34.0017 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll - ok
    12:16:34.0017 0x1534  [ 67C1B58706B47EEBA4E117AC197289E6, 9213E55DA854563E3A99369A4FAD853C0A97241A4F6D93F98444C57ADEEF89C1 ] C:\Windows\SysWOW64\batmeter.dll
    12:16:34.0017 0x1534  C:\Windows\SysWOW64\batmeter.dll - ok
    12:16:34.0017 0x1534  [ E3DCAAB0AB1A59841BC53AD2A9ED287A, 238AD3517D0ED4428185AFD99FED6C97B6381A1A1288D66A341BF930774A8C4F ] C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusUI.dll
    12:16:34.0017 0x1534  C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusUI.dll - ok
    12:16:34.0017 0x1534  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
    12:16:34.0017 0x1534  C:\Windows\System32\batmeter.dll - ok
    12:16:34.0017 0x1534  [ B166B02EF941522763B069D50A682D60, C07C767491952808B0F78D22E26E5EF72322B00769EE408369D34BEF2FB7FCE6 ] C:\Windows\System32\RtkCfg64.dll
    12:16:34.0017 0x1534  C:\Windows\System32\RtkCfg64.dll - ok
    12:16:34.0017 0x1534  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    12:16:34.0017 0x1534  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
    12:16:34.0033 0x1534  [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
    12:16:34.0033 0x1534  C:\Windows\System32\oledlg.dll - ok
    12:16:34.0033 0x1534  [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
    12:16:34.0033 0x1534  C:\Windows\SysWOW64\shfolder.dll - ok
    12:16:34.0033 0x1534  [ F350BD645F9092C0719DE1D58D35F7C5, 865ECEDA3474C9EED8AC29445D9C0E54BB4BCD9AA8991B7B790421E2E5AD2857 ] C:\Windows\System32\RtkAPO64.dll
    12:16:34.0033 0x1534  C:\Windows\System32\RtkAPO64.dll - ok
    12:16:34.0033 0x1534  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\msvcp80.dll
    12:16:34.0033 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\msvcp80.dll - ok
    12:16:34.0033 0x1534  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] C:\Windows\SysWOW64\es.dll
    12:16:34.0048 0x1534  C:\Windows\SysWOW64\es.dll - ok
    12:16:34.0048 0x1534  [ 90FB1802D488FFA9029854A77D4F3F27, FBEAB2065307A2BD9C78D3ABB4F80B8311F3EA68B2F23FD1EF80C24E1DBA1F4D ] C:\Windows\SysWOW64\oleaccrc.dll
    12:16:34.0048 0x1534  C:\Windows\SysWOW64\oleaccrc.dll - ok
    12:16:34.0048 0x1534  [ 197FCFBB07F3AB33E3FDE1DF04298078, 8C3D22BCEECCD829C457094F23239D3CC41335A860989EDBFEC42C7CBF835F5C ] C:\Program Files (x86)\jmesoft\KeyHook.dll
    12:16:34.0048 0x1534  C:\Program Files (x86)\jmesoft\KeyHook.dll - ok
    12:16:34.0048 0x1534  [ C8333F1F77A1B2E25F2202E892CAF634, 7A614AA4353ECE8175B6AB7B25EE26FAB22DF2A53C9A5A694B3A3B56F6C783A7 ] C:\Windows\SysWOW64\prnfldr.dll
    12:16:34.0048 0x1534  C:\Windows\SysWOW64\prnfldr.dll - ok
    12:16:34.0048 0x1534  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
    12:16:34.0048 0x1534  C:\Windows\System32\prnfldr.dll - ok
    12:16:34.0048 0x1534  [ 4FD693D4B9AA64EE32BAA9B8D9956ACF, 3A64BB2E1BBDD3289F13BB06D5DE9A326C8D622966AD054A9958056B11A239C0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
    12:16:34.0048 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll - ok
    12:16:34.0064 0x1534  [ 90D86B42E603984122FCD68FE06FB651, 880299337EEFF29E7F036C24DA3D0D0116FC340B065B90C9C8BD4F7E27C08D2A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
    12:16:34.0064 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll - ok
    12:16:34.0064 0x1534  [ 0303C433E5B37C98C3E787A1F15A12FA, 577BC56884FC36D56266EBF81673EB34CB9F73746A6E5D93618AEF7551A06C6B ] C:\Program Files (x86)\jmesoft\VistaVolume.dll
    12:16:34.0064 0x1534  C:\Program Files (x86)\jmesoft\VistaVolume.dll - ok
    12:16:34.0064 0x1534  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
    12:16:34.0064 0x1534  C:\Windows\SysWOW64\dbghelp.dll - ok
    12:16:34.0064 0x1534  [ B0923C371EF32F2730382B492A38F790, 4C5661CE9536AE224D7EB957654333C428A1F8CA0BCA639340B9913B94FD0FDD ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\ToolkitPro1331vc80U.dll
    12:16:34.0064 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\ToolkitPro1331vc80U.dll - ok
    12:16:34.0064 0x1534  [ F3EF30328F33D202FC6BDF9CDC4C031C, D2BD9EF958C0DAEB9B54B022A99997348435BDCB1C18A360AD0F2C85EDD64A13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
    12:16:34.0064 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll - ok
    12:16:34.0064 0x1534  [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
    12:16:34.0064 0x1534  C:\Windows\System32\dsound.dll - ok
    12:16:34.0080 0x1534  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
    12:16:34.0080 0x1534  C:\Windows\System32\DXP.dll - ok
    12:16:34.0080 0x1534  [ CB72DF94C7AFABCC2C1EF24BC5CA004D, BC873B9732FF9C5C336F68778B58A034CB224C7146B514CDC3B9FE6F45678652 ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\icudt.dll
    12:16:34.0080 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\icudt.dll - ok
    12:16:34.0080 0x1534  [ B2B3DAE040F6B5AE1DF52B0CD7631A18, 062680EFF24EB83FF34DDD76043DB9ABB476C8FEE7BBE869A1E7F7FC8891314F ] C:\Windows\SysWOW64\AltTab.dll
    12:16:34.0080 0x1534  C:\Windows\SysWOW64\AltTab.dll - ok
    12:16:34.0080 0x1534  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
    12:16:34.0080 0x1534  C:\Windows\System32\AltTab.dll - ok
    12:16:34.0080 0x1534  [ 856CFFCD835528136367BB1A8FE1DB87, 97EE0B243F460BE737D18B634559BC6389064BA013890E69B650E5152AB873C8 ] C:\Windows\SysWOW64\Syncreg.dll
    12:16:34.0080 0x1534  C:\Windows\SysWOW64\Syncreg.dll - ok
    12:16:34.0080 0x1534  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
    12:16:34.0080 0x1534  C:\Windows\System32\Syncreg.dll - ok
    12:16:34.0095 0x1534  [ 11A52C5634101692AAA831ACDB52A9F3, 2513458F28CEF03F4CF8CE23FBD4A8A4919B5A219EACC8E7754731FC3E1B0A50 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
    12:16:34.0095 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll - ok
    12:16:34.0095 0x1534  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
    12:16:34.0095 0x1534  C:\Windows\ehome\ehSSO.dll - ok
    12:16:34.0095 0x1534  [ 8DFB5078508924FA725C203CE179B10C, A26A42B331C75D455074B597B982D4CB734B57F1F527C7B2EDBCD0746C38CD52 ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
    12:16:34.0095 0x1534  C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
    12:16:34.0095 0x1534  [ 585FED4CDB8034B8B58AEB8008255817, 13D1055929D79598C04A4AB66EF3DBAADD265F9D1C3F43E84531238D2526A1AE ] C:\Windows\System32\opengl32.dll
    12:16:34.0095 0x1534  C:\Windows\System32\opengl32.dll - ok
    12:16:34.0095 0x1534  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
    12:16:34.0095 0x1534  C:\Windows\SysWOW64\rasapi32.dll - ok
    12:16:34.0095 0x1534  [ 0C18568BE622D14A796AC683B88425DE, B2BFE014A0D8D09DAF3E05A42951838683C95DAD3943C21DDC0C3DB231F9C02F ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
    12:16:34.0111 0x1534  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
    12:16:34.0111 0x1534  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
    12:16:34.0111 0x1534  C:\Windows\SysWOW64\rasman.dll - ok
    12:16:34.0111 0x1534  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
    12:16:34.0111 0x1534  C:\Windows\SysWOW64\rtutils.dll - ok
    12:16:34.0111 0x1534  [ 3D6F22551D422F97AACB0BB927E4C846, 9AB7C9F2E7F3D1CEC4553D0DF57E074121957055A9A4349946D354ACB6FC4579 ] C:\Windows\SysWOW64\pnidui.dll
    12:16:34.0111 0x1534  C:\Windows\SysWOW64\pnidui.dll - ok
    12:16:34.0111 0x1534  [ C4CF03B998D4D758B89CD07F22D7A7F9, 148345A87B69EDB4212C26F135690A5D04B998D5E2AF6F3A559822A0020472A3 ] C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    12:16:34.0111 0x1534  C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe - ok
    12:16:34.0111 0x1534  [ AAF7C4C78E07660241EB1230638DE2F6, 6318AB859AF0BA7D80B768E49A7EE49411F57B74240A269D371C14504D091713 ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
    12:16:34.0111 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll - ok
    12:16:34.0126 0x1534  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
    12:16:34.0126 0x1534  C:\Windows\System32\pnidui.dll - ok
    12:16:34.0126 0x1534  [ F2967C0A97C0EA67D79D7F557213950D, 65516C83DCB3F952CD4454636B61CC2F153AF6BEEBC352463791D92F7F500F52 ] C:\Windows\System32\glu32.dll
    12:16:34.0126 0x1534  C:\Windows\System32\glu32.dll - ok
    12:16:34.0126 0x1534  [ A6C09924C6730DE8DEED9890A12AA691, 46EACBC27D15FD43431812D6CA770982178C07246AF3A1C2E0D40D745A1D5758 ] C:\Windows\System32\ddraw.dll
    12:16:34.0126 0x1534  C:\Windows\System32\ddraw.dll - ok
    12:16:34.0126 0x1534  [ DB001FAEA818AE2E14A74E0ADC530FC0, 45CB405589C92BF74C47B7C90E299A5732A99403C51F301A5B60579CAF3116E7 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
    12:16:34.0126 0x1534  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
    12:16:34.0126 0x1534  [ F9CF7CA48B5D3A070F534CCA4EEC220A, EC4416340EAC617B122FD2D21F6364759CF58D7F4315859309093842E8870AFF ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
    12:16:34.0126 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll - ok
    12:16:34.0126 0x1534  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
    12:16:34.0126 0x1534  C:\Windows\System32\mscoree.dll - ok
    12:16:34.0142 0x1534  [ A5ED9421B8D09ED4F57CDA386307713E, EC2EE043E94A53302A9721220AA42D29BE72AF3448B7AA01F7EB911ECF7DC6AE ] C:\Windows\System32\dciman32.dll
    12:16:34.0142 0x1534  C:\Windows\System32\dciman32.dll - ok
    12:16:34.0142 0x1534  [ AA794B099F776B37ACCDEAD00E0FBFC9, CB6DA7F6A8BB09BBCFCB37E96FBA44F989DD7485535801CB9B6BD7F5A9C838E0 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
    12:16:34.0142 0x1534  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
    12:16:34.0142 0x1534  [ 161EFB45DE0744802FBE88F50B57EB86, EA518AA1500B8D687028080420B89B35897CA6023CF971809E9223D0F0DCF2A5 ] C:\Program Files\Internet Explorer\sqmapi.dll
    12:16:34.0142 0x1534  C:\Program Files\Internet Explorer\sqmapi.dll - ok
    12:16:34.0142 0x1534  [ BE210318FA6DA2A862BD41EA87E8CBE6, 1977C5979A473F06028FE51405F3C752C34ACB7A3BBD95C242ADD171E0E69046 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
    12:16:34.0142 0x1534  C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
    12:16:34.0142 0x1534  [ C0FAAE8EC1B4760D3D04844F708DA0F0, 190F92877C880A9115DB957755850CE6E81F3F428AB7B6B6BF4EC99668C1DA14 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
    12:16:34.0142 0x1534  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
    12:16:34.0158 0x1534  [ BD626EF05967D14C772B8096292731A3, FE3838B41DCAFC52089D909E7F411186D993C08AC149E093352D691D57C9BE71 ] C:\Windows\SysWOW64\QUTIL.DLL
    12:16:34.0158 0x1534  C:\Windows\SysWOW64\QUTIL.DLL - ok
    12:16:34.0158 0x1534  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
    12:16:34.0158 0x1534  C:\Windows\System32\QUTIL.DLL - ok
    12:16:34.0158 0x1534  [ 06A754FE28A06F780A099703CFCAAA22, FCADF16C88EEC651258149616202CC29D649FE8CBBBA481BEA9A67C2ED82844B ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
    12:16:34.0158 0x1534  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
    12:16:34.0158 0x1534  [ E0E5BB58A4C43F7DBB83352785F32DEF, 03000DF8B9C6D1E13F85730643797413EEE8221653A761FFBECB0AE64457F9E4 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
    12:16:34.0158 0x1534  C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
    12:16:34.0158 0x1534  [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
    12:16:34.0158 0x1534  C:\Windows\SysWOW64\wevtapi.dll - ok
    12:16:34.0173 0x1534  [ A0617B5753E31126AD29C03154F4F329, 3BC10C0A54D1D60B0C670D901944D3F115E2EBB406C989409145E7151AA55EFE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
    12:16:34.0173 0x1534  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
    12:16:34.0173 0x1534  [ 9590966219AFE901927431AC2E11C462, C891A9484DDED8445964FDF033396FACC83E2769A2AB3D9745939B26BF209B58 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f4e49f5f51d2fa5e6190464468dff4d3\Microsoft.VisualBasic.ni.dll
    12:16:34.0173 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f4e49f5f51d2fa5e6190464468dff4d3\Microsoft.VisualBasic.ni.dll - ok
    12:16:34.0173 0x1534  [ 7F9C912B2817076DC0C9C129C90D8914, 439197E39E96782723B2894FEB21785139E3AC273DC4E10CC88B27D25FBA4E6F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll
    12:16:34.0173 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll - ok
    12:16:34.0173 0x1534  [ 35D50E3EB2BE810B3EFA98ABA948AA77, 21FDA402B21EE96613085C04C278ED723925CC75DF8942E6454E4374E744DA72 ] C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll
    12:16:34.0173 0x1534  C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll - ok
    12:16:34.0173 0x1534  [ EAB975DB4C2805927FE5BD047D05C9AA, 8F5497B1A2652B5EAA5D35BD314B5F90C5140207427DAE6068D665FA44D3FD56 ] C:\Windows\SysWOW64\netshell.dll
    12:16:34.0173 0x1534  C:\Windows\SysWOW64\netshell.dll - ok
    12:16:34.0189 0x1534  [ 0F47D857807DD63F88E5A092E2C04020, 1C8EF2A9CB6496F68DC59BB691B14C4D4010F4E32BEB89A0D36495CF98479FCC ] C:\Program Files\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll
    12:16:34.0189 0x1534  C:\Program Files\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll - ok
    12:16:34.0189 0x1534  [ 9A39A2A5F443A756C568C6ED5748AFE4, 13C2790985CBA9CD325BA20364A665DB50B769B7DDE93E6BE20F25427BDB34F8 ] C:\Windows\SysWOW64\ActionCenter.dll
    12:16:34.0189 0x1534  C:\Windows\SysWOW64\ActionCenter.dll - ok
    12:16:34.0189 0x1534  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
    12:16:34.0189 0x1534  C:\Windows\System32\ActionCenter.dll - ok
    12:16:34.0189 0x1534  [ 0DB2492DE7CBBE2AF0B6662EFF21A6BF, 0284A7277E3E2CD3BCAF8D16E468A1BA21056D1761BBCF0A4B32B1AE9D308E73 ] C:\Program Files\Common Files\McAfee\Platform\mcuifw.dll
    12:16:34.0189 0x1534  C:\Program Files\Common Files\McAfee\Platform\mcuifw.dll - ok
    12:16:34.0189 0x1534  [ 8A525B8D583D067C5AAAC1AF5F91B89A, D92F558E83463FEEDD105F7D5968EAABA2F1F6C83FEE5F7B4E4913AD5E5CB60C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll
    12:16:34.0189 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll - ok
    12:16:34.0189 0x1534  [ 423069307FB726E51E2A66F1C3F738FE, 314EF0E1C636AC553C0E09F992B34573DA4A89ACCB759BDA27335E8125C08E35 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll
    12:16:34.0189 0x1534  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll - ok
    12:16:34.0204 0x1534  [ 735263DA17BF5BAF9CCD483843BF9D5A, A493F9191EA3F37A53474E94B3917EA038B29545FC62B1634CE47F05EA2FF5C6 ] C:\Windows\SysWOW64\WPDShServiceObj.dll
    12:16:34.0204 0x1534  C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
    12:16:34.0204 0x1534  [ 293D5F8CB59093DA5935F9B7DC9EB8CF, 0830C42C246D8A592C58051CFE5F3DA16214642D053BD592FE2248FC801304ED ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\chrome.dll
    12:16:34.0204 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\chrome.dll - ok
    12:16:34.0204 0x1534  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
    12:16:34.0204 0x1534  C:\Windows\System32\WPDShServiceObj.dll - ok
    12:16:34.0204 0x1534  [ 7200DCA324F3D1ECD11B2B1250B2D6C7, 636E12FEA8C47EA528DBA48827AC51A2E98B2EF0864854C9375B8170555C0A6E ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcm90.dll
    12:16:34.0204 0x1534  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcm90.dll - ok
    12:16:34.0204 0x1534  [ 5C997FB34FBA9CD15637890048F1EB0B, E62EBA0A5900576DAF9EC754AE6CCF0853FC09745C8E5407FA103444F5C19D34 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll
    12:16:34.0204 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll - ok
    12:16:34.0220 0x1534  [ ADB45A977BD9E45790CA496DB84BA148, BB251C9A5D2F5C6BDFB22C6BA235748472FC28AF2ADAF1CE7948352301DDE3C1 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
    12:16:34.0220 0x1534  C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
    12:16:34.0220 0x1534  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
    12:16:34.0220 0x1534  C:\Windows\System32\PortableDeviceTypes.dll - ok
    12:16:34.0220 0x1534  [ 2A632A95433E9719F37AE06BA00543AC, 889704C5556AEC2C5BC1D09BAD9B1910C66A6D040AB5DE021375BA861A16FA19 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
    12:16:34.0220 0x1534  C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL - ok
    12:16:34.0220 0x1534  [ 9F6D6573136255D1896D6DA8CF7A8A54, 0A685DE39584E3B7F6C814DDFA8783C6CA9D8F9613C8FC248EED0A8CF0DBABC2 ] C:\Windows\SysWOW64\KeyStone.ax
    12:16:34.0220 0x1534  C:\Windows\SysWOW64\KeyStone.ax - ok
    12:16:34.0220 0x1534  [ C140F86932B5B61F54A4D836E2D34AB2, 94821597EC70F27BF11A747D5EED474C57F389F20A2E0C3F1D0CB3F00974A53B ] C:\Windows\SysWOW64\ksproxy.ax
    12:16:34.0220 0x1534  C:\Windows\SysWOW64\ksproxy.ax - ok
    12:16:34.0236 0x1534  [ 99269DEE97D87DED45D05A3257493D8D, 66CEBA406F0FCDA98D0CC93F880DE1C5CCFA7C9B998B7E8D7823A3FCD42AC42F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll
    12:16:34.0236 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll - ok
    12:16:34.0236 0x1534  [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
    12:16:34.0236 0x1534  C:\Windows\SysWOW64\d3d9.dll - ok
    12:16:34.0236 0x1534  [ E98278865E8DABA21CFE5FE4BE34210A, 3BB431A9F6476EA98C17DF46BA5DFA265E74328D84875E402236ED12E50B6330 ] C:\Windows\SysWOW64\PortableDeviceApi.dll
    12:16:34.0236 0x1534  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
    12:16:34.0236 0x1534  [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
    12:16:34.0236 0x1534  C:\Windows\SysWOW64\d3d8thk.dll - ok
    12:16:34.0236 0x1534  [ E3D5E244807AD655787FCD25477CC1BC, 8A378249C936914DBFEDAE310D6ACB93D488C8F490EC4AAB435861C413A5BB0F ] C:\Windows\SysWOW64\bthprops.cpl
    12:16:34.0236 0x1534  C:\Windows\SysWOW64\bthprops.cpl - ok
    12:16:34.0251 0x1534  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25, 019E9274DE2F5BAB16B4632B8A2E93DFC8DF0C08EC4EEA947B337FD29EB2E0CC ] C:\Windows\SysWOW64\devenum.dll
    12:16:34.0251 0x1534  C:\Windows\SysWOW64\devenum.dll - ok
    12:16:34.0251 0x1534  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
    12:16:34.0251 0x1534  C:\Windows\System32\bthprops.cpl - ok
    12:16:34.0251 0x1534  [ E24FE90E9DE8D8AE70E59F7B01675DEF, DDB0691488DB424CC203505E27364B24E4410E599A972CF2C1AFF4E2F3E3C04F ] C:\Windows\SysWOW64\avicap32.dll
    12:16:34.0251 0x1534  C:\Windows\SysWOW64\avicap32.dll - ok
    12:16:34.0251 0x1534  [ 7069AAB8536F29ED7323140973A2894B, 04B7FB6C64BFA3B80549F35CEF36D5DAE5D19A40E42444B3665B6BEFDF98EB5F ] C:\Windows\SysWOW64\msdmo.dll
    12:16:34.0251 0x1534  C:\Windows\SysWOW64\msdmo.dll - ok
    12:16:34.0251 0x1534  [ C335EC1182AC10B188705554E0BC1186, 963CD11CEF7A79559361134FDF9C07B8EA829A40D3996D77E95C291DD17AAD2B ] C:\Windows\SysWOW64\msvfw32.dll
    12:16:34.0251 0x1534  C:\Windows\SysWOW64\msvfw32.dll - ok
    12:16:34.0251 0x1534  [ 619901DE647FDC5E7901B9A854CE40CE, C961C31B34D63617BF85F252948B1DA163419DC6C52935A164942E9F16C6EDAB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
    12:16:34.0251 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll - ok
    12:16:34.0267 0x1534  [ 0F25194F0257C1ED7C93C55FE6AE6E8A, AD8BE609E52FD7C9663EADEB0498C23E720528FEB1374D3E6A119A6037FDADD2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\3f0016119cbaccffc68806e1c91da0fc\PresentationFramework.ni.dll
    12:16:34.0267 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\3f0016119cbaccffc68806e1c91da0fc\PresentationFramework.ni.dll - ok
    12:16:34.0267 0x1534  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
    12:16:34.0267 0x1534  C:\Windows\System32\FXSST.dll - ok
    12:16:34.0267 0x1534  [ AE098D9D3BD83440C59A0C3386F4F5DD, 13CFA7323349A2746D7FE662A7FCFC678F4E7AA9E12B45C62328022E3272384F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
    12:16:34.0267 0x1534  C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
    12:16:34.0267 0x1534  [ 942E57152F1CD0533644AB30EF1A4728, 4F72510BECFAFDBB06C9CAAC66BA9E95225DE1EA12B4D2FD5B67492A2E628ABD ] C:\Windows\SysWOW64\FXSAPI.dll
    12:16:34.0267 0x1534  C:\Windows\SysWOW64\FXSAPI.dll - ok
    12:16:34.0267 0x1534  [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
    12:16:34.0267 0x1534  C:\Windows\System32\FXSAPI.dll - ok
    12:16:34.0282 0x1534  [ C4096CA42199428B3D63DC206C197F0E, 76336CD81608650E5AAD02D59D2AC752E7BDD057314BBC7334CECF74D1EAB587 ] C:\Windows\SysWOW64\FXSRESM.dll
    12:16:34.0282 0x1534  C:\Windows\SysWOW64\FXSRESM.dll - ok
    12:16:34.0282 0x1534  [ 71C4F42DC8DB668E826DA79462EA741E, 69452DBC1CD4E09B27A42A535827B359FA9A2762A106E91653DDB7BF00A9C029 ] C:\Windows\SysWOW64\KBDUS.DLL
    12:16:34.0282 0x1534  C:\Windows\SysWOW64\KBDUS.DLL - ok
    12:16:34.0282 0x1534  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
    12:16:34.0282 0x1534  C:\Windows\System32\FXSRESM.dll - ok
    12:16:34.0282 0x1534  [ 6E656C325A5519A3A9D951709958CF6F, 1DC1D4BDF42F40A381D569297FEFB79B53CBD87088BA61A9EEA5AE4526B6182E ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
    12:16:34.0282 0x1534  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
    12:16:34.0282 0x1534  [ 674B0C0F6A448EB185CAAB9C51D44032, 6722351F46BF70BA967844D3239CD801DFC4538A4EB6C478D8497F27F7FD9F1D ] C:\Windows\SysWOW64\srchadmin.dll
    12:16:34.0282 0x1534  C:\Windows\SysWOW64\srchadmin.dll - ok
    12:16:34.0298 0x1534  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
    12:16:34.0298 0x1534  C:\Windows\System32\srchadmin.dll - ok
    12:16:34.0298 0x1534  [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\SysWOW64\mscms.dll
    12:16:34.0298 0x1534  C:\Windows\SysWOW64\mscms.dll - ok
    12:16:34.0298 0x1534  [ 1B1431D9520C7578AD5633ED2A70625F, 6852FAC1355CA69226B727A1355D6DA8C0865F5EEDA45D7690701CFED7C542A1 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
    12:16:34.0298 0x1534  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
    12:16:34.0298 0x1534  [ 140D9F911182357626165EA0BEB98C4F, 9B24047BF104895FCFDB68694934BDDD92DE98A0E6334A62E987C6DCBFFB9C5B ] C:\Windows\SysWOW64\ncsi.dll
    12:16:34.0298 0x1534  C:\Windows\SysWOW64\ncsi.dll - ok
    12:16:34.0298 0x1534  [ 43C9CF6825CEA58F1815B7C3DBBB385C, C79DB405D588C77E4ACAE3BC26080213BEEB604C0A109AFDF88031FC46B4CBC0 ] C:\Windows\SysWOW64\Wpc.dll
    12:16:34.0298 0x1534  C:\Windows\SysWOW64\Wpc.dll - ok
    12:16:34.0314 0x1534  [ D64D99EC088B54FFE8EE67A480386C20, A6D1E4CA40843B0B9B32019E69479457D46CA99A2804E937CDC385C9DEDFDE62 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
    12:16:34.0314 0x1534  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
    12:16:34.0314 0x1534  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
    12:16:34.0314 0x1534  C:\Windows\System32\FXSSVC.exe - ok
    12:16:34.0314 0x1534  [ 2867EB00222EB3AA5F4F80C451F9F2C9, 4ADDBA3A76EED9F60F87B12A43DCB06E95700D5562757835C76CEA6C72FADF05 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\fffa833a307c3ad981d98b81311f2ad3\WindowsFormsIntegration.ni.dll
    12:16:34.0314 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\fffa833a307c3ad981d98b81311f2ad3\WindowsFormsIntegration.ni.dll - ok
    12:16:34.0314 0x1534  [ 236F286E103FD44BD85FDD93097FD5DD, C369C98E76FEFBB05A12ABEECCF89C75132419B56866ED9AB77F61F84BA62785 ] C:\Windows\SysWOW64\SearchIndexer.exe
    12:16:34.0314 0x1534  C:\Windows\SysWOW64\SearchIndexer.exe - ok
    12:16:34.0314 0x1534  [ ACBABB8E45BEBFE6B03761ECA0126E55, 360ED24DA7FEA360FC563B2CA6AA44876E2AE5876BC77F2E323318A31D233769 ] C:\Windows\System32\gfxSrvc.dll
    12:16:34.0314 0x1534  C:\Windows\System32\gfxSrvc.dll - ok
    12:16:34.0329 0x1534  [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
    12:16:34.0329 0x1534  C:\Windows\System32\SearchIndexer.exe - ok
    12:16:34.0329 0x1534  [ 346242C94BA09626AE7F3591264900C9, 2EEF8552A286208A16DBD247D596735D5A5329F65D6706164ECB6399D2B37E83 ] C:\Windows\System32\IGFXDEVLib.dll
    12:16:34.0329 0x1534  C:\Windows\System32\IGFXDEVLib.dll - ok
    12:16:34.0329 0x1534  [ D39DA70FEA6BD713682F70635587DA9E, FF18C97642F48C711D75F32115B1260FE0BDF6072403E5A9226E9BE780AF1969 ] C:\Windows\SysWOW64\rasdlg.dll
    12:16:34.0329 0x1534  C:\Windows\SysWOW64\rasdlg.dll - ok
    12:16:34.0329 0x1534  [ 465DBF63A5049E4DB4BC5C12FFE781CB, D12F6A9FB92144B2CFFD28BD72C234BA42F882EF22122DB83CE5EB1B8EBE9017 ] C:\Windows\SysWOW64\tquery.dll
    12:16:34.0329 0x1534  C:\Windows\SysWOW64\tquery.dll - ok
    12:16:34.0329 0x1534  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
    12:16:34.0329 0x1534  C:\Windows\System32\rasdlg.dll - ok
    12:16:34.0329 0x1534  [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
    12:16:34.0329 0x1534  C:\Windows\System32\tquery.dll - ok
    12:16:34.0345 0x1534  [ 1F27643C4C626457FCE8F047AE1CD7E1, 68E2367B9AA21C1BDE7FEA566D5F0DBDF1E246CB53E949622F8EDC810AA95956 ] C:\Windows\SysWOW64\dxva2.dll
    12:16:34.0345 0x1534  C:\Windows\SysWOW64\dxva2.dll - ok
    12:16:34.0345 0x1534  [ 4C3DAEE652B005B483F16B8E9131C99D, 188DFF96F3B18A610C52775C8F95C99ABF27FF2E1D52B50EDF9F80FE337239CD ] C:\Windows\System32\d3d9.dll
    12:16:34.0345 0x1534  C:\Windows\System32\d3d9.dll - ok
    12:16:34.0345 0x1534  [ 04B88428A872390D235BE52D38A9D4EF, F6954D514B67547738EB012456342D65289B0B18A0304BBAD5BDAA3436181C77 ] C:\Windows\SysWOW64\dot3api.dll
    12:16:34.0345 0x1534  C:\Windows\SysWOW64\dot3api.dll - ok
    12:16:34.0345 0x1534  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
    12:16:34.0345 0x1534  C:\Windows\System32\dot3api.dll - ok
    12:16:34.0345 0x1534  [ 8063046AA70B97CA9985672B8848FB2E, C7A7F2D216D1F0D7F28A22E4933DB3D821AC52CC2EF7AE8BA08D18104FCF8B81 ] C:\Windows\SysWOW64\wlanhlp.dll
    12:16:34.0345 0x1534  C:\Windows\SysWOW64\wlanhlp.dll - ok
    12:16:34.0360 0x1534  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
    12:16:34.0360 0x1534  C:\Windows\System32\wlanhlp.dll - ok
    12:16:34.0360 0x1534  [ FDBA1DEC4F9BE4274A00B9B850C63484, 045846267BCB1D9C4931A4871C887D8496E92DF655936DD5D40375E09C950510 ] C:\Windows\SysWOW64\mf.dll
    12:16:34.0360 0x1534  C:\Windows\SysWOW64\mf.dll - ok
    12:16:34.0360 0x1534  [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
    12:16:34.0360 0x1534  C:\Windows\SysWOW64\wlanapi.dll - ok
    12:16:34.0360 0x1534  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
    12:16:34.0360 0x1534  C:\Windows\System32\wlanapi.dll - ok
    12:16:34.0360 0x1534  [ 6383C60EC0133B14F5705F96369421B2, EAB3FA2344B853148F199F744E716FBB8E9331B9DB588F784274599B6BCE2335 ] C:\Windows\SysWOW64\hnetcfg.dll
    12:16:34.0360 0x1534  C:\Windows\SysWOW64\hnetcfg.dll - ok
    12:16:34.0376 0x1534  [ 0241CB16136B9A4939CA0395768AE286, E7A3A0BDB4AC4BD718C93BE650541F96603739BDB3DB6860665DCC073DA8007D ] C:\Windows\SysWOW64\mssrch.dll
    12:16:34.0376 0x1534  C:\Windows\SysWOW64\mssrch.dll - ok
    12:16:34.0376 0x1534  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65, D99A8C10CC4E5C778D063E56A131DB549F01CA7F9605F6596406606BB12C0269 ] C:\Windows\System32\d3d8thk.dll
    12:16:34.0376 0x1534  C:\Windows\System32\d3d8thk.dll - ok
    12:16:34.0376 0x1534  [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
    12:16:34.0376 0x1534  C:\Windows\System32\mssrch.dll - ok
    12:16:34.0376 0x1534  [ D46104DB0B8CF8F5792FF2E622937E6F, 20F78CF502BF4781355CCD5CA44B394200D09115A54973BB17813AF73DFEFD63 ] C:\Windows\System32\igdumd64.dll
    12:16:34.0376 0x1534  C:\Windows\System32\igdumd64.dll - ok
    12:16:34.0376 0x1534  [ 5C3F9DBA818CD93379D1A0F215270374, 6A4D96AC83989D47D80332E41E627F2607A3B2167E1A5D8E21361136C4424633 ] C:\Windows\SysWOW64\esent.dll
    12:16:34.0376 0x1534  C:\Windows\SysWOW64\esent.dll - ok
    12:16:34.0392 0x1534  [ 600A65F922CCDCBB2D11467914241556, 9AE430D8CB346B43073E78886EF765199497F820D3295683167CD7FEBDDEE316 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
    12:16:34.0392 0x1534  C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
    12:16:34.0392 0x1534  [ 53AF1750FD45DDD705C9B68C7DC58827, A379F7B8289DB02FE336EE09D02C9FED9B407DD173AEECAE98B5551FAB9D1CEB ] C:\Windows\SysWOW64\evr.dll
    12:16:34.0392 0x1534  C:\Windows\SysWOW64\evr.dll - ok
    12:16:34.0392 0x1534  [ 81600E2E27ED61427AAD865B9BCDDB9D, 0D7D39C0A5A2C24FAADCA41658A1C62D13180B462C78103BDF6DBD76B64DD79A ] C:\Windows\SysWOW64\msidle.dll
    12:16:34.0392 0x1534  C:\Windows\SysWOW64\msidle.dll - ok
    12:16:34.0392 0x1534  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
    12:16:34.0392 0x1534  C:\Windows\System32\msidle.dll - ok
    12:16:34.0407 0x1534  [ DA2A1D13A569860040472B5DB8BE287D, 5D15E88EE6C81DB76FB2D3B16CEFAE2A586BE78C4B9D2880384A82CA8196BB2E ] C:\Windows\SysWOW64\igdumdx32.dll
    12:16:34.0407 0x1534  C:\Windows\SysWOW64\igdumdx32.dll - ok
    12:16:34.0407 0x1534  [ 6699A112A3BDC9B52338512894EBA9D6, 10888BB9C3799E1E8B010C0F9088CED376AAD63A509FCE1727C457B022CDC717 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
    12:16:34.0407 0x1534  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
    12:16:34.0407 0x1534  [ AC6E6940C8C98EE153D96FFA2CA7B272, FA2E79F75DFB471E84CE6D92D2EC131BD3482B31D3F0D67B562ECA069399EE87 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll
    12:16:34.0407 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll - ok
    12:16:34.0407 0x1534  [ 9174E09AF734124E3A68B862DBF9C706, F13DD5529AE914F15F5FEDC4DBF9AA880ED29566FF01BF8BCD782FE6557CCD1B ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
    12:16:34.0407 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll - ok
    12:16:34.0423 0x1534  [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
    12:16:34.0423 0x1534  C:\Windows\SysWOW64\wlanutil.dll - ok
    12:16:34.0423 0x1534  [ C02AA67276FEE0C15CC4D6D616BDE95E, 24B0FFA2903CC77FEDE6B491647BB759C4AE054E38A19EFA0D2662AC2959570B ] C:\Windows\SysWOW64\WWanAPI.dll
    12:16:34.0423 0x1534  C:\Windows\SysWOW64\WWanAPI.dll - ok
    12:16:34.0423 0x1534  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
    12:16:34.0423 0x1534  C:\Windows\System32\WWanAPI.dll - ok
    12:16:34.0423 0x1534  [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
    12:16:34.0423 0x1534  C:\Windows\SysWOW64\mssprxy.dll - ok
    12:16:34.0438 0x1534  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
    12:16:34.0438 0x1534  C:\Windows\System32\mssprxy.dll - ok
    12:16:34.0438 0x1534  [ 37E7B053C9B47CBC2A6F54CC3C0BC257, 4F27475B9B53D1792F4D75CABC49DF00D270E9C4C860123F9588A9847E7E109A ] C:\Windows\SysWOW64\igdumd32.dll
    12:16:34.0438 0x1534  C:\Windows\SysWOW64\igdumd32.dll - ok
    12:16:34.0438 0x1534  [ F24D69C3F5E98ABEE59ECCB0E2DF820E, E6B4CB7ED9FC8CD2B4237AB2A97BE92558E39965108E8F93B1708346FC2583D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fed86e49fe95761085bf287f901f5b53\System.Configuration.ni.dll
    12:16:34.0438 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fed86e49fe95761085bf287f901f5b53\System.Configuration.ni.dll - ok
    12:16:34.0438 0x1534  [ BA551F659E36FE4FB419E5899279E4EF, 0B506914CAACC34A0EC0818ABC4CE8397E9F5F8D24D2AE7CD2D8B220EBF3FA17 ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libpeerconnection.dll
    12:16:34.0438 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libpeerconnection.dll - ok
    12:16:34.0454 0x1534  [ F2ED6D00921CA138289E5E0CCB9ABF87, 528F249CE0835CA4D8B7C4940F5132DF1155EB344177BEA4CD7FCF9B8DCCCA4B ] C:\Windows\SysWOW64\wwapi.dll
    12:16:34.0454 0x1534  C:\Windows\SysWOW64\wwapi.dll - ok
    12:16:34.0454 0x1534  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
    12:16:34.0454 0x1534  C:\Windows\System32\wwapi.dll - ok
    12:16:34.0454 0x1534  [ 62A6EB5771580CAE445804389F3F7432, CC529625540204E82794E5494C063371BF7A5164823E6C3B2CCAAC030AE4D5AE ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
    12:16:34.0454 0x1534  C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
    12:16:34.0454 0x1534  [ F1C19F0AA151B90A7416FA1D50DDB582, A4AE6B056BF65A12CE5BEDFC3ADE156F088AEAC7196EB5741C9573C64552A7C0 ] C:\Windows\System32\WindowsCodecsExt.dll
    12:16:34.0454 0x1534  C:\Windows\System32\WindowsCodecsExt.dll - ok
    12:16:34.0470 0x1534  [ 02530B0B7E048DD5AC8D52DAEACAEB2B, 2DEB454F8B71EC54C59185E2F1D679F7EC1C7AEFCD1D59761FDD3D70CABE0254 ] C:\Windows\SysWOW64\QAGENT.DLL
    12:16:34.0470 0x1534  C:\Windows\SysWOW64\QAGENT.DLL - ok
    12:16:34.0470 0x1534  [ 77B09C2C6F407531447DA75E3ACD1C5B, A272EFAC23733F6ED987C7599762CADF36BFDA9ECC759118A6DEB46544AD2C68 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    12:16:34.0470 0x1534  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll - ok
    12:16:34.0470 0x1534  [ 5BF8E37FA1E25227480F9CD2ACA21FB6, 58D9A00888AF693B2A5222FE74CFDED32CE83E74F85B474F1CBE5987217B5A9D ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\d3dcompiler_46.dll
    12:16:34.0470 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\d3dcompiler_46.dll - ok
    12:16:34.0470 0x1534  [ 8A1A8C8D8BC9DEA8CF21528AAFDF69AC, C8BBA9D444F305F59AA8F3FBF86002E604869A6F2D30C1B9AB2434FE3719877D ] C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271_0\McChPlg.dll
    12:16:34.0470 0x1534  C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271_0\McChPlg.dll - ok
    12:16:34.0485 0x1534  [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
    12:16:34.0485 0x1534  C:\Windows\System32\QAGENT.DLL - ok
    12:16:34.0485 0x1534  [ 816B681CC308FAA128EDCB90643DCED7, C2C6295F59F00F4D47673C361F1965BA62F9ADF6897A6A0BE224509628A27D7E ] C:\Windows\SysWOW64\icm32.dll
    12:16:34.0485 0x1534  C:\Windows\SysWOW64\icm32.dll - ok
    12:16:34.0485 0x1534  [ 7E2B763CF671ADB558D5F7110889D469, 9B221926165A8C577994D2992B5410BD9699E41BF4B92241624B7C69B5EB8707 ] C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    12:16:34.0485 0x1534  C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL - ok
    12:16:34.0485 0x1534  [ 7B882AEBC5F6DBEA4E0361C0FC3E36D4, 97E18C7997F1394AC5CCA44AC287603B427AC1D55E3C5336B38E8B375B638635 ] C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    12:16:34.0485 0x1534  C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL - ok
    12:16:34.0485 0x1534  [ B63E24E9271E99FD4540E3CA22A937DA, A9E75FBF482C4447E887E5B6EBAD96FE827F0BBD1101F1D8B54EE178D3AEAA7E ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
    12:16:34.0485 0x1534  C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
    12:16:34.0501 0x1534  [ 1D296F090ED401967B30BD2B970DC306, 9D83B54050E7BD6D807E437CFD22FF803D450194ABA4FD0EDEBF27BEC90521AC ] C:\Windows\System32\icm32.dll
    12:16:34.0501 0x1534  C:\Windows\System32\icm32.dll - ok
    12:16:34.0501 0x1534  [ 04ACC61B47857E779CD92D1D88770BF1, 58382244694093F7552BA317890C7A528D26CF2D76A12F684878EA984283C9E4 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    12:16:34.0501 0x1534  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - ok
    12:16:34.0501 0x1534  [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
    12:16:34.0501 0x1534  C:\Windows\System32\en-US\tquery.dll.mui - ok
    12:16:34.0501 0x1534  [ 12395E528456DFE82979ACFEA96D290C, CB2841A419A3051269944C30D29C57EC03E0D1DE6FCFE96C3E9D03D28FF9C7C1 ] C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui
    12:16:34.0501 0x1534  C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui - ok
    12:16:34.0516 0x1534  [ 0647EA3B93A0D321C58639E0E2AB9757, C278C762CBE63023163F3CBA65DDC3CFD8EA330FFF15C7A26F15A074FD188C90 ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
    12:16:34.0516 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll - ok
    12:16:34.0516 0x1534  [ CFAF7B67C78D09D79688AEDCA3D090E2, 5C9939DFE64E9BE7EC4A806EE285F186F0DE3FDB1BE02C4E9BA7D3CB5172B947 ] C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
    12:16:34.0516 0x1534  C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll - ok
    12:16:34.0516 0x1534  [ 2E0BADE9AA58501AF69E39A1D3DB4A19, 4FA2E21C1D073FD4518C19F2D7A280F26767F2867FFF061855FEE13A5291A509 ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
    12:16:34.0516 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll - ok
    12:16:34.0532 0x1534  [ 7AD0860F6C04AD34492A6EDFA81ECAC2, 1CA3C9F1F7EDDCB7A69C60F2676DA236DC1F4E2C0CE639BDBCAF33F385F925F4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\56d7206478a1eb28089a8efbdf921bf2\PresentationFramework.Aero.ni.dll
    12:16:34.0532 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\56d7206478a1eb28089a8efbdf921bf2\PresentationFramework.Aero.ni.dll - ok
    12:16:34.0532 0x1534  [ D27E5A0797194C13A2F879A5B499B9FB, F77E7C4A5E124BAB557AC035A8DF479E0E9E4C7C4103915D09DD27B473A15553 ] C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
    12:16:34.0532 0x1534  C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll - ok
    12:16:34.0532 0x1534  [ C7494C67A6BF6FE914808E42F8265FEF, 3A3871983F2D9A57739C70365DC3F417D9BF02F5C0C4CC3272EA9F3D380EF962 ] C:\Program Files\Windows Media Player\wmpnssci.dll
    12:16:34.0532 0x1534  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
    12:16:34.0532 0x1534  [ 7EF7E4C1325D533F5186E7118ABB0E7C, 9D1E46B958D76D4CCE2836E407B0BEAAC5E3B3ED7EA8B5D70BBCFB10EF6D2182 ] C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
    12:16:34.0532 0x1534  C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll - ok
    12:16:34.0532 0x1534  [ 4BF70B35B943BD73BD6E13EB7C1BA4B3, 5450EC4B012401A06A78F92F69530BA720405B4D1A0BBD271C41E911C55803EC ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
    12:16:34.0532 0x1534  C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - ok
    12:16:34.0548 0x1534  [ 1957D49A9613FAAD1C73B508CCE02AA5, F370EB20189060F10342D09A76C585A708C3BCDFEBE3853A3C07BAAF0547AB10 ] C:\Windows\SysWOW64\wmp.dll
    12:16:34.0548 0x1534  C:\Windows\SysWOW64\wmp.dll - ok
    12:16:34.0548 0x1534  [ 0FBC74AA20FE0AE6884279F893169C60, 28BA0F83ECA708776E295E3A43CFACA8CD3345AADE2129C75AB858C70B349A7B ] C:\Windows\SysWOW64\wmploc.DLL
    12:16:34.0548 0x1534  C:\Windows\SysWOW64\wmploc.DLL - ok
    12:16:34.0548 0x1534  [ 420D2B68CF40241F56FF2203032402DB, 35764760A41E046E044DB45CE1D46ECC7D4DB135F87FA31A2CE53FDE536534CC ] C:\PROGRA~2\McAfee\MSC\NPMCSN~1.DLL
    12:16:34.0548 0x1534  C:\PROGRA~2\McAfee\MSC\NPMCSN~1.DLL - ok
    12:16:34.0548 0x1534  [ 4C0989878EB9DF67C42A7CD42713451E, 930A2C1614F1ED4077AEF47F34EF21ABE30EE523BB6F752093432B972E3BDF1C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\868d117286ad259249f31d3fe813d39a\System.Drawing.ni.dll
    12:16:34.0548 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\868d117286ad259249f31d3fe813d39a\System.Drawing.ni.dll - ok
    12:16:34.0563 0x1534  [ 9DF7A7C74D8632CB5EBD37E3A374825E, 7D53BA04D7508C14BD5D72F4E931C6C7563ABE9795B148EB460465D0ADA4B924 ] C:\Windows\SysWOW64\webcheck.dll
    12:16:34.0563 0x1534  C:\Windows\SysWOW64\webcheck.dll - ok
    12:16:34.0563 0x1534  [ 13337A3FB17F2242487FD45488ED0485, C174F8652118876494336AB88A65D594E0E6CCBAB20CC6BA08E6B253855A01CA ] C:\Windows\SysWOW64\vssapi.dll
    12:16:34.0563 0x1534  C:\Windows\SysWOW64\vssapi.dll - ok
    12:16:34.0563 0x1534  [ BC0D4AFBE94D8E1F81C8926D805C3366, 05734F888CEC5CCA81B81C959EF11C6D32740A512C785D42A497CC09C23796C9 ] C:\Windows\System32\webcheck.dll
    12:16:34.0563 0x1534  C:\Windows\System32\webcheck.dll - ok
    12:16:34.0563 0x1534  [ B940289C83121046BD6A60ACC6028593, EBD1C2C0A8EBB201924536AB5C6E032C12B9E081A153CC079748E1D6D625F0DF ] C:\Windows\SysWOW64\vsstrace.dll
    12:16:34.0563 0x1534  C:\Windows\SysWOW64\vsstrace.dll - ok
    12:16:34.0579 0x1534  [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1F25539B2299752 ] C:\Windows\SysWOW64\mlang.dll
    12:16:34.0579 0x1534  C:\Windows\SysWOW64\mlang.dll - ok
    12:16:34.0579 0x1534  [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
    12:16:34.0579 0x1534  C:\Windows\System32\mlang.dll - ok
    12:16:34.0579 0x1534  [ 5893EBDCE371174AC89ECD7731DD6D77, 31CC55F4724CFD95E48954B38C0A04D674399FD243083A816893ED5E5A770086 ] C:\Windows\SysWOW64\pcwum.dll
    12:16:34.0579 0x1534  C:\Windows\SysWOW64\pcwum.dll - ok
    12:16:34.0579 0x1534  [ 2DDEA2C345DA5BC589EFD398F220DB0E, B515B15BE7CB66F94B7A9B802719DAF7D50E1FE2832B66B6883AC0023060800D ] C:\Windows\SysWOW64\SyncCenter.dll
    12:16:34.0579 0x1534  C:\Windows\SysWOW64\SyncCenter.dll - ok
    12:16:34.0594 0x1534  [ E1AC89F6C5252057E6062843E36A6701, 32BE52836F2A011D46957AD60ABA48986B87026FD50ED09D8495460C7F1AB23E ] C:\Windows\SysWOW64\SearchProtocolHost.exe
    12:16:34.0594 0x1534  C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
    12:16:34.0594 0x1534  [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
    12:16:34.0594 0x1534  C:\Windows\System32\SyncCenter.dll - ok
    12:16:34.0594 0x1534  [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
    12:16:34.0594 0x1534  C:\Windows\System32\SearchProtocolHost.exe - ok
    12:16:34.0594 0x1534  [ A5D237B8673025B052C0E6FDB6A883E8, 0DAE34965C08F7450938A5145D2B53C68AA917744B8C6FCB130A35C03C5CEF6F ] C:\Windows\SysWOW64\msshooks.dll
    12:16:34.0594 0x1534  C:\Windows\SysWOW64\msshooks.dll - ok
    12:16:34.0594 0x1534  [ 579ED0A15D98941EB4D1CB59517E47C3, 9ACD99E335ECDCA630C48AE11517BC7A59CBDF8B4445A029274255C1107BCFA6 ] C:\Program Files (x86)\McAfee\SiteAdvisor\mcbrwctl.dll
    12:16:34.0594 0x1534  C:\Program Files (x86)\McAfee\SiteAdvisor\mcbrwctl.dll - ok
    12:16:34.0610 0x1534  [ 2D11BC8B460957E62E4420373A0D8BDA, 56105E84333998D43DFCDA9E8A4D70EAC43076CFF8389B2E525EC5C3017DC5FD ] C:\Windows\SysWOW64\imapi2.dll
    12:16:34.0610 0x1534  C:\Windows\SysWOW64\imapi2.dll - ok
    12:16:34.0610 0x1534  [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
    12:16:34.0610 0x1534  C:\Windows\System32\imapi2.dll - ok
    12:16:34.0610 0x1534  [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
    12:16:34.0610 0x1534  C:\Windows\System32\msshooks.dll - ok
    12:16:34.0610 0x1534  [ A6CD6B3F71E13E2E45B727FB8A47EA87, 4D84F6B03185DA961543ADFB927CBC17A1A9F216AC24E9A9228780AD7DD0222E ] C:\Windows\SysWOW64\SearchFilterHost.exe
    12:16:34.0610 0x1534  C:\Windows\SysWOW64\SearchFilterHost.exe - ok
    12:16:34.0610 0x1534  [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AAE9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
    12:16:34.0610 0x1534  C:\Windows\System32\SearchFilterHost.exe - ok
    12:16:34.0626 0x1534  [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
    12:16:34.0626 0x1534  C:\Windows\System32\wsock32.dll - ok
    12:16:34.0626 0x1534  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
    12:16:34.0626 0x1534  C:\Windows\SysWOW64\wsock32.dll - ok
    12:16:34.0626 0x1534  [ 5CF15474FFDB5005E54958DF6EDD97AB, D4DBB3AACBB7679948258FFC53472FE8B5D0B3EC06D572EE2BDBF45CE608D86D ] C:\Windows\SysWOW64\wmdrmdev.dll
    12:16:34.0626 0x1534  C:\Windows\SysWOW64\wmdrmdev.dll - ok
    12:16:34.0626 0x1534  [ 423982DD851406A52B6399DDB196C606, 5FFBA6D1E9398E7C5D18553EE1C485F59174013622332F7BD8D461F707F1EC93 ] C:\Windows\System32\wmdrmdev.dll
    12:16:34.0626 0x1534  C:\Windows\System32\wmdrmdev.dll - ok
    12:16:34.0641 0x1534  [ 47D052D9EE1FD3BA2A55D13F61E3EF24, 8DB44BA6FC0C49039F3E95D6137CFFF9EE0E0B24CA4E25342B7EFA897737DFAC ] C:\Windows\SysWOW64\drmv2clt.dll
    12:16:34.0641 0x1534  C:\Windows\SysWOW64\drmv2clt.dll - ok
    12:16:34.0641 0x1534  [ 2C1055E2C6D42753241FB2A129136994, A8E858B4CB8E1E13C7574330C703E0060AEE8B7B19B682F9AE5B4A02BDC659E2 ] C:\Windows\System32\drmv2clt.dll
    12:16:34.0641 0x1534  C:\Windows\System32\drmv2clt.dll - ok
    12:16:34.0641 0x1534  [ C7952D0A4C43A965A1741916BB134751, 84EF222159E8C444A1D9D2E6509245716E4106C8032861DBFF399001A529BF94 ] C:\Windows\SysWOW64\hgcpl.dll
    12:16:34.0641 0x1534  C:\Windows\SysWOW64\hgcpl.dll - ok
    12:16:34.0641 0x1534  [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
    12:16:34.0641 0x1534  C:\Windows\System32\hgcpl.dll - ok
    12:16:34.0657 0x1534  [ DB67C7C62038BDE813CB6486581A7611, DC0ACAA2795BBF4C8C35CE9DD9C14636ACFD94296CDC103696B64357CC2C84BB ] C:\Windows\SysWOW64\mssph.dll
    12:16:34.0657 0x1534  C:\Windows\SysWOW64\mssph.dll - ok
    12:16:34.0657 0x1534  [ 48041BAEB60CE5F34F13CC2A1361E49C, AF82355A4C0D872F1F45261381C23C1510C2C77DD5F040B706FD7A3D63D4BAA4 ] C:\Windows\System32\mssph.dll
    12:16:34.0657 0x1534  C:\Windows\System32\mssph.dll - ok
    12:16:34.0657 0x1534  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] C:\Windows\SysWOW64\provsvc.dll
    12:16:34.0657 0x1534  C:\Windows\SysWOW64\provsvc.dll - ok
    12:16:34.0657 0x1534  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] C:\Windows\System32\fdPHost.dll
    12:16:34.0657 0x1534  C:\Windows\System32\fdPHost.dll - ok
    12:16:34.0657 0x1534  [ DE6F4B7E62FDE776F3DE8E5FB5A05C48, 703587D10434C1D6755E5F17EB2110433A506E51ECC5329E2CCA0B8380C455EC ] C:\Windows\SysWOW64\fdWSD.dll
    12:16:34.0657 0x1534  C:\Windows\SysWOW64\fdWSD.dll - ok
    12:16:34.0672 0x1534  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
    12:16:34.0672 0x1534  C:\Windows\System32\FDResPub.dll - ok
    12:16:34.0672 0x1534  [ 171D7DB433314A868507C4326E8209DC, 254E0D9F99CE47104CF21D8E968D89D6A09B9CE47168E760BAB28AD5A1E9E6A3 ] C:\Windows\System32\fdWSD.dll
    12:16:34.0672 0x1534  C:\Windows\System32\fdWSD.dll - ok
    12:16:34.0672 0x1534  [ 73F6C5223F7E9B5780DD4A6C30FCF569, 121A361A572EFC6AC964300DA93BF28DC11E55DDCA29A7C6E6FD12955FBA68B8 ] C:\Windows\SysWOW64\WSDApi.dll
    12:16:34.0672 0x1534  C:\Windows\SysWOW64\WSDApi.dll - ok
    12:16:34.0672 0x1534  [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6, 4F40D5CCE264290C8DD73A5766062A55ED4CF77D8F6B59D453DDB6F88B640D7E ] C:\Windows\SysWOW64\mapi32.dll
    12:16:34.0672 0x1534  C:\Windows\SysWOW64\mapi32.dll - ok
    12:16:34.0688 0x1534  [ DB846EECA70EE9D2E2FF31147C57B0F4, 1086310477697F43EB156314804B7E9100E04966EF3934F9F5E37112C5129954 ] C:\Windows\SysWOW64\webservices.dll
    12:16:34.0688 0x1534  C:\Windows\SysWOW64\webservices.dll - ok
    12:16:34.0688 0x1534  [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
    12:16:34.0688 0x1534  C:\Windows\System32\mapi32.dll - ok
    12:16:34.0688 0x1534  [ 674611721264013DB169EC12AFC9C3B6, 7BC2791EF2239483F1F71A7F0F53E59002F5A1297A39BE3AF51CA34FFCE2CE24 ] C:\Windows\SysWOW64\fdSSDP.dll
    12:16:34.0688 0x1534  C:\Windows\SysWOW64\fdSSDP.dll - ok
    12:16:34.0688 0x1534  [ A2E5B2D20954210DCE1A75A1FC8CC36D, 1EA240AC37ECA4EC3E542F9E6DF72753EBA1DF76CBA8691EC61ABCC51EE6FCB2 ] C:\Windows\System32\fdSSDP.dll
    12:16:34.0688 0x1534  C:\Windows\System32\fdSSDP.dll - ok
    12:16:34.0688 0x1534  [ 89D90579E5FB1469CB0464F6512E42B7, 0E85C6935FEAA219C923FF63D17F7C3AF72FF5028E0FF95B66092C6DF64C665C ] C:\Windows\SysWOW64\fundisc.dll
    12:16:34.0688 0x1534  C:\Windows\SysWOW64\fundisc.dll - ok
    12:16:34.0704 0x1534  [ 28E2231BD34A39C854BDF3923AB2FF86, A95179068F7B86E04F976B724F155DA86253B7F4414F43DBD95F2058282B99E4 ] C:\Windows\SysWOW64\ssdpapi.dll
    12:16:34.0704 0x1534  C:\Windows\SysWOW64\ssdpapi.dll - ok
    12:16:34.0704 0x1534  [ 8CD1DEE212E52B9C22E66DBA44991D32, 7FCD0E7964368616434E3B3B080E783658B86524C26F3DB57503414204713E6D ] C:\Windows\SysWOW64\httpapi.dll
    12:16:34.0704 0x1534  C:\Windows\SysWOW64\httpapi.dll - ok
    12:16:34.0704 0x1534  [ EA2B00551F3E7B3D5F7FB730A55F8246, E45CD49CE2D3FF1F3CDB116F8F18EFB09A575021480E45CF9650C837D72272DC ] C:\Windows\SysWOW64\blackbox.dll
    12:16:34.0704 0x1534  C:\Windows\SysWOW64\blackbox.dll - ok
    12:16:34.0704 0x1534  [ 97A891E2BF7FDA830BCFC6269DA3F5E9, 7C8D68F0B0A7E4FF93820CC37D666FBA5400F8689860CFEB215E4A204F2C216B ] C:\Windows\System32\blackbox.dll
    12:16:34.0704 0x1534  C:\Windows\System32\blackbox.dll - ok
    12:16:34.0719 0x1534  [ 2A436796758BF2555A26C770FE8A6FEE, 9E42AF3A3CB05E323CBB7F93FE7C454CD251672C5D9F5E94909131A5D8F9204A ] C:\Windows\System32\fdProxy.dll
    12:16:34.0719 0x1534  C:\Windows\System32\fdProxy.dll - ok
    12:16:34.0719 0x1534  [ 3FF0FA0A81910617739644A06D06D016, 6B6828E06332805FDA887ED181464FD11A16F49ACADE2856F3CF69E98D81DEDB ] C:\Windows\SysWOW64\fdProxy.dll
    12:16:34.0719 0x1534  C:\Windows\SysWOW64\fdProxy.dll - ok
    12:16:34.0719 0x1534  [ 954EA9B34F155C844B11F4047A8F6F89, 44703118AE57D44C802DFA5619DC1CA55C5C046D666CE546E5870D722786E395 ] C:\Windows\SysWOW64\upnp.dll
    12:16:34.0719 0x1534  C:\Windows\SysWOW64\upnp.dll - ok
    12:16:34.0719 0x1534  [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
    12:16:34.0719 0x1534  C:\Windows\System32\upnp.dll - ok
    12:16:34.0719 0x1534  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
    12:16:34.0719 0x1534  C:\Windows\System32\ssdpsrv.dll - ok
    12:16:34.0735 0x1534  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] C:\Windows\System32\ListSvc.dll
    12:16:34.0735 0x1534  C:\Windows\System32\ListSvc.dll - ok
    12:16:34.0735 0x1534  [ 08DF1B8C9C0754A7069E80A986373F52, 7397FDE63A8F3644784C4F9181EEDF80A8A0F824524C619B8795B8F97A8101EC ] C:\Windows\SysWOW64\P2P.dll
    12:16:34.0735 0x1534  C:\Windows\SysWOW64\P2P.dll - ok
    12:16:34.0735 0x1534  [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
    12:16:34.0735 0x1534  C:\Windows\SysWOW64\sxs.dll - ok
    12:16:34.0735 0x1534  [ B6411CED931AFD059E48C52DBFBA95B4, 4E275A691E6A1C07D72DC8DA16B58B6634286A5058C3F4AC0ABD92B9A57FB5D5 ] C:\Windows\System32\P2P.dll
    12:16:34.0735 0x1534  C:\Windows\System32\P2P.dll - ok
    12:16:34.0735 0x1534  [ 4A82EA2807B16FF577AEAF8ADB8779FF, C7F9A45FF80DFDE804D81BEE23C748A465AEB729DF2C9E327374CDD94E300547 ] C:\Windows\System32\IdListen.dll
    12:16:34.0735 0x1534  C:\Windows\System32\IdListen.dll - ok
    12:16:34.0750 0x1534  [ 1B0EC94520CAB89A9CE1B2DA405166AF, 129102C98C8B3D403C85604C9A2AFC0471CDB1212FD2C5487D73FC089FC88F0C ] C:\Windows\SysWOW64\p2pcollab.dll
    12:16:34.0750 0x1534  C:\Windows\SysWOW64\p2pcollab.dll - ok
    12:16:34.0750 0x1534  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
    12:16:34.0750 0x1534  C:\Windows\System32\p2pcollab.dll - ok
    12:16:34.0750 0x1534  [ A0524499F4C63CADA7E1529FC77F5DC1, DCAF3C89B7363139EB128C6240CA2B301090BF18C57688B0990FC2BBF680752F ] C:\Windows\System32\hgprint.dll
    12:16:34.0750 0x1534  C:\Windows\System32\hgprint.dll - ok
    12:16:34.0750 0x1534  [ 1EB82516F21F27EED1833B4F9FD9614E, 601A529EB775D0034C9F98755AA9E9191D546BCF4A7493D08294649120E96C52 ] C:\Windows\System32\wmp.dll
    12:16:34.0750 0x1534  C:\Windows\System32\wmp.dll - ok
    12:16:34.0750 0x1534  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] C:\Windows\System32\pnrpsvc.dll
    12:16:34.0750 0x1534  C:\Windows\System32\pnrpsvc.dll - ok
    12:16:34.0750 0x1534  [ CE292C4C10B8DB6070F262EA2733F0DC, 0A685263DA0277F2D215C4C22BF39E2F869B632B42B8C992E068129F57177BE1 ] C:\Windows\SysWOW64\sqmapi.dll
    12:16:34.0766 0x1534  C:\Windows\SysWOW64\sqmapi.dll - ok
    12:16:34.0766 0x1534  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
    12:16:34.0766 0x1534  C:\Windows\System32\QAGENTRT.DLL - ok
    12:16:34.0766 0x1534  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
    12:16:34.0766 0x1534  C:\Windows\System32\fveui.dll - ok
    12:16:34.0766 0x1534  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] C:\Windows\System32\p2psvc.dll
    12:16:34.0766 0x1534  C:\Windows\System32\p2psvc.dll - ok
    12:16:34.0766 0x1534  [ 1372E8E8FD066002131E3D509275E697, 7CAFCFAFB6DF16CBE88104C4146988AAC1824D9CAA8EE63A7D91092F36BA1313 ] C:\Windows\SysWOW64\P2PGraph.dll
    12:16:34.0766 0x1534  C:\Windows\SysWOW64\P2PGraph.dll - ok
    12:16:34.0782 0x1534  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1, 13E0350F82C61ED03E9A09FF991610EEDA214B2EBAF042396F29D3D49A6298A9 ] C:\Windows\System32\P2PGraph.dll
    12:16:34.0782 0x1534  C:\Windows\System32\P2PGraph.dll - ok
    12:16:34.0782 0x1534  [ E19AD0D49BFF5938B3E374873AC174DE, 4D66BC57AC6FB03B9FC9A554CB039FAA8460CDA9D25C078AE9421A9648809566 ] C:\Windows\System32\wmploc.DLL
    12:16:34.0782 0x1534  C:\Windows\System32\wmploc.DLL - ok
    12:16:34.0782 0x1534  [ F479C4B55B70A27E509113273DC1E67B, 8AB8B400E1D012A872DF8B99523D7B8654A4C1A631B66698E1A6020574FD5BBD ] C:\Program Files\Internet Explorer\ieproxy.dll
    12:16:34.0782 0x1534  C:\Program Files\Internet Explorer\ieproxy.dll - ok
    12:16:34.0782 0x1534  [ 3F2B83695E5BF11930C16AF50E991F96, 339535078CDDEF3B0C7C749E7C53634C3B1C7FF18E808F118E1DF36D748A6E15 ] C:\Windows\SysWOW64\wmpps.dll
    12:16:34.0782 0x1534  C:\Windows\SysWOW64\wmpps.dll - ok
    12:16:34.0797 0x1534  [ 355A138ABDFD43FBABCAE3A1B06AB93D, 26015CE72D27E2F7FA7322203CDF236896A079F8325F1B24975CA12C57FD4B7B ] C:\Windows\System32\wmpps.dll
    12:16:34.0797 0x1534  C:\Windows\System32\wmpps.dll - ok
    12:16:34.0797 0x1534  [ 7B97346CE563B74BBCC120FC83E5A6D9, 03D8BE3F69A02EF22C50365A236CCD56D3A53580B332D1AF51B5560FCB7CD7FD ] C:\Windows\SysWOW64\wmpmde.dll
    12:16:34.0797 0x1534  C:\Windows\SysWOW64\wmpmde.dll - ok
    12:16:34.0797 0x1534  [ F149E8CAE538DBF7059B00326673F602, 8B576A68AE43B506D0C7E91C63E8EF1DB9E73F0E87E48CF57086BCE51E5F8C36 ] C:\Windows\System32\wmpmde.dll
    12:16:34.0797 0x1534  C:\Windows\System32\wmpmde.dll - ok
    12:16:34.0797 0x1534  [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E, B1F7FCDA2C8D81CB3661F014745E00423CDDA99AD7909C7BB52DBFA414F2F23D ] C:\Windows\SysWOW64\WinSATAPI.dll
    12:16:34.0797 0x1534  C:\Windows\SysWOW64\WinSATAPI.dll - ok
    12:16:34.0813 0x1534  [ 021287C2050FD5DB4A8B084E2C38139C, EA27C640FE0F1E8BAE70BEF98E663E68A35336BB6D52D56B2367297D22C50648 ] C:\Windows\System32\WinSATAPI.dll
    12:16:34.0813 0x1534  C:\Windows\System32\WinSATAPI.dll - ok
    12:16:34.0813 0x1534  [ 66C87DB880052104808507D6FA84D68E, 46BD5C16225B3D0BF786FDA6461CE9A549DAA9FA38C8BDADAA0AF08FA6A24260 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    12:16:34.0813 0x1534  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
    12:16:34.0813 0x1534  [ CBBD4D79EEC3EF5A4ADAE9697944C6B9, 5A642C6C384E69F4B25FFF250EFC8ED4FC6398132C811CBA8B5144F20F0CC621 ] C:\Windows\SysWOW64\MSMPEG2ENC.DLL
    12:16:34.0813 0x1534  C:\Windows\SysWOW64\MSMPEG2ENC.DLL - ok
    12:16:34.0813 0x1534  [ 28A7D7C7E2FDD1D55F12F750CD6331EC, 0CC0159D3F5682307439D8F3651A080430C7EAB8EFA25BA246AADF4665297E8D ] C:\Windows\System32\MSMPEG2ENC.DLL
    12:16:34.0813 0x1534  C:\Windows\System32\MSMPEG2ENC.DLL - ok
    12:16:34.0813 0x1534  [ 46767946E7B559D981C1DC04EC0AB36F, 69137AA9AEF9727FFD1B65AA4D658C6E8AAD3A062717B447260502B4D7DB90C6 ] C:\Windows\System32\devenum.dll
    12:16:34.0813 0x1534  C:\Windows\System32\devenum.dll - ok
    12:16:34.0828 0x1534  [ 558C42D165DB5799B4072DC0A9C27C0B, 2385E16ACF07252D5567EC091C1B39D39BB8199F60854D5A91EDC948C57B3A3F ] C:\Windows\System32\msdmo.dll
    12:16:34.0828 0x1534  C:\Windows\System32\msdmo.dll - ok
    12:16:34.0828 0x1534  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] C:\Windows\SysWOW64\upnphost.dll
    12:16:34.0828 0x1534  C:\Windows\SysWOW64\upnphost.dll - ok
    12:16:34.0828 0x1534  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] C:\Windows\System32\upnphost.dll
    12:16:34.0828 0x1534  C:\Windows\System32\upnphost.dll - ok
    12:16:34.0828 0x1534  [ D5E18BA95F9E7D787D25EF07AC68603E, 6027EB54D0637DBD614E670D076EEAFC8422034AB1E0AE82C2BBA7983F886022 ] C:\Windows\SysWOW64\tzres.dll
    12:16:34.0828 0x1534  C:\Windows\SysWOW64\tzres.dll - ok
    12:16:34.0828 0x1534  [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
    12:16:34.0828 0x1534  C:\Windows\SysWOW64\logoncli.dll - ok
    12:16:34.0828 0x1534  [ 72910F1DEB838E6E08A9017BFB7D4F0B, A2EAE06069778605765ECB4734760BA296707ED6E166F85F31603F5D79ACC125 ] C:\Windows\SysWOW64\browcli.dll
    12:16:34.0828 0x1534  C:\Windows\SysWOW64\browcli.dll - ok
    12:16:34.0844 0x1534  [ A42E7748BE906434C5FD17161D168C20, 883A263ED30F9D83A788C484FE61BDB3A518FE489CF97DA4AE9599A8E39E6AE7 ] C:\Windows\SysWOW64\schedcli.dll
    12:16:34.0844 0x1534  C:\Windows\SysWOW64\schedcli.dll - ok
    12:16:34.0844 0x1534  [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
    12:16:34.0844 0x1534  C:\Windows\System32\wbem\wmiprov.dll - ok
    12:16:34.0844 0x1534  [ 3D3CBD1847F980FB03343A63671E7886, 6FCC7D869106DFF85B251C1593E2DA2C165D71F854ED32360FC7DB16327AF663 ] C:\Windows\SysWOW64\schannel.dll
    12:16:34.0844 0x1534  C:\Windows\SysWOW64\schannel.dll - ok
    12:16:34.0844 0x1534  [ 99B9343280AF6A4C0F27CF2E28E94BBF, 0E29E05E893B2516A1BB5B1D5B7AC91BB55E2B5D463C8C50765328C10BCEA67E ] C:\Windows\SysWOW64\dssenh.dll
    12:16:34.0844 0x1534  C:\Windows\SysWOW64\dssenh.dll - ok
    12:16:34.0844 0x1534  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
    12:16:34.0844 0x1534  C:\Windows\System32\dssenh.dll - ok
    12:16:34.0860 0x1534  [ AA3B91B70E79BCE70AD3B190789B9574, BEA5C6921C0B5A680CC3A5BA1AAD1C365F38C6FA7F80BC93475FFD2AA26F710A ] C:\Windows\SysWOW64\drttransport.dll
    12:16:34.0860 0x1534  C:\Windows\SysWOW64\drttransport.dll - ok
    12:16:34.0860 0x1534  [ 2E7ADF9B0389CD94605717784D7E416A, A8E478A2FAE9013921B41E8929F92006AC17B7961FA60D807E9BA6C1C66E1DC6 ] C:\Windows\System32\drttransport.dll
    12:16:34.0860 0x1534  C:\Windows\System32\drttransport.dll - ok
    12:16:34.0860 0x1534  [ EE29FCC244C8033E2F748D863DCBF378, 406C5EB8FD274588ADC54C07B56DCAEEB21D3C8E38B84BB9B9CFF14629CA7196 ] C:\Windows\SysWOW64\drt.dll
    12:16:34.0860 0x1534  C:\Windows\SysWOW64\drt.dll - ok
    12:16:34.0860 0x1534  [ C57BC99A4467B3E8F1CC2184A3F46729, 5DF1CFE59E597CEC6E6C1C3945D5FA4DE487E811F08D4E1A6ACC83932D5FDB42 ] C:\Windows\System32\drt.dll
    12:16:34.0860 0x1534  C:\Windows\System32\drt.dll - ok
    12:16:34.0860 0x1534  [ 347AAE83C7C7B787CED89544532AA47D, AA399FEEA6F20D41B393DE7FD5AD4D71EB5B861736A0BFF0946659DF58019ADC ] C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    12:16:34.0860 0x1534  C:\Windows\SysWOW64\PhotoMetadataHandler.dll - ok
    12:16:34.0860 0x1534  [ FC3001B4B9DF50B61F3CCA615759EFE7, 9AAE3665AD2893E7DB41965D430A7230B826AC4580603F20102E21C19C15535F ] C:\Windows\System32\PhotoMetadataHandler.dll
    12:16:34.0860 0x1534  C:\Windows\System32\PhotoMetadataHandler.dll - ok
    12:16:34.0875 0x1534  [ 7B3C85FF0BB3F7557D724CC395D99CA9, A76B5853056F416D5D8249DC941C8C67EE2545067949316197C0DFF463B2A161 ] C:\Program Files\McAfee\MSK\MskSet64.dll
    12:16:34.0875 0x1534  C:\Program Files\McAfee\MSK\MskSet64.dll - ok
    12:16:34.0875 0x1534  [ 181F69BC9C406B7FB5C0ADE8031630AC, 4625B362246EC092B4162836BBD4A1748BA2698FC49CAD634A01377FC1BDA29C ] C:\Windows\SysWOW64\wpdshext.dll
    12:16:34.0875 0x1534  C:\Windows\SysWOW64\wpdshext.dll - ok
    12:16:34.0875 0x1534  [ 4715F8F8CDBFFF2728BA38B789A1D7C7, 70E6F51636CFF04FCB5AD95968AC4771BEFE2D205DB7E34681F02DBE24C9CF39 ] C:\Windows\System32\wpdshext.dll
    12:16:34.0875 0x1534  C:\Windows\System32\wpdshext.dll - ok
    12:16:34.0875 0x1534  [ 1060D60CCA69A8136A87DBE3C8F4A467, EA246BD5EBA5C593A6D1CB8A300CCA13E575A2E1DF79BCD524B4C84866E4BE8D ] C:\Windows\SysWOW64\EhStorAPI.dll
    12:16:34.0875 0x1534  C:\Windows\SysWOW64\EhStorAPI.dll - ok
    12:16:34.0875 0x1534  [ 03AB2A2E426C2AD400AC8315226347F8, 71B2628163471D3D8C5681CA7BBAFC03C6EAA499707513FDBDEC009F0EB32E77 ] C:\Windows\System32\EhStorAPI.dll
    12:16:34.0875 0x1534  C:\Windows\System32\EhStorAPI.dll - ok
    12:16:34.0891 0x1534  [ 6814DA69C1D954925FEDD91CD6314BF2, 9A4491ABE5938F16D65F43AFACB6512D020E8BAA7F885CA2B35DF2C7CE16D349 ] C:\Program Files\McAfee\MAT\McPvNs.dll
    12:16:34.0891 0x1534  C:\Program Files\McAfee\MAT\McPvNs.dll - ok
    12:16:34.0891 0x1534  [ C4EC41521747215FB1B40E0DBC1C406F, 1D392411CD42FF931DA78205E077983E7EDD85C2837FEB317F0401E4F3A13C40 ] C:\Program Files\McAfee\MAT\McPvTray.exe
    12:16:34.0891 0x1534  C:\Program Files\McAfee\MAT\McPvTray.exe - ok
    12:16:34.0891 0x1534  [ C6AD58F898AD236AD37082D6A2D6C3AC, 4C8C3A3268D0B362A3B2F56F2A0599FE7E8E9A7401DA9B6588A7F9B765D56B1B ] C:\Program Files\McAfee\MAT\mcoemres.dll
    12:16:34.0891 0x1534  C:\Program Files\McAfee\MAT\mcoemres.dll - ok
    12:16:34.0891 0x1534  [ D589442A744905D058CF704BA7114107, E6848DB6F30B985EDB5AE69ED8DD43DDA7C6601C1315F87FD7A4AAE1CD4C8296 ] C:\Program Files\McAfee\MAT\MpvRes.dll
    12:16:34.0891 0x1534  C:\Program Files\McAfee\MAT\MpvRes.dll - ok
    12:16:34.0891 0x1534  [ D0FE2EFA070A9FE29F79CFF5ACFC5066, 040DC33A8456E90F9B5795A40253707AC3B653FE3FFDDEDECA09D9C788F146AA ] C:\Program Files\McAfee\MAT\McPvKbePwd.dll
    12:16:34.0891 0x1534  C:\Program Files\McAfee\MAT\McPvKbePwd.dll - ok
    12:16:34.0906 0x1534  [ A740C307FAE6AFFE9566408A153D539C, D9D63E35143FB821DC9FF93321167D94F7147DEF337C2CEB0CE90812F61D5B2B ] C:\Program Files\McAfee\MAT\McPvKbeQa.dll
    12:16:34.0906 0x1534  C:\Program Files\McAfee\MAT\McPvKbeQa.dll - ok
    12:16:34.0906 0x1534  [ CE7803953FE7314061B3F9188D310EB2, 75078CCE3A7277B5B60E806FA000FC437C4B06E2AD80EAB5BC99C8960810F295 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui
    12:16:34.0906 0x1534  C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok
    12:16:34.0906 0x1534  [ A45CB10FC8C4DCA23F96FE4D334F64FE, B4E35A767D5D505E1AF22E37C7BA878B05395D576FE52F40DC1CD796B14D91FC ] C:\Windows\SysWOW64\msxml3r.dll
    12:16:34.0906 0x1534  C:\Windows\SysWOW64\msxml3r.dll - ok
    12:16:34.0906 0x1534  [ 6A1E8DEB746912DF47CF651E138401D7, F0DEEBAB4B1827A502B05F5C18E0A7480C3C8EDDAB306575AC40FD7048827FC4 ] C:\Windows\SysWOW64\StructuredQuery.dll
    12:16:34.0906 0x1534  C:\Windows\SysWOW64\StructuredQuery.dll - ok
    12:16:34.0906 0x1534  [ 4E81439902079C348B61D7FF027FE147, E652C9EC77745504689532B3C394959F9B5BC29E9C008CB9EE09CDA818514FA9 ] C:\Windows\System32\StructuredQuery.dll
    12:16:34.0906 0x1534  C:\Windows\System32\StructuredQuery.dll - ok
    12:16:34.0922 0x1534  [ 130AF0A1563E379DA691C4147211C27A, A4C3A4A566B94A8B3CEA6680EBDB1F8D52FD8547E03885C2EB7C464EE9B541C8 ] C:\Program Files\McAfee\MAT\MCPvInst64.dll
    12:16:34.0922 0x1534  C:\Program Files\McAfee\MAT\MCPvInst64.dll - ok
    12:16:34.0922 0x1534  [ 55ED435133E38C699D367FB10CD03147, B810A1C4195779BC37E2F3DEBD0C493220BB025E3EE32A8AF977044CA056E332 ] C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe
    12:16:34.0922 0x1534  C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe - ok
    12:16:34.0922 0x1534  [ 2628D15A98475A431F24061E1638EB34, 1E47F9D39FF10B75AC794A1416A24613326C063708174B79FD62A0F68393E296 ] C:\Program Files\HP\HP Officejet 4620 series\Bin\HP Officejet 4620 series.exe
    12:16:34.0922 0x1534  C:\Program Files\HP\HP Officejet 4620 series\Bin\HP Officejet 4620 series.exe - ok
    12:16:34.0922 0x1534  [ 5A52640F7254F798DB93A1C911DDF2F7, 4355C756CB321A83DA163962B07551BEF9B23E8F13C96623A6ACC501EA8C75BF ] C:\Program Files\HP\HP Officejet 4620 series\Bin\hpqDTSS.exe
    12:16:34.0922 0x1534  C:\Program Files\HP\HP Officejet 4620 series\Bin\hpqDTSS.exe - ok
    12:16:34.0922 0x1534  [ 458F4590F80563EB2A0A72709BFC2BD9, FF923C051AE380BF30D749EBE9CF310CCAB6572D84EB81B76FB1012BCBDF557F ] C:\Windows\System32\mspaint.exe
    12:16:34.0922 0x1534  C:\Windows\System32\mspaint.exe - ok
    12:16:34.0922 0x1534  [ C7CA74A7F624E8F57F3D62D9B59CC0FB, 1E83C1A2F6F2B7080C7FEFCCFF1FDE4BB14AA8A57E851817C92A6F1C946CA17A ] C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
    12:16:34.0922 0x1534  C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe - ok
    12:16:34.0938 0x1534  [ 5BD139C550257A088FCD16C22906083E, 6C5E36320FF0FF5D9CCFC8E768D213EEEF27B7FA76753DC5F2E77401115E71F4 ] C:\PROGRA~1\McAfee\MSC\mscinres.dll
    12:16:34.0938 0x1534  C:\PROGRA~1\McAfee\MSC\mscinres.dll - ok
    12:16:34.0938 0x1534  [ F2C7BB8ACC97F92E987A2D4087D021B1, 142E1D688EF0568370C37187FD9F2351D7DDEDA574F8BFA9B0FA4EF42DB85AA2 ] C:\Windows\System32\notepad.exe
    12:16:34.0938 0x1534  C:\Windows\System32\notepad.exe - ok
    12:16:34.0938 0x1534  [ 6581B52E133CC6D00661C58968C7E212, 2376CE4A4EC96CD71CE177E19C90AEA1D93F790124DF78F4AC5EAE8FE562F36B ] C:\Windows\SysWOW64\SearchFolder.dll
    12:16:34.0938 0x1534  C:\Windows\SysWOW64\SearchFolder.dll - ok
    12:16:34.0938 0x1534  [ B0F69B9DE0AEBFD7E4CEADE6758DF627, 60235E6D0614ED72CDF05E9A62B2B264614CAB29C47246ED408B85BEBE602CCD ] C:\Windows\System32\SearchFolder.dll
    12:16:34.0938 0x1534  C:\Windows\System32\SearchFolder.dll - ok
    12:16:34.0938 0x1534  [ 8B57A1AD493653BB57F281FE75DD175B, 65A54DDCA45CED94F7CF079632F127C247DD9E5E4D2B074593F89621F8CC6C55 ] C:\Windows\SysWOW64\NaturalLanguage6.dll
    12:16:34.0938 0x1534  C:\Windows\SysWOW64\NaturalLanguage6.dll - ok
    12:16:34.0953 0x1534  [ 01E2855FB06C422E721D890AF201C2D7, 9CAA197D5CE95AABFC8C09EA2137E73C7A0EF37CE0459508C663F7B2D758E57F ] C:\Windows\System32\NaturalLanguage6.dll
    12:16:34.0953 0x1534  C:\Windows\System32\NaturalLanguage6.dll - ok
    12:16:34.0953 0x1534  [ 3344FC0DC69FE7DE074B1A4538C1C087, 9E5AC93385A71F4FAF790BD30BD51C2A7073E43C4FDBACFCEBC720DEA6CEBDDB ] C:\Program Files (x86)\McAfee Online Backup\oem.dll
    12:16:34.0953 0x1534  C:\Program Files (x86)\McAfee Online Backup\oem.dll - ok
    12:16:34.0953 0x1534  [ 2992932C1AB1D29A1A4A9E8CB8530CBF, 894FB2246F09FAC7E78FA1DC0159E888944AD3F4E66844BCE01A967B789CC82B ] C:\Windows\SysWOW64\NlsData0009.dll
    12:16:34.0953 0x1534  C:\Windows\SysWOW64\NlsData0009.dll - ok
    12:16:34.0953 0x1534  [ 701D9F5F3F21580936638D5C5F86B460, 2F187684F61C72AACF8274EA29B48DAAC6C8377F791843914AABF5DAB3760980 ] C:\Windows\System32\NlsData0009.dll
    12:16:34.0953 0x1534  C:\Windows\System32\NlsData0009.dll - ok
    12:16:34.0953 0x1534  [ C8CB301BF896C7C556BBE963FADF5BB6, 94ABF348C70E4BE391B9344CC730A0A98D6EB042EA1D031840DA3DB74A76849C ] C:\Windows\SysWOW64\NlsLexicons0009.dll
    12:16:34.0953 0x1534  C:\Windows\SysWOW64\NlsLexicons0009.dll - ok
    12:16:34.0969 0x1534  [ 148A733B93A2AC104280495DA09D3CC2, 443E46865090C610B84A82DB23DF8D1F22001FEA8B10F5619A10D25D7FEA29CC ] C:\Windows\System32\NlsLexicons0009.dll
    12:16:34.0969 0x1534  C:\Windows\System32\NlsLexicons0009.dll - ok
    12:16:34.0969 0x1534  [ A190DA6546501CB4146BBCC0B6A3F48B, 5AE0BF71E770C2959FE2022C43E4C6F43E361089A3431AA3180EBF4EC0465CAC ] C:\Windows\System32\msiexec.exe
    12:16:34.0969 0x1534  C:\Windows\System32\msiexec.exe - ok
    12:16:34.0969 0x1534  [ 330BD6F74ED4E1CB0856D3A0750011FC, CDEA09FF17C086FDDE74907076425C1CD047FD6939BB6B6F3A1AC10F38784D34 ] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\OneKey Recovery.exe
    12:16:34.0969 0x1534  C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\OneKey Recovery.exe - ok
    12:16:34.0969 0x1534  [ 2E2C937846A0B8789E5E91739284D17A, A98E39F727CFE54C38F71C8AA7B4E8D330DD50773AD42E9E1F190B8716828F30 ] C:\Windows\regedit.exe
    12:16:34.0969 0x1534  C:\Windows\regedit.exe - ok
    12:16:34.0969 0x1534  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
    12:16:34.0969 0x1534  C:\Windows\System32\wbem\NCProv.dll - ok
    12:16:35.0062 0x1534  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x52000 ( disabled : updated )
    12:16:35.0062 0x1534  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )
    12:16:37.0636 0x1534  ============================================================
    12:16:37.0636 0x1534  Scan finished
    12:16:37.0636 0x1534  ============================================================
    12:16:37.0636 0x14e8  Detected object count: 0
    12:16:37.0636 0x14e8  Actual detected object count: 0
    12:17:15.0232 0x0cf0  Deinitialize success

  15. 12:16:33.0424 0x1534  [ BF6D6ED5FADCEEE885BD0144ECF1BA27, 269EE4B920F16ECAA6838078C984210F7E6997B4A1B7BAEEB11515B8D6AF3575 ] C:\Windows\SysWOW64\ncrypt.dll
    12:16:33.0424 0x1534  C:\Windows\SysWOW64\ncrypt.dll - ok
    12:16:33.0424 0x1534  [ D9D9CD380AA3728AD7F10881AB390C22, 213AFD4FCDC4C24CDF8ECE0D1A2CDA7184F55D62476A801F914CDCBD5A7D5EFE ] C:\PROGRA~1\McAfee\MPF\MpfApi.dll
    12:16:33.0424 0x1534  C:\PROGRA~1\McAfee\MPF\MpfApi.dll - ok
    12:16:33.0424 0x1534  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
    12:16:33.0424 0x1534  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
    12:16:33.0424 0x1534  [ 4FB491AC8D46AAF22BA8BC5C73DABEF7, CBE2392792D209E15E44AC29E906FFDD5FBF6EED8BAB0D97D66E109AB2C5C56E ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    12:16:33.0424 0x1534  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
    12:16:33.0424 0x1534  [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
    12:16:33.0424 0x1534  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
    12:16:33.0440 0x1534  [ 2F040CF0613A6D64DCBBA9EE81F5A5AE, DA16117429AF47230CD7C136407C81951B8D2E45A8B7A9DC6948407AA2EC4ADD ] C:\Windows\SysWOW64\dsrole.dll
    12:16:33.0440 0x1534  C:\Windows\SysWOW64\dsrole.dll - ok
    12:16:33.0440 0x1534  [ 055A3B8C67D54FC414A1C2DDA4BC6298, 0D7C470A8A892F69D66061F8D3DAEA3A1BAE9C9239085E1C8E8313AAFDB0BCBB ] C:\Program Files\McAfee\VirusScan\McVSPP.dll
    12:16:33.0440 0x1534  C:\Program Files\McAfee\VirusScan\McVSPP.dll - ok
    12:16:33.0440 0x1534  [ A5B5E31CCACF9DC39EDA10D628099AE6, F3BD6D256E35FB37735CB0674C30A78BF6B2AD83ED9632D0E2CFA67FEBDC6048 ] C:\Program Files\McAfee\VirusScan\mcvsocfg.dll
    12:16:33.0440 0x1534  C:\Program Files\McAfee\VirusScan\mcvsocfg.dll - ok
    12:16:33.0440 0x1534  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] C:\Windows\System32\IPSECSVC.DLL
    12:16:33.0440 0x1534  C:\Windows\System32\IPSECSVC.DLL - ok
    12:16:33.0440 0x1534  [ 98FD891601FD6B56CEA1B4BB08E5D268, E9BED97617D3DF1F969822B80AEE1E11DA409DD25F1C499BEFD203048F8A3CBD ] C:\PROGRA~1\McAfee\VIRUSS~1\vsann.dll
    12:16:33.0440 0x1534  C:\PROGRA~1\McAfee\VIRUSS~1\vsann.dll - ok
    12:16:33.0440 0x1534  [ 00B010BA251D830E1B63DE00A4307DEC, D28A7F42EC1D63A4B68CFC1CF4A06EE2222E407CB9A0AA9D1B3918831347013A ] C:\Program Files\McAfee\VirusScan\mcvsoshl.dll
    12:16:33.0440 0x1534  C:\Program Files\McAfee\VirusScan\mcvsoshl.dll - ok
    12:16:33.0456 0x1534  [ FB4EB9352B7D698E6B3C2AA2ED724DAD, 534AB280ACD29E88FD1BD8838E1231D9364E649C917547A838F51EC8AB941EE2 ] C:\Windows\SysWOW64\authz.dll
    12:16:33.0456 0x1534  C:\Windows\SysWOW64\authz.dll - ok
    12:16:33.0456 0x1534  [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
    12:16:33.0456 0x1534  C:\Windows\SysWOW64\wbemcomn.dll - ok
    12:16:33.0456 0x1534  [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
    12:16:33.0456 0x1534  C:\Windows\SysWOW64\cryptnet.dll - ok
    12:16:33.0456 0x1534  [ 3F50200237961034FACE602373838980, F97D72CC75D921CF8F8E0544614407358AEFF97A8F48E4A89F82689EE8F2FC86 ] C:\Windows\SysWOW64\FirewallAPI.dll
    12:16:33.0456 0x1534  C:\Windows\SysWOW64\FirewallAPI.dll - ok
    12:16:33.0456 0x1534  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
    12:16:33.0456 0x1534  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
    12:16:33.0471 0x1534  [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    12:16:33.0471 0x1534  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
    12:16:33.0471 0x1534  [ DB603D3FD090C66F9709EF6493C26BA3, A9D9A3309DAEFC5AED885AC729B1E9DE8BA5454A0C83FD4F61BCAC935F6CBB4A ] C:\Windows\SysWOW64\FwRemoteSvr.dll
    12:16:33.0471 0x1534  C:\Windows\SysWOW64\FwRemoteSvr.dll - ok
    12:16:33.0471 0x1534  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
    12:16:33.0471 0x1534  C:\Windows\SysWOW64\ntdsapi.dll - ok
    12:16:33.0471 0x1534  [ 9BC93C9ACFA34DB5A41B89357B31E4ED, C3B9DDCB31970F91F8CAF85D2431903DB1738872775EEFD6712B7646BDE1250C ] C:\Windows\System32\FwRemoteSvr.dll
    12:16:33.0471 0x1534  C:\Windows\System32\FwRemoteSvr.dll - ok
    12:16:33.0471 0x1534  [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
    12:16:33.0471 0x1534  C:\Windows\SysWOW64\cmd.exe - ok
    12:16:33.0471 0x1534  [ A4CC7227A452C4909F9499D91B184364, 56111E57D17553BE3EAB8DA2DC42C7132E4458549AFFC08975B7A7204D8F5E76 ] C:\Windows\SysWOW64\ncobjapi.dll
    12:16:33.0471 0x1534  C:\Windows\SysWOW64\ncobjapi.dll - ok
    12:16:33.0487 0x1534  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
    12:16:33.0487 0x1534  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
    12:16:33.0487 0x1534  [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
    12:16:33.0487 0x1534  C:\Windows\System32\conhost.exe - ok
    12:16:33.0487 0x1534  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
    12:16:33.0487 0x1534  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
    12:16:33.0487 0x1534  [ 5610B0425518D185331CB8E968D060E6, E235186C3BF266EE9EC733D2CFF35E3A65DE039C19B14260F4054F34B5E8AD41 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
    12:16:33.0487 0x1534  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
    12:16:33.0487 0x1534  [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
    12:16:33.0487 0x1534  C:\Windows\System32\wbem\cimwin32.dll - ok
    12:16:33.0487 0x1534  [ D0481FB85BEEDD30A0884BE327880F80, D28D53F8FFE4F6D728281BC0FBEF4EB435C153774855AE6348D0B75C80C2EC78 ] C:\Windows\SysWOW64\framedynos.dll
    12:16:33.0487 0x1534  C:\Windows\SysWOW64\framedynos.dll - ok
    12:16:33.0502 0x1534  [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
    12:16:33.0502 0x1534  C:\Windows\System32\framedynos.dll - ok
    12:16:33.0502 0x1534  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
    12:16:33.0502 0x1534  C:\Windows\System32\aelupsvc.dll - ok
    12:16:33.0502 0x1534  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
    12:16:33.0502 0x1534  C:\Windows\SysWOW64\winbrand.dll - ok
    12:16:33.0502 0x1534  [ 8F5EAAF76A6811332A8C67DB0D4C395F, 37A1491E3129E61B71838364E2703650A14C3D42DAC980CBBE2C910EE90CF21F ] C:\Windows\SysWOW64\ieframe.dll
    12:16:33.0502 0x1534  C:\Windows\SysWOW64\ieframe.dll - ok
    12:16:33.0502 0x1534  [ 907281ED4AD35D41B29FFDC211EBAD80, 42171AE21B62F07511D8AEE66FF8AC6D40D53290BD01BA6125D886EC70CD3B8D ] C:\Windows\SysWOW64\wmi.dll
    12:16:33.0502 0x1534  C:\Windows\SysWOW64\wmi.dll - ok
    12:16:33.0502 0x1534  [ C00DB14550E4BD49737F311C644E45FF, 7085C47DADEED82B6F98ED3903197D76B648E9D6CC67D40C789E236264D9A0DC ] C:\Windows\System32\wmi.dll
    12:16:33.0502 0x1534  C:\Windows\System32\wmi.dll - ok
    12:16:33.0518 0x1534  [ 4211C57BA2D3B714212E7AC63D6A3F1D, 0EB8996F4C9A70624DB7BA35F3426E47E5ED5F5E1A2933E6ED735BEFDB6B6156 ] C:\Windows\System32\drivers\cfwids.sys
    12:16:33.0518 0x1534  C:\Windows\System32\drivers\cfwids.sys - ok
    12:16:33.0518 0x1534  [ F80F0691CD9426940301BBFE9BBCA2D7, 64F0F754E43A3B7F63CF81C908A85FEAA0CF696FB1D89A53B3E0BE788D7C4C4C ] C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll
    12:16:33.0518 0x1534  C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll - ok
    12:16:33.0518 0x1534  [ CD0BC0B6B8D219808AEA3ECD4E889B19, 16ABC530C0367DF1AD631F09E14C565CF99561949AA14ACC533CD54BF8A5E22C ] C:\Windows\System32\raserver.exe
    12:16:33.0518 0x1534  C:\Windows\System32\raserver.exe - ok
    12:16:33.0518 0x1534  [ E79DF53BAD587E24B3CF965A5746C7B6, 4E7C22648ACF664AB13DFEB2DC062AE90AF1E6C621186981F395FB279BBC9B9D ] C:\Windows\System32\msra.exe
    12:16:33.0518 0x1534  C:\Windows\System32\msra.exe - ok
    12:16:33.0518 0x1534  [ 322A96BFB36CEAA506F74D5F98CDA723, 8E018759109BDAB5F3301D0DB90A8FE2164BF4155D08792B019679CA079F57D1 ] C:\Program Files\Windows Media Player\wmplayer.exe
    12:16:33.0518 0x1534  C:\Program Files\Windows Media Player\wmplayer.exe - ok
    12:16:33.0534 0x1534  [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    12:16:33.0534 0x1534  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
    12:16:33.0534 0x1534  [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
    12:16:33.0534 0x1534  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
    12:16:33.0534 0x1534  [ A9F3BFC9345F49614D5859EC95B9E994, 306467D280E99D0616E839278A4DB5BED684F002AE284C3678CABB5251459CB3 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
    12:16:33.0534 0x1534  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
    12:16:33.0534 0x1534  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
    12:16:33.0534 0x1534  C:\Windows\SysWOW64\shdocvw.dll - ok
    12:16:33.0534 0x1534  [ 1BB66A40744622E60E802B39F013DC64, 67A23F1E9E6123A3D7248213384D51D6166D146CACD679E244CE0F891A344B97 ] C:\Users\Linda\AppData\Local\Temp\{907F5CBA-2CCF-4C53-9258-32861164B423}.exe
    12:16:33.0534 0x1534  C:\Users\Linda\AppData\Local\Temp\{907F5CBA-2CCF-4C53-9258-32861164B423}.exe - ok
    12:16:33.0549 0x1534  [ 9FCE6AA4DC1C06090748C30DFCE0C7FD, 97B983855029D89167951AC75AB17E0BEB5B81F9CBF72CEB16A91D14F596B922 ] C:\Program Files\Common Files\McAfee\AMCore\McShieldClient.dll
    12:16:33.0549 0x1534  C:\Program Files\Common Files\McAfee\AMCore\McShieldClient.dll - ok
    12:16:33.0549 0x1534  [ 5A17C7C9C804F265B0409E0B252FEB0E, 459C54CBDA34084656FD4753400B123DAC679F7B41BC2DD27DCA7FDF9390AADC ] C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll
    12:16:33.0549 0x1534  C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll - ok
    12:16:33.0549 0x1534  [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
    12:16:33.0549 0x1534  C:\Windows\SysWOW64\devrtl.dll - ok
    12:16:33.0549 0x1534  [ 2CFA4569350B7F84F815E9EC34E85766, 8DE5F880F23435256E697C24BDDFA9B8994ACC3FAA063AF274BEC918FE012788 ] C:\Windows\SysWOW64\SndVolSSO.dll
    12:16:33.0549 0x1534  C:\Windows\SysWOW64\SndVolSSO.dll - ok
    12:16:33.0549 0x1534  [ 63DF770DF74ACB370EF5A16727069AAF, B8F96336BF87F1153C245D19606CBD10FBE7CF2795BCC762F2A1B57CB7C39116 ] C:\Windows\SysWOW64\hid.dll
    12:16:33.0549 0x1534  C:\Windows\SysWOW64\hid.dll - ok
    12:16:33.0549 0x1534  [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
    12:16:33.0549 0x1534  C:\Windows\SysWOW64\MMDevAPI.dll - ok
    12:16:33.0565 0x1534  [ 7E9917D5309A90E7576653BFE39F80D8, 3525795CA69EF165AAAA20C878A20DF5A5F183CF6F8358A0132A88153E6459C6 ] C:\Windows\SysWOW64\timedate.cpl
    12:16:33.0565 0x1534  C:\Windows\SysWOW64\timedate.cpl - ok
    12:16:33.0565 0x1534  [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
    12:16:33.0565 0x1534  C:\Windows\System32\timedate.cpl - ok
    12:16:33.0565 0x1534  [ D2958325C1AE1AE37A83334C6229E3BC, D8263CB39A25447442B75A8D8E8111DF671D645DA90A33865C089DEDA9706904 ] C:\Windows\SysWOW64\actxprxy.dll
    12:16:33.0565 0x1534  C:\Windows\SysWOW64\actxprxy.dll - ok
    12:16:33.0565 0x1534  [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
    12:16:33.0565 0x1534  C:\Windows\System32\actxprxy.dll - ok
    12:16:33.0565 0x1534  [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
    12:16:33.0565 0x1534  C:\Windows\System32\shdocvw.dll - ok
    12:16:33.0565 0x1534  [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
    12:16:33.0565 0x1534  C:\Windows\SysWOW64\linkinfo.dll - ok
    12:16:33.0580 0x1534  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
    12:16:33.0580 0x1534  C:\Windows\System32\linkinfo.dll - ok
    12:16:33.0580 0x1534  [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\SysWOW64\samlib.dll
    12:16:33.0580 0x1534  C:\Windows\SysWOW64\samlib.dll - ok
    12:16:33.0580 0x1534  [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
    12:16:33.0580 0x1534  C:\Windows\SysWOW64\netutils.dll - ok
    12:16:33.0580 0x1534  [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
    12:16:33.0580 0x1534  C:\Windows\SysWOW64\samcli.dll - ok
    12:16:33.0580 0x1534  [ 64E211E0FDFCE4D186DF58BB7D0503BC, 6B9E12979119BAD721D493A9CEFDC7B4150121D5590222069FD1B8D80F9AC5C0 ] C:\Windows\SysWOW64\gameux.dll
    12:16:33.0580 0x1534  C:\Windows\SysWOW64\gameux.dll - ok
    12:16:33.0580 0x1534  [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
    12:16:33.0580 0x1534  C:\Windows\System32\gameux.dll - ok
    12:16:33.0596 0x1534  [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
    12:16:33.0596 0x1534  C:\Windows\SysWOW64\xmllite.dll - ok
    12:16:33.0596 0x1534  [ 3A16EA01FCFAAB40882DB5BFEE632322, 04ED66BEFDB822181EBD1D84CBF0B17AAADF8455AE742F44D7ADCB26AB07BDAD ] C:\Windows\SysWOW64\msftedit.dll
    12:16:33.0596 0x1534  C:\Windows\SysWOW64\msftedit.dll - ok
    12:16:33.0596 0x1534  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
    12:16:33.0596 0x1534  C:\Windows\System32\msftedit.dll - ok
    12:16:33.0596 0x1534  [ 112183DF91C9BAECB498E4A86ECDE598, 33E9256ACC4EA747177FF0922FCA679849F89F695E469BB8C8F25BD5B5B1A583 ] C:\Windows\System32\msls31.dll
    12:16:33.0596 0x1534  C:\Windows\System32\msls31.dll - ok
    12:16:33.0596 0x1534  [ C225E5307D8D4982A1687F2702C37C78, 9FCE233CE2C33D33053E4B1EBDC4B4C32CE8660947C2D0CE9384B23550B7BB5F ] C:\Windows\SysWOW64\msls31.dll
    12:16:33.0596 0x1534  C:\Windows\SysWOW64\msls31.dll - ok
    12:16:33.0596 0x1534  [ 7DBA84667DC18877AEF693E3543DFAD7, 499306CE72EB8B873C547C600FD1093B7A79122D656407E69879041690AE588F ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
    12:16:33.0596 0x1534  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
    12:16:33.0612 0x1534  [ F1278B3514EA6FA9BC39B20D26139AAC, 7FA1B8CCBB4771F3105EEACE2C13F949FA65C7F53817C783BDF9770F94FF12B5 ] C:\Windows\SysWOW64\msiltcfg.dll
    12:16:33.0612 0x1534  C:\Windows\SysWOW64\msiltcfg.dll - ok
    12:16:33.0612 0x1534  [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
    12:16:33.0612 0x1534  C:\Windows\System32\msiltcfg.dll - ok
    12:16:33.0612 0x1534  [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
    12:16:33.0612 0x1534  C:\Windows\SysWOW64\msi.dll - ok
    12:16:33.0612 0x1534  [ 5EB6E9C8BE1ACC5830780E0F9A846255, AC5EDC6DBC9CA204584E35878E18F6524DE002CE3D90657C37599790A5DDD1F1 ] C:\Windows\System32\msi.dll
    12:16:33.0612 0x1534  C:\Windows\System32\msi.dll - ok
    12:16:33.0612 0x1534  [ E904178851A6A44BFA97E064EF779E9D, B90C66EFACBCFEC5CDA218363408C27D4BD54E99F14E974B6B9CE9E2CEA946E7 ] C:\Windows\SysWOW64\authui.dll
    12:16:33.0612 0x1534  C:\Windows\SysWOW64\authui.dll - ok
    12:16:33.0627 0x1534  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{3C4E71A3-61BE-4A25-B85B-0780E6684456}.tmp
    12:16:33.0627 0x1534  C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{3C4E71A3-61BE-4A25-B85B-0780E6684456}.tmp - ok
    12:16:33.0627 0x1534  [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948DFA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
    12:16:33.0627 0x1534  C:\Windows\SysWOW64\cryptui.dll - ok
    12:16:33.0627 0x1534  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{A43E673D-4AAB-481B-B9D4-72E2FF165E2D}.tmp
    12:16:33.0627 0x1534  C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{A43E673D-4AAB-481B-B9D4-72E2FF165E2D}.tmp - ok
    12:16:33.0627 0x1534  [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{0C07D5BE-3ACF-46AA-9E03-FB6A8C18B3C5}.tmp
    12:16:33.0627 0x1534  C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{0C07D5BE-3ACF-46AA-9E03-FB6A8C18B3C5}.tmp - ok
    12:16:33.0643 0x1534  [ CCDB8FDC289AA9AFA5F8827A2ADB21AD, 5FD10FC9B3EE71889624D9C8020A18AF039D0BCF581331B45CAE82F3DA782901 ] C:\Windows\System32\ieframe.dll
    12:16:33.0643 0x1534  C:\Windows\System32\ieframe.dll - ok
    12:16:33.0643 0x1534  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{61A4CD7F-0A1A-421A-BF99-D14DA259DF14}.tmp
    12:16:33.0643 0x1534  C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{61A4CD7F-0A1A-421A-BF99-D14DA259DF14}.tmp - ok
    12:16:33.0643 0x1534  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{F002E012-CAB9-4112-860E-4D78A0503ACA}.tmp
    12:16:33.0643 0x1534  C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{F002E012-CAB9-4112-860E-4D78A0503ACA}.tmp - ok
    12:16:33.0643 0x1534  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{9E120DDC-B216-49AA-8CBE-4D2A970A7A92}.tmp
    12:16:33.0643 0x1534  C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{9E120DDC-B216-49AA-8CBE-4D2A970A7A92}.tmp - ok
    12:16:33.0658 0x1534  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{C82FCF61-817E-4B96-80B0-538F61FB8DBE}.tmp
    12:16:33.0658 0x1534  C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{C82FCF61-817E-4B96-80B0-538F61FB8DBE}.tmp - ok
    12:16:33.0658 0x1534  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{84462404-C4C8-4738-97ED-E7C887AF0BE7}.tmp
    12:16:33.0658 0x1534  C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{84462404-C4C8-4738-97ED-E7C887AF0BE7}.tmp - ok
    12:16:33.0658 0x1534  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{6CAE7233-809D-4FDA-9293-4E045D9A2588}.tmp
    12:16:33.0658 0x1534  C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{6CAE7233-809D-4FDA-9293-4E045D9A2588}.tmp - ok
    12:16:33.0658 0x1534  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{559AC684-B498-4D57-A8AF-2A2C21220573}.tmp
    12:16:33.0658 0x1534  C:\Users\Linda\AppData\Local\Temp\{455BC3BA-B90A-4D3B-9CB4-E3A8DDD58CE4}\{559AC684-B498-4D57-A8AF-2A2C21220573}.tmp - ok
    12:16:33.0674 0x1534  [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    12:16:33.0674 0x1534  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
    12:16:33.0674 0x1534  [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
    12:16:33.0674 0x1534  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
    12:16:33.0674 0x1534  [ F1889BC6C4E257FB84AF11A38F6E3175, AD4BFC7D9B063F10D8BB0B9FC8A0203252BC125BE8F8FBF5F5D10FF030EBDC1D ] C:\Windows\System32\igfxtray.exe
    12:16:33.0674 0x1534  C:\Windows\System32\igfxtray.exe - ok
    12:16:33.0674 0x1534  [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
    12:16:33.0674 0x1534  C:\Windows\SysWOW64\netapi32.dll - ok
    12:16:33.0690 0x1534  [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
    12:16:33.0690 0x1534  C:\Windows\System32\thumbcache.dll - ok
    12:16:33.0690 0x1534  [ 672D7C5080ACB003343006405DA2E621, 5F28C83A20ECB1F20894B60725477BEF0D672817DFDB9822FB345A3270A0C095 ] C:\Windows\SysWOW64\thumbcache.dll
    12:16:33.0690 0x1534  C:\Windows\SysWOW64\thumbcache.dll - ok
    12:16:33.0690 0x1534  [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
    12:16:33.0690 0x1534  C:\Windows\SysWOW64\srvcli.dll - ok
    12:16:33.0690 0x1534  [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
    12:16:33.0690 0x1534  C:\Windows\SysWOW64\wkscli.dll - ok
    12:16:33.0690 0x1534  [ 3D57FFBAD3ED16B63DE3879BAB0FB56F, 6BEAF5AFC98961190B004E8DE57CD5F9F39117287AE18D59DDB2EC5C0A0C6622 ] C:\Windows\SysWOW64\networkexplorer.dll
    12:16:33.0690 0x1534  C:\Windows\SysWOW64\networkexplorer.dll - ok
    12:16:33.0705 0x1534  [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
    12:16:33.0705 0x1534  C:\Windows\System32\networkexplorer.dll - ok
    12:16:33.0705 0x1534  [ 812A161FC470FA832C3F0CC3D7ACA2F9, E4117C9023AE3193F22316A48F2B1B2C05373CCA64226D91190C17EBED9AFD26 ] C:\Windows\SysWOW64\apisetschema.dll
    12:16:33.0705 0x1534  C:\Windows\SysWOW64\apisetschema.dll - ok
    12:16:33.0705 0x1534  [ 8207DAD22DC87DB646106C1533D633BD, 79690DE098EE5C14CCC127655A176EC13D15ABFD38A8E1F6968BA6C4438DEDBE ] C:\Windows\System32\hccutils.dll
    12:16:33.0705 0x1534  C:\Windows\System32\hccutils.dll - ok
    12:16:33.0705 0x1534  [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
    12:16:33.0705 0x1534  C:\Windows\SysWOW64\riched20.dll - ok
    12:16:33.0721 0x1534  [ 15F19DFA19C4566CEC8764400BCECF8B, 91EF69883F175837077F52A82E1A3C904B0BDDB211077D13FA524AA978C8EB75 ] C:\Windows\System32\hkcmd.exe
    12:16:33.0721 0x1534  C:\Windows\System32\hkcmd.exe - ok
    12:16:33.0721 0x1534  [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
    12:16:33.0721 0x1534  C:\Windows\SysWOW64\winmm.dll - ok
    12:16:33.0721 0x1534  [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
    12:16:33.0721 0x1534  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
    12:16:33.0721 0x1534  [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
    12:16:33.0721 0x1534  C:\Windows\System32\DeviceCenter.dll - ok
    12:16:33.0721 0x1534  [ FE3F457382FEF4C0AA09FEB92567CA1F, B45ACB4472665F96EE7295460031B5FA29146CA786D80A2439D5A2C70981E513 ] C:\Windows\System32\igfxpers.exe
    12:16:33.0721 0x1534  C:\Windows\System32\igfxpers.exe - ok
    12:16:33.0721 0x1534  [ D205C24A9D069049FE2DF2A1B38726A7, B98F420B57A34FDA24F9A655319245EEF86EF4A952014FFA018070A01D5CBC4C ] C:\Windows\SysWOW64\wdmaud.drv
    12:16:33.0721 0x1534  C:\Windows\SysWOW64\wdmaud.drv - ok
    12:16:33.0736 0x1534  [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
    12:16:33.0736 0x1534  C:\Windows\System32\wdmaud.drv - ok
    12:16:33.0736 0x1534  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
    12:16:33.0736 0x1534  C:\Windows\SysWOW64\duser.dll - ok
    12:16:33.0736 0x1534  [ 9C67F6BBDA3881CFD02095160CF91576, 6CE97C6F0AD8BE183DE935A7AAB7D46821E8DE9E55A4BFF54ACB49D056826A94 ] C:\Windows\SysWOW64\ksuser.dll
    12:16:33.0736 0x1534  C:\Windows\SysWOW64\ksuser.dll - ok
    12:16:33.0736 0x1534  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
    12:16:33.0736 0x1534  C:\Windows\SysWOW64\dui70.dll - ok
    12:16:33.0736 0x1534  [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
    12:16:33.0736 0x1534  C:\Windows\System32\ksuser.dll - ok
    12:16:33.0736 0x1534  [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\SysWOW64\avrt.dll
    12:16:33.0736 0x1534  C:\Windows\SysWOW64\avrt.dll - ok
    12:16:33.0752 0x1534  [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
    12:16:33.0752 0x1534  C:\Windows\SysWOW64\powrprof.dll - ok
    12:16:33.0752 0x1534  [ C940F2F5C60B3727C5F18840735B229C, EFC3F465FD6C570505C214A92644357ACD01B1843ED25B5FCCCE10533403485C ] C:\Windows\SysWOW64\AudioSes.dll
    12:16:33.0752 0x1534  C:\Windows\SysWOW64\AudioSes.dll - ok
    12:16:33.0752 0x1534  [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
    12:16:33.0752 0x1534  C:\Windows\System32\AudioSes.dll - ok
    12:16:33.0752 0x1534  [ 45E702A7E81E81EB87F6E7A4B9643E42, CBD228AAF64712D80DD1FB5A029D6D8BCA88C955480042AAA17F59A39E5AF2A4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    12:16:33.0752 0x1534  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
    12:16:33.0752 0x1534  [ 07393A09C46083588E751B63B03C8301, 36E2351CF5FA05FEAAEB340B5E04B107B53C8174F8333559D8AEA40BEB94F678 ] C:\Windows\SysWOW64\msacm32.drv
    12:16:33.0752 0x1534  C:\Windows\SysWOW64\msacm32.drv - ok
    12:16:33.0768 0x1534  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
    12:16:33.0768 0x1534  C:\Windows\System32\msacm32.drv - ok
    12:16:33.0768 0x1534  [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll
    12:16:33.0768 0x1534  C:\Windows\SysWOW64\msacm32.dll - ok
    12:16:33.0768 0x1534  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
    12:16:33.0768 0x1534  C:\Windows\System32\msacm32.dll - ok
    12:16:33.0768 0x1534  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
    12:16:33.0768 0x1534  C:\Windows\System32\midimap.dll - ok
    12:16:33.0768 0x1534  [ 5A12C364AD1D4FCC0AD0E56DBBC34462, 5FDF434BE4E15311AC83754CF85B5451F5A219D768A5DE3DC4FD9AE0B57B0AD9 ] C:\Windows\SysWOW64\midimap.dll
    12:16:33.0768 0x1534  C:\Windows\SysWOW64\midimap.dll - ok
    12:16:33.0783 0x1534  [ E77E8C2373441432DEFB1C79FACE7685, 05F2FBDC3471ECC9C4E535E577AE785B680301CE3E249878CF4B49C1DDEEEBCA ] C:\Windows\SysWOW64\UMonit.exe
    12:16:33.0783 0x1534  C:\Windows\SysWOW64\UMonit.exe - ok
    12:16:33.0783 0x1534  [ 40EF27D43C3C583EDC12CB1A07CAA7D3, 2D792D65042674DED9D831C39761CA27F555BDD067C6DB9F2CF038C744154404 ] C:\Windows\System32\igfxsrvc.dll
    12:16:33.0783 0x1534  C:\Windows\System32\igfxsrvc.dll - ok
    12:16:33.0783 0x1534  [ A041461C314AC881E466DFE0DEBA7E0C, 2887FEA3ED0532928EF289E6895560B538105A13A25FC1ECED1FC81BFD588CD3 ] C:\Windows\System32\igfxrenu.lrc
    12:16:33.0783 0x1534  C:\Windows\System32\igfxrenu.lrc - ok
    12:16:33.0783 0x1534  [ D6692338B985D4A0CA52B828314D897D, CB0B7C84C1E2782A95489E2F4D2AF4CFDAC02676B76F49FF7D6A7091739EA25D ] C:\Windows\SysWOW64\drprov.dll
    12:16:33.0783 0x1534  C:\Windows\SysWOW64\drprov.dll - ok
    12:16:33.0783 0x1534  [ 132D33F24D91165A5E6D93814CCEDB38, 3C3B753B6C1BDD52DA484FD3D986241C8505E8D25CB876A9E92E74DD4FB6F03C ] C:\Windows\System32\igfxress.dll
    12:16:33.0783 0x1534  C:\Windows\System32\igfxress.dll - ok
    12:16:33.0799 0x1534  [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll
    12:16:33.0799 0x1534  C:\Windows\System32\drprov.dll - ok
    12:16:33.0799 0x1534  [ BBA9D5A730D5E304117AD26923EBD8AA, 62DD6CEA9B3819DEC704BFBDCFF771903A2E2E8668EB9D5AD32210EEDB359132 ] C:\Windows\SysWOW64\AudioEng.dll
    12:16:33.0799 0x1534  C:\Windows\SysWOW64\AudioEng.dll - ok
    12:16:33.0799 0x1534  [ 8B285BDAB7735FDFB18E6F7122923B77, DE3DBDDBF0E999CDE4A53B194128094671684708CDBED2C4D5362316CAA3A8CD ] C:\Windows\SysWOW64\UIAnimation.dll
    12:16:33.0799 0x1534  C:\Windows\SysWOW64\UIAnimation.dll - ok
    12:16:33.0799 0x1534  [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
    12:16:33.0799 0x1534  C:\Windows\System32\AudioEng.dll - ok
    12:16:33.0799 0x1534  [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll
    12:16:33.0799 0x1534  C:\Windows\System32\UIAnimation.dll - ok
    12:16:33.0799 0x1534  [ 03998CA1B0F0B50A5062A38D35CFDB4D, 359907A8B7EC0C693FA95F296DF7BB70451EBA865C0CF5BB9C55720FEFB5936E ] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
    12:16:33.0799 0x1534  C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe - ok
    12:16:33.0814 0x1534  [ D7B7159BC8374E87D8C45A30377A3440, 0B68B6E7C35280D502BF05177ADADE2EE35D4D5307C3D1EE2635879BA06D904D ] C:\Windows\SysWOW64\ntlanman.dll
    12:16:33.0814 0x1534  C:\Windows\SysWOW64\ntlanman.dll - ok
    12:16:33.0814 0x1534  [ BC566D17914B07ABAAB3A5A385CC3300, DCE0A1D26312AA6441FB7122C6EED980AE350D58B2B4B166CB62F983306268E9 ] C:\Windows\System32\ntlanman.dll
    12:16:33.0814 0x1534  C:\Windows\System32\ntlanman.dll - ok
    12:16:33.0814 0x1534  [ EAF4712B706936C0B10D3B5319B37E81, 1A356A3AB52DC8A13F41D2B7F26B6B0E23663D7C9DD6DF6E464EF29460EF2602 ] C:\Windows\SysWOW64\davclnt.dll
    12:16:33.0814 0x1534  C:\Windows\SysWOW64\davclnt.dll - ok
    12:16:33.0814 0x1534  [ B32AB94A432289AC2DF77A3DCAD32EED, B1021C78F940E6FA7A8992B2733B593B89DA57325A0A0D13D2767F193A78D90F ] C:\Windows\System32\davclnt.dll
    12:16:33.0814 0x1534  C:\Windows\System32\davclnt.dll - ok
    12:16:33.0814 0x1534  [ 96F0F8F4DEE598C8D12AD9633E0CFE2A, 56EA483444BB6CCD6B9BE8030BB0FBB60EEE34A96731AB50CDC7DBA56BF2CB7C ] C:\Windows\SysWOW64\AUDIOKSE.dll
    12:16:33.0814 0x1534  C:\Windows\SysWOW64\AUDIOKSE.dll - ok
    12:16:33.0830 0x1534  [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll
    12:16:33.0830 0x1534  C:\Windows\System32\davhlpr.dll - ok
    12:16:33.0830 0x1534  [ 179BECE8D1A4C488DDB7191FF9BE3FB0, F91ABCB67A2AFD471A9B94AA2B9C46AAEF606266DC2276E81A6D0832566162A5 ] C:\Windows\SysWOW64\davhlpr.dll
    12:16:33.0830 0x1534  C:\Windows\SysWOW64\davhlpr.dll - ok
    12:16:33.0830 0x1534  [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
    12:16:33.0830 0x1534  C:\Windows\System32\AUDIOKSE.dll - ok
    12:16:33.0830 0x1534  [ C2B530DF986F7C5CC8AEFF8EFB482D68, AF76E57E111F6222D65CB9A8BFC057B9F5334FD0010E6939B0B83E641CDBCADF ] C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
    12:16:33.0830 0x1534  C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe - ok
    12:16:33.0830 0x1534  [ 105CFE016CCB20175BEACEC146F175AB, BA21F40CDBF159EE4EACCBFB2A7D20EB9E1C2758883AF089A8E53EE478002E83 ] C:\Windows\System32\IccLibDll_x64.dll
    12:16:33.0830 0x1534  C:\Windows\System32\IccLibDll_x64.dll - ok
    12:16:33.0830 0x1534  [ D0CFA79F28AE8E96674EDF43F9B3C38E, E071904441497F27359C6C26DB331B3B41672AB4821F7F8E69C63F05C75CF5C1 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\guisys.dll
    12:16:33.0830 0x1534  C:\Program Files (x86)\Lenovo\Boot Optimizer\guisys.dll - ok
    12:16:33.0846 0x1534  [ 3E399A1328181C2A352472369DE2A93A, A730378E6BCD6C6A2BFD00E1EA5D3B49A16AD94E01AE491CDF6750EC5DCF62C6 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    12:16:33.0846 0x1534  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
    12:16:33.0846 0x1534  [ DC6612A9EE015A36BA2A27BC9CC12537, F4456A3E4028BE3BDE46363290CCC1E8420034A122596D86272CE4B554C78DB5 ] C:\Windows\SysWOW64\mfc42.dll
    12:16:33.0846 0x1534  C:\Windows\SysWOW64\mfc42.dll - ok
    12:16:33.0846 0x1534  [ 6E6DCBA22C1C4244714975B3BF4A84B1, DB5EE0C6979995EFA9712A321AC816ABC7B8136E8BE9A7721352F474FFD343B3 ] C:\Windows\System32\igfxsrvc.exe
    12:16:33.0846 0x1534  C:\Windows\System32\igfxsrvc.exe - ok
    12:16:33.0846 0x1534  [ 84174CA0E190BB9D1EFD0F005FE13B35, B0146E651DAD4A8050FAF70026F1B7CE16EF454EB6E31088CDEBE3CD57E6591C ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
    12:16:33.0846 0x1534  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
    12:16:33.0846 0x1534  [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
    12:16:33.0846 0x1534  C:\Windows\SysWOW64\mscoree.dll - ok
    12:16:33.0846 0x1534  [ C7E48AECA5212C30828CE151474952AD, 886A9F879B417EF0905F11AA4DA59B7DDD57975A3010966868DE293F29897C1A ] C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
    12:16:33.0846 0x1534  C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe - ok
    12:16:33.0861 0x1534  [ 0E85C11F8850D524B02181C6E02BA9AE, 8703566931067CCF949E9779E4D328DD21210329DD687459300C83DDD06390A8 ] C:\Windows\SysWOW64\dsound.dll
    12:16:33.0861 0x1534  C:\Windows\SysWOW64\dsound.dll - ok
    12:16:33.0861 0x1534  [ 85191D8FC4EEBB4CD7E9D2D72DB7CE89, 8030ACAE92A864D86179CA5C22BEC734DCFBF0D3A95427685BB5382267F0084A ] C:\Program Files (x86)\Lenovo\Boot Optimizer\SimpRes.dll
    12:16:33.0861 0x1534  C:\Program Files (x86)\Lenovo\Boot Optimizer\SimpRes.dll - ok
    12:16:33.0861 0x1534  [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
    12:16:33.0861 0x1534  C:\Windows\System32\WMALFXGFXDSP.dll - ok
    12:16:33.0861 0x1534  [ 01956C4DEFA2DC500DDADA8251A25343, B0A6D59ECF83F78EF714C2F732F947A47F4F982B964E078B275CCEE227113DAF ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
    12:16:33.0861 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe - ok
    12:16:33.0861 0x1534  [ F5DF6846F30E9F54EA60CCAEB3FB2055, 07B71E3AA36F90D3D6B60D56F51A524AC769DFD1233BADB76B65874C7BCC5083 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
    12:16:33.0861 0x1534  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
    12:16:33.0877 0x1534  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B, 7A8A051F414A0A11252A361461A086890BCE9F49CE1AF794061184AE16517EF1 ] C:\Windows\SysWOW64\mfplat.dll
    12:16:33.0877 0x1534  C:\Windows\SysWOW64\mfplat.dll - ok
    12:16:33.0877 0x1534  [ 5FF5E12F28725D14CAA3B408848ADFFC, 32C38FEC25F193EAB1C7EB567666D4F7E46117AC3C1F341C14C1DD5C926BFAAC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
    12:16:33.0877 0x1534  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
    12:16:33.0877 0x1534  [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
    12:16:33.0877 0x1534  C:\Windows\System32\mfplat.dll - ok
    12:16:33.0877 0x1534  [ EC2FF50C8AE90F72B74DCAF38BA7706E, B8CA1C04DAE723D2134FAA4A4E511EC176B23D48D07E7D0DD5D4399B39745484 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\LangHlpr.dll
    12:16:33.0877 0x1534  C:\Program Files (x86)\Lenovo\Boot Optimizer\LangHlpr.dll - ok
    12:16:33.0877 0x1534  [ E295E9A1A637A4D5E8992A43B33F5EA1, E7D0AB82903392BD11115067EAE52E1B80B9E644EA0EB4EB7D9A3F27617E0288 ] C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll
    12:16:33.0877 0x1534  C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll - ok
    12:16:33.0892 0x1534  [ 37B6EBA4E783A0B25F3FE05EF86722CB, 9C1CBA725A2E3EF7DEA9877049966DF75A1D6D68649F69B6027BAA06CDF077FA ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
    12:16:33.0892 0x1534  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
    12:16:33.0892 0x1534  [ CCC2E312486AE6B80970211DA472268B, 18BE5D3C656236B7E3CD6D619D62496FE3E7F66BF2859E460F8AC3D1A6BDAA9A ] C:\Program Files (x86)\Lenovo\Boot Optimizer\mfc80u.dll
    12:16:33.0892 0x1534  C:\Program Files (x86)\Lenovo\Boot Optimizer\mfc80u.dll - ok
    12:16:33.0892 0x1534  [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
    12:16:33.0892 0x1534  C:\Windows\SysWOW64\ntshrui.dll - ok
    12:16:33.0892 0x1534  [ A3C190D644E88DE5872FC7FEC7377E35, ABA02BA8E368B09CC9E523A0CCD2F96B0DA3ED14779E592495D478161AE5E4AC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
    12:16:33.0892 0x1534  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll - ok
    12:16:33.0892 0x1534  [ 4C7EAC5A2953C24911958269658A2B00, 47F426D89D027BC8F7B486DBD2F970ED17542C5036A260354457CB9163FC14D6 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\fbfmon.dll
    12:16:33.0892 0x1534  C:\Program Files (x86)\Lenovo\Boot Optimizer\fbfmon.dll - ok
    12:16:33.0908 0x1534  [ D1BBE227367ED791D5FCF08E132D2956, 34349B7FB46BB89D59CC9CC6CD3F790870AB96642254C0374D97AFAC6121B945 ] C:\Windows\SysWOW64\opengl32.dll
    12:16:33.0908 0x1534  C:\Windows\SysWOW64\opengl32.dll - ok
    12:16:33.0908 0x1534  [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
    12:16:33.0908 0x1534  C:\Windows\SysWOW64\cscapi.dll - ok
    12:16:33.0908 0x1534  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
    12:16:33.0908 0x1534  C:\Windows\SysWOW64\msimg32.dll - ok
    12:16:33.0908 0x1534  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
    12:16:33.0908 0x1534  C:\Windows\System32\msimg32.dll - ok
    12:16:33.0908 0x1534  [ 7D34AF98A706230CC2DEDFE0CABF87AB, 93237B839C2BC6E84C2C675BB211CA0FB781B348A033EF648A9AA5BDAC1EFDAE ] C:\Windows\SysWOW64\odbc32.dll
    12:16:33.0908 0x1534  C:\Windows\SysWOW64\odbc32.dll - ok
    12:16:33.0908 0x1534  [ DE3897365B04C4DA1CF8FF725577C082, 44703E2D6C7219714C929D8ED096C8E044A3EDCA73198870A5CC4EF5CE16C397 ] C:\Windows\SysWOW64\glu32.dll
    12:16:33.0908 0x1534  C:\Windows\SysWOW64\glu32.dll - ok
    12:16:33.0924 0x1534  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
    12:16:33.0924 0x1534  C:\Windows\SysWOW64\slc.dll - ok
    12:16:33.0924 0x1534  [ 198552AEFECA69D646867EC8D792DE95, 6978D5205387391748EE7E9FACF1AE607C37FBFD83B77CB632DD772F8D71A165 ] C:\Windows\SysWOW64\ddraw.dll
    12:16:33.0924 0x1534  C:\Windows\SysWOW64\ddraw.dll - ok
    12:16:33.0924 0x1534  [ 3BD9914CD4884432EF25867CBAF4E7FE, B14CBADCE83A8D063263BE9A3174F22BA349554EC63C9D70AE1ECD8AD9F87EDF ] C:\Windows\System32\GfxUI.exe
    12:16:33.0924 0x1534  C:\Windows\System32\GfxUI.exe - ok
    12:16:33.0924 0x1534  [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
    12:16:33.0924 0x1534  C:\Windows\SysWOW64\oleacc.dll - ok
    12:16:33.0924 0x1534  [ 33A77D477EF9D7A5C65A950129DF2E47, 4276E3DA2966785530F1538CEA8BA6D8DDA2A0310722679028857AF70AD71A44 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
    12:16:33.0924 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok
    12:16:33.0939 0x1534  [ 2342EC9254F4C60CA98441BD65C89E12, 7FDCAEB5D021E291A1C9B94DD4D49913CE363BF94D37518E466DB3DD72C41D05 ] C:\Windows\SysWOW64\dciman32.dll
    12:16:33.0939 0x1534  C:\Windows\SysWOW64\dciman32.dll - ok
    12:16:33.0939 0x1534  [ DF50659F3A4275EF2C8B37F893107692, 466DA44786EFF616F506906809348DDBED696CF28EF9B282C1DB86AFF466C25C ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\SUAComnCtrl.dll
    12:16:33.0939 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\SUAComnCtrl.dll - ok
    12:16:33.0939 0x1534  [ ABA457BFC7EC0B5E130B2F1E0F549DFF, C944C75C351A276952D0A869F9ED3DF8674E9479797EE7B03D13E8FDCDEB2DC4 ] C:\Windows\SysWOW64\odbcint.dll
    12:16:33.0939 0x1534  C:\Windows\SysWOW64\odbcint.dll - ok
    12:16:33.0939 0x1534  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
    12:16:33.0939 0x1534  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
    12:16:33.0939 0x1534  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
    12:16:33.0939 0x1534  C:\Windows\SysWOW64\comdlg32.dll - ok
    12:16:33.0939 0x1534  [ 09A116FB06C5E362EF8938D29CDAB27B, 887B39388C39FF262FBBE3047FA1F5F47EB649AF3D760865AFE614DE64160D33 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
    12:16:33.0939 0x1534  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
    12:16:33.0955 0x1534  [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
    12:16:33.0955 0x1534  C:\Windows\SysWOW64\oledlg.dll - ok
    12:16:33.0955 0x1534  [ 98E27A50D037BFCFE095AED77745692D, 4D42962079F94609CDB9CBB4F77016C3D9C70758B88CDF7C68C26939D53B3A27 ] C:\Program Files (x86)\jmesoft\hotkey.exe
    12:16:33.0955 0x1534  C:\Program Files (x86)\jmesoft\hotkey.exe - ok
    12:16:33.0955 0x1534  [ 5B2E4E90C04FB9AE9F2C5E99FF59B283, 69DC06F246C3983934CA92149B4010A51868667D6E9A54A36338B1953B4CB21E ] C:\Windows\SysWOW64\WindowsCodecs.dll
    12:16:33.0955 0x1534  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
    12:16:33.0955 0x1534  [ CA6DB5CB169E09209D0BA380E398D87B, 2ED8F1D59B4ECECD25873AEA5D8932E99AD5231F0AF4DD53AE4677F8E057D2E8 ] C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    12:16:33.0955 0x1534  C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE - ok
    12:16:33.0955 0x1534  [ D144849E9B48A7DFB942281ED7EDB1C1, 425988980C080FF07DFC4713170BA1049BAB052ADC62CEEF2C85CE83E926C399 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
    12:16:33.0955 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll - ok
    12:16:33.0970 0x1534  [ 00C258A28E60367721D2DE20F879590F, 5948FCCA99E23398596079123C916CCC89FB3F2B59DC8CF540D364BB133B5AAD ] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
    12:16:33.0970 0x1534  C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe - ok
    12:16:33.0970 0x1534  [ E2C48CD0132D4D1DC7D0DF9A6BEF686A, 52D1A8AA992AF2F727DA4B16522D604648D700997B1620CCB67D05838C127674 ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\mfc80u.dll
    12:16:33.0970 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\mfc80u.dll - ok
    12:16:33.0970 0x1534  [ 3FF91352B70C1DD93859168A9D5D088D, 4F97E2A20CC11663FF3D022547ADB1B181DEF83B38A5F7867A065CE96B750614 ] C:\Windows\System32\igfxdev.dll
    12:16:33.0970 0x1534  C:\Windows\System32\igfxdev.dll - ok
    12:16:33.0970 0x1534  [ 77515D65E4D2735773A6626EBF86B838, 8E87E09199983B349D98C2D175FBA44CA534B6FF6AB1F51E117B5E2600EF95C2 ] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
    12:16:33.0970 0x1534  C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe - ok
    12:16:33.0970 0x1534  [ 6C885DD270446B351257FF0216AB1586, 8ACC7057F983AF29A8791461C87A57441862D913927472B07DD90ACCE2F908C0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
    12:16:33.0970 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll - ok
    12:16:33.0986 0x1534  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\msvcr80.dll
    12:16:33.0986 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\msvcr80.dll - ok
    12:16:33.0986 0x1534  [ D4F264FE23F8953D840904418220C15E, 72EAF30265A0CC88DEC0FCA7869734D8C93572457C61A2BF1BDFFB20C061DBCD ] C:\Windows\SysWOW64\dxgi.dll
    12:16:33.0986 0x1534  C:\Windows\SysWOW64\dxgi.dll - ok
    12:16:33.0986 0x1534  [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe
    12:16:33.0986 0x1534  C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe - ok
    12:16:33.0986 0x1534  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    12:16:33.0986 0x1534  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
    12:16:33.0986 0x1534  [ 33E8BE80F5A3CBD4166C482B4E2C72B2, 01C2F5C0AA72ACCF0DC9AEE71C0E46982851B789BD51206EBA30FD06F6752E75 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
    12:16:33.0986 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll - ok
    12:16:34.0002 0x1534  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    12:16:34.0002 0x1534  C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
    12:16:34.0002 0x1534  [ B6856ED83EB3121ECA6C7B3CDA407264, EFBF7AE88D02FE0A62D21C36583807BE3DD4F8C6B6D57579704FA7CDBD44FE3F ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\UTEngine.dll
    12:16:34.0002 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\UTEngine.dll - ok
    12:16:34.0002 0x1534  [ 912649A1B3F9E6ACB3899FBDABA2ED5F, 049DFA9EA45A888B984E459B927A0F8AA4C10B9D36C6C0A0FE57F6329BEAF555 ] C:\Windows\SysWOW64\stobject.dll
    12:16:34.0002 0x1534  C:\Windows\SysWOW64\stobject.dll - ok
    12:16:34.0002 0x1534  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
    12:16:34.0002 0x1534  C:\Windows\System32\stobject.dll - ok
    12:16:34.0002 0x1534  [ EFA334917657A01479ED0CF1920FCE9C, 34166E7EEF202D2DF3EFC528ACFBC43798AEE8B0A0D73A01A42C5BB88B4798F0 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
    12:16:34.0002 0x1534  C:\Program Files\McAfee.com\Agent\mcagent.exe - ok
    12:16:34.0017 0x1534  [ 555F35AF3B56EAAE367D767B9E2F1E8B, CB399AB961612318D244D51B90D30A24B0E76CC95ED4E73CFF2807EE799CCC04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
    12:16:34.0017 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll - ok
    12:16:34.0017 0x1534  [ 67C1B58706B47EEBA4E117AC197289E6, 9213E55DA854563E3A99369A4FAD853C0A97241A4F6D93F98444C57ADEEF89C1 ] C:\Windows\SysWOW64\batmeter.dll
    12:16:34.0017 0x1534  C:\Windows\SysWOW64\batmeter.dll - ok
    12:16:34.0017 0x1534  [ E3DCAAB0AB1A59841BC53AD2A9ED287A, 238AD3517D0ED4428185AFD99FED6C97B6381A1A1288D66A341BF930774A8C4F ] C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusUI.dll
    12:16:34.0017 0x1534  C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusUI.dll - ok
    12:16:34.0017 0x1534  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
    12:16:34.0017 0x1534  C:\Windows\System32\batmeter.dll - ok
    12:16:34.0017 0x1534  [ B166B02EF941522763B069D50A682D60, C07C767491952808B0F78D22E26E5EF72322B00769EE408369D34BEF2FB7FCE6 ] C:\Windows\System32\RtkCfg64.dll
    12:16:34.0017 0x1534  C:\Windows\System32\RtkCfg64.dll - ok
    12:16:34.0017 0x1534  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    12:16:34.0017 0x1534  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
    12:16:34.0033 0x1534  [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
    12:16:34.0033 0x1534  C:\Windows\System32\oledlg.dll - ok
    12:16:34.0033 0x1534  [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
    12:16:34.0033 0x1534  C:\Windows\SysWOW64\shfolder.dll - ok
    12:16:34.0033 0x1534  [ F350BD645F9092C0719DE1D58D35F7C5, 865ECEDA3474C9EED8AC29445D9C0E54BB4BCD9AA8991B7B790421E2E5AD2857 ] C:\Windows\System32\RtkAPO64.dll
    12:16:34.0033 0x1534  C:\Windows\System32\RtkAPO64.dll - ok
    12:16:34.0033 0x1534  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\msvcp80.dll
    12:16:34.0033 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\msvcp80.dll - ok
    12:16:34.0033 0x1534  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] C:\Windows\SysWOW64\es.dll
    12:16:34.0048 0x1534  C:\Windows\SysWOW64\es.dll - ok
    12:16:34.0048 0x1534  [ 90FB1802D488FFA9029854A77D4F3F27, FBEAB2065307A2BD9C78D3ABB4F80B8311F3EA68B2F23FD1EF80C24E1DBA1F4D ] C:\Windows\SysWOW64\oleaccrc.dll
    12:16:34.0048 0x1534  C:\Windows\SysWOW64\oleaccrc.dll - ok
    12:16:34.0048 0x1534  [ 197FCFBB07F3AB33E3FDE1DF04298078, 8C3D22BCEECCD829C457094F23239D3CC41335A860989EDBFEC42C7CBF835F5C ] C:\Program Files (x86)\jmesoft\KeyHook.dll
    12:16:34.0048 0x1534  C:\Program Files (x86)\jmesoft\KeyHook.dll - ok
    12:16:34.0048 0x1534  [ C8333F1F77A1B2E25F2202E892CAF634, 7A614AA4353ECE8175B6AB7B25EE26FAB22DF2A53C9A5A694B3A3B56F6C783A7 ] C:\Windows\SysWOW64\prnfldr.dll
    12:16:34.0048 0x1534  C:\Windows\SysWOW64\prnfldr.dll - ok
    12:16:34.0048 0x1534  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
    12:16:34.0048 0x1534  C:\Windows\System32\prnfldr.dll - ok
    12:16:34.0048 0x1534  [ 4FD693D4B9AA64EE32BAA9B8D9956ACF, 3A64BB2E1BBDD3289F13BB06D5DE9A326C8D622966AD054A9958056B11A239C0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
    12:16:34.0048 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll - ok
    12:16:34.0064 0x1534  [ 90D86B42E603984122FCD68FE06FB651, 880299337EEFF29E7F036C24DA3D0D0116FC340B065B90C9C8BD4F7E27C08D2A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
    12:16:34.0064 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll - ok
    12:16:34.0064 0x1534  [ 0303C433E5B37C98C3E787A1F15A12FA, 577BC56884FC36D56266EBF81673EB34CB9F73746A6E5D93618AEF7551A06C6B ] C:\Program Files (x86)\jmesoft\VistaVolume.dll
    12:16:34.0064 0x1534  C:\Program Files (x86)\jmesoft\VistaVolume.dll - ok
    12:16:34.0064 0x1534  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
    12:16:34.0064 0x1534  C:\Windows\SysWOW64\dbghelp.dll - ok
    12:16:34.0064 0x1534  [ B0923C371EF32F2730382B492A38F790, 4C5661CE9536AE224D7EB957654333C428A1F8CA0BCA639340B9913B94FD0FDD ] C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\ToolkitPro1331vc80U.dll
    12:16:34.0064 0x1534  C:\Users\Linda\AppData\Roaming\Verizon\UA_ar\ToolkitPro1331vc80U.dll - ok
    12:16:34.0064 0x1534  [ F3EF30328F33D202FC6BDF9CDC4C031C, D2BD9EF958C0DAEB9B54B022A99997348435BDCB1C18A360AD0F2C85EDD64A13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
    12:16:34.0064 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll - ok
    12:16:34.0064 0x1534  [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
    12:16:34.0064 0x1534  C:\Windows\System32\dsound.dll - ok
    12:16:34.0080 0x1534  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
    12:16:34.0080 0x1534  C:\Windows\System32\DXP.dll - ok
    12:16:34.0080 0x1534  [ CB72DF94C7AFABCC2C1EF24BC5CA004D, BC873B9732FF9C5C336F68778B58A034CB224C7146B514CDC3B9FE6F45678652 ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\icudt.dll
    12:16:34.0080 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\icudt.dll - ok
    12:16:34.0080 0x1534  [ B2B3DAE040F6B5AE1DF52B0CD7631A18, 062680EFF24EB83FF34DDD76043DB9ABB476C8FEE7BBE869A1E7F7FC8891314F ] C:\Windows\SysWOW64\AltTab.dll
    12:16:34.0080 0x1534  C:\Windows\SysWOW64\AltTab.dll - ok
    12:16:34.0080 0x1534  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
    12:16:34.0080 0x1534  C:\Windows\System32\AltTab.dll - ok
    12:16:34.0080 0x1534  [ 856CFFCD835528136367BB1A8FE1DB87, 97EE0B243F460BE737D18B634559BC6389064BA013890E69B650E5152AB873C8 ] C:\Windows\SysWOW64\Syncreg.dll
    12:16:34.0080 0x1534  C:\Windows\SysWOW64\Syncreg.dll - ok
    12:16:34.0080 0x1534  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
    12:16:34.0080 0x1534  C:\Windows\System32\Syncreg.dll - ok
    12:16:34.0095 0x1534  [ 11A52C5634101692AAA831ACDB52A9F3, 2513458F28CEF03F4CF8CE23FBD4A8A4919B5A219EACC8E7754731FC3E1B0A50 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
    12:16:34.0095 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll - ok
    12:16:34.0095 0x1534  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
    12:16:34.0095 0x1534  C:\Windows\ehome\ehSSO.dll - ok
    12:16:34.0095 0x1534  [ 8DFB5078508924FA725C203CE179B10C, A26A42B331C75D455074B597B982D4CB734B57F1F527C7B2EDBCD0746C38CD52 ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
    12:16:34.0095 0x1534  C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
    12:16:34.0095 0x1534  [ 585FED4CDB8034B8B58AEB8008255817, 13D1055929D79598C04A4AB66EF3DBAADD265F9D1C3F43E84531238D2526A1AE ] C:\Windows\System32\opengl32.dll
    12:16:34.0095 0x1534  C:\Windows\System32\opengl32.dll - ok
    12:16:34.0095 0x1534  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
    12:16:34.0095 0x1534  C:\Windows\SysWOW64\rasapi32.dll - ok
    12:16:34.0095 0x1534  [ 0C18568BE622D14A796AC683B88425DE, B2BFE014A0D8D09DAF3E05A42951838683C95DAD3943C21DDC0C3DB231F9C02F ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
    12:16:34.0111 0x1534  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
    12:16:34.0111 0x1534  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
    12:16:34.0111 0x1534  C:\Windows\SysWOW64\rasman.dll - ok
    12:16:34.0111 0x1534  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
    12:16:34.0111 0x1534  C:\Windows\SysWOW64\rtutils.dll - ok
    12:16:34.0111 0x1534  [ 3D6F22551D422F97AACB0BB927E4C846, 9AB7C9F2E7F3D1CEC4553D0DF57E074121957055A9A4349946D354ACB6FC4579 ] C:\Windows\SysWOW64\pnidui.dll
    12:16:34.0111 0x1534  C:\Windows\SysWOW64\pnidui.dll - ok
    12:16:34.0111 0x1534  [ C4CF03B998D4D758B89CD07F22D7A7F9, 148345A87B69EDB4212C26F135690A5D04B998D5E2AF6F3A559822A0020472A3 ] C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    12:16:34.0111 0x1534  C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe - ok
    12:16:34.0111 0x1534  [ AAF7C4C78E07660241EB1230638DE2F6, 6318AB859AF0BA7D80B768E49A7EE49411F57B74240A269D371C14504D091713 ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
    12:16:34.0111 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll - ok
    12:16:34.0126 0x1534  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
    12:16:34.0126 0x1534  C:\Windows\System32\pnidui.dll - ok
    12:16:34.0126 0x1534  [ F2967C0A97C0EA67D79D7F557213950D, 65516C83DCB3F952CD4454636B61CC2F153AF6BEEBC352463791D92F7F500F52 ] C:\Windows\System32\glu32.dll
    12:16:34.0126 0x1534  C:\Windows\System32\glu32.dll - ok
    12:16:34.0126 0x1534  [ A6C09924C6730DE8DEED9890A12AA691, 46EACBC27D15FD43431812D6CA770982178C07246AF3A1C2E0D40D745A1D5758 ] C:\Windows\System32\ddraw.dll
    12:16:34.0126 0x1534  C:\Windows\System32\ddraw.dll - ok
    12:16:34.0126 0x1534  [ DB001FAEA818AE2E14A74E0ADC530FC0, 45CB405589C92BF74C47B7C90E299A5732A99403C51F301A5B60579CAF3116E7 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
    12:16:34.0126 0x1534  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
    12:16:34.0126 0x1534  [ F9CF7CA48B5D3A070F534CCA4EEC220A, EC4416340EAC617B122FD2D21F6364759CF58D7F4315859309093842E8870AFF ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
    12:16:34.0126 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll - ok
    12:16:34.0126 0x1534  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
    12:16:34.0126 0x1534  C:\Windows\System32\mscoree.dll - ok
    12:16:34.0142 0x1534  [ A5ED9421B8D09ED4F57CDA386307713E, EC2EE043E94A53302A9721220AA42D29BE72AF3448B7AA01F7EB911ECF7DC6AE ] C:\Windows\System32\dciman32.dll
    12:16:34.0142 0x1534  C:\Windows\System32\dciman32.dll - ok
    12:16:34.0142 0x1534  [ AA794B099F776B37ACCDEAD00E0FBFC9, CB6DA7F6A8BB09BBCFCB37E96FBA44F989DD7485535801CB9B6BD7F5A9C838E0 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
    12:16:34.0142 0x1534  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
    12:16:34.0142 0x1534  [ 161EFB45DE0744802FBE88F50B57EB86, EA518AA1500B8D687028080420B89B35897CA6023CF971809E9223D0F0DCF2A5 ] C:\Program Files\Internet Explorer\sqmapi.dll
    12:16:34.0142 0x1534  C:\Program Files\Internet Explorer\sqmapi.dll - ok
    12:16:34.0142 0x1534  [ BE210318FA6DA2A862BD41EA87E8CBE6, 1977C5979A473F06028FE51405F3C752C34ACB7A3BBD95C242ADD171E0E69046 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
    12:16:34.0142 0x1534  C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
    12:16:34.0142 0x1534  [ C0FAAE8EC1B4760D3D04844F708DA0F0, 190F92877C880A9115DB957755850CE6E81F3F428AB7B6B6BF4EC99668C1DA14 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
    12:16:34.0142 0x1534  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
    12:16:34.0158 0x1534  [ BD626EF05967D14C772B8096292731A3, FE3838B41DCAFC52089D909E7F411186D993C08AC149E093352D691D57C9BE71 ] C:\Windows\SysWOW64\QUTIL.DLL
    12:16:34.0158 0x1534  C:\Windows\SysWOW64\QUTIL.DLL - ok
    12:16:34.0158 0x1534  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
    12:16:34.0158 0x1534  C:\Windows\System32\QUTIL.DLL - ok
    12:16:34.0158 0x1534  [ 06A754FE28A06F780A099703CFCAAA22, FCADF16C88EEC651258149616202CC29D649FE8CBBBA481BEA9A67C2ED82844B ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
    12:16:34.0158 0x1534  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
    12:16:34.0158 0x1534  [ E0E5BB58A4C43F7DBB83352785F32DEF, 03000DF8B9C6D1E13F85730643797413EEE8221653A761FFBECB0AE64457F9E4 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
    12:16:34.0158 0x1534  C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
    12:16:34.0158 0x1534  [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
    12:16:34.0158 0x1534  C:\Windows\SysWOW64\wevtapi.dll - ok
    12:16:34.0173 0x1534  [ A0617B5753E31126AD29C03154F4F329, 3BC10C0A54D1D60B0C670D901944D3F115E2EBB406C989409145E7151AA55EFE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
    12:16:34.0173 0x1534  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
    12:16:34.0173 0x1534  [ 9590966219AFE901927431AC2E11C462, C891A9484DDED8445964FDF033396FACC83E2769A2AB3D9745939B26BF209B58 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f4e49f5f51d2fa5e6190464468dff4d3\Microsoft.VisualBasic.ni.dll
    12:16:34.0173 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f4e49f5f51d2fa5e6190464468dff4d3\Microsoft.VisualBasic.ni.dll - ok
    12:16:34.0173 0x1534  [ 7F9C912B2817076DC0C9C129C90D8914, 439197E39E96782723B2894FEB21785139E3AC273DC4E10CC88B27D25FBA4E6F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll
    12:16:34.0173 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll - ok
    12:16:34.0173 0x1534  [ 35D50E3EB2BE810B3EFA98ABA948AA77, 21FDA402B21EE96613085C04C278ED723925CC75DF8942E6454E4374E744DA72 ] C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll
    12:16:34.0173 0x1534  C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll - ok
    12:16:34.0173 0x1534  [ EAB975DB4C2805927FE5BD047D05C9AA, 8F5497B1A2652B5EAA5D35BD314B5F90C5140207427DAE6068D665FA44D3FD56 ] C:\Windows\SysWOW64\netshell.dll
    12:16:34.0173 0x1534  C:\Windows\SysWOW64\netshell.dll - ok
    12:16:34.0189 0x1534  [ 0F47D857807DD63F88E5A092E2C04020, 1C8EF2A9CB6496F68DC59BB691B14C4D4010F4E32BEB89A0D36495CF98479FCC ] C:\Program Files\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll
    12:16:34.0189 0x1534  C:\Program Files\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll - ok
    12:16:34.0189 0x1534  [ 9A39A2A5F443A756C568C6ED5748AFE4, 13C2790985CBA9CD325BA20364A665DB50B769B7DDE93E6BE20F25427BDB34F8 ] C:\Windows\SysWOW64\ActionCenter.dll
    12:16:34.0189 0x1534  C:\Windows\SysWOW64\ActionCenter.dll - ok
    12:16:34.0189 0x1534  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
    12:16:34.0189 0x1534  C:\Windows\System32\ActionCenter.dll - ok
    12:16:34.0189 0x1534  [ 0DB2492DE7CBBE2AF0B6662EFF21A6BF, 0284A7277E3E2CD3BCAF8D16E468A1BA21056D1761BBCF0A4B32B1AE9D308E73 ] C:\Program Files\Common Files\McAfee\Platform\mcuifw.dll
    12:16:34.0189 0x1534  C:\Program Files\Common Files\McAfee\Platform\mcuifw.dll - ok
    12:16:34.0189 0x1534  [ 8A525B8D583D067C5AAAC1AF5F91B89A, D92F558E83463FEEDD105F7D5968EAABA2F1F6C83FEE5F7B4E4913AD5E5CB60C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll
    12:16:34.0189 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll - ok
    12:16:34.0189 0x1534  [ 423069307FB726E51E2A66F1C3F738FE, 314EF0E1C636AC553C0E09F992B34573DA4A89ACCB759BDA27335E8125C08E35 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll
    12:16:34.0189 0x1534  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll - ok
    12:16:34.0204 0x1534  [ 735263DA17BF5BAF9CCD483843BF9D5A, A493F9191EA3F37A53474E94B3917EA038B29545FC62B1634CE47F05EA2FF5C6 ] C:\Windows\SysWOW64\WPDShServiceObj.dll
    12:16:34.0204 0x1534  C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
    12:16:34.0204 0x1534  [ 293D5F8CB59093DA5935F9B7DC9EB8CF, 0830C42C246D8A592C58051CFE5F3DA16214642D053BD592FE2248FC801304ED ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\chrome.dll
    12:16:34.0204 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\chrome.dll - ok
    12:16:34.0204 0x1534  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
    12:16:34.0204 0x1534  C:\Windows\System32\WPDShServiceObj.dll - ok
    12:16:34.0204 0x1534  [ 7200DCA324F3D1ECD11B2B1250B2D6C7, 636E12FEA8C47EA528DBA48827AC51A2E98B2EF0864854C9375B8170555C0A6E ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcm90.dll
    12:16:34.0204 0x1534  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcm90.dll - ok
    12:16:34.0204 0x1534  [ 5C997FB34FBA9CD15637890048F1EB0B, E62EBA0A5900576DAF9EC754AE6CCF0853FC09745C8E5407FA103444F5C19D34 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll
    12:16:34.0204 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll - ok
    12:16:34.0220 0x1534  [ ADB45A977BD9E45790CA496DB84BA148, BB251C9A5D2F5C6BDFB22C6BA235748472FC28AF2ADAF1CE7948352301DDE3C1 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
    12:16:34.0220 0x1534  C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
    12:16:34.0220 0x1534  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
    12:16:34.0220 0x1534  C:\Windows\System32\PortableDeviceTypes.dll - ok
    12:16:34.0220 0x1534  [ 2A632A95433E9719F37AE06BA00543AC, 889704C5556AEC2C5BC1D09BAD9B1910C66A6D040AB5DE021375BA861A16FA19 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
    12:16:34.0220 0x1534  C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL - ok
    12:16:34.0220 0x1534  [ 9F6D6573136255D1896D6DA8CF7A8A54, 0A685DE39584E3B7F6C814DDFA8783C6CA9D8F9613C8FC248EED0A8CF0DBABC2 ] C:\Windows\SysWOW64\KeyStone.ax
    12:16:34.0220 0x1534  C:\Windows\SysWOW64\KeyStone.ax - ok
    12:16:34.0220 0x1534  [ C140F86932B5B61F54A4D836E2D34AB2, 94821597EC70F27BF11A747D5EED474C57F389F20A2E0C3F1D0CB3F00974A53B ] C:\Windows\SysWOW64\ksproxy.ax
    12:16:34.0220 0x1534  C:\Windows\SysWOW64\ksproxy.ax - ok
    12:16:34.0236 0x1534  [ 99269DEE97D87DED45D05A3257493D8D, 66CEBA406F0FCDA98D0CC93F880DE1C5CCFA7C9B998B7E8D7823A3FCD42AC42F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll
    12:16:34.0236 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll - ok
    12:16:34.0236 0x1534  [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
    12:16:34.0236 0x1534  C:\Windows\SysWOW64\d3d9.dll - ok
    12:16:34.0236 0x1534  [ E98278865E8DABA21CFE5FE4BE34210A, 3BB431A9F6476EA98C17DF46BA5DFA265E74328D84875E402236ED12E50B6330 ] C:\Windows\SysWOW64\PortableDeviceApi.dll
    12:16:34.0236 0x1534  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
    12:16:34.0236 0x1534  [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
    12:16:34.0236 0x1534  C:\Windows\SysWOW64\d3d8thk.dll - ok
    12:16:34.0236 0x1534  [ E3D5E244807AD655787FCD25477CC1BC, 8A378249C936914DBFEDAE310D6ACB93D488C8F490EC4AAB435861C413A5BB0F ] C:\Windows\SysWOW64\bthprops.cpl
    12:16:34.0236 0x1534  C:\Windows\SysWOW64\bthprops.cpl - ok
    12:16:34.0251 0x1534  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25, 019E9274DE2F5BAB16B4632B8A2E93DFC8DF0C08EC4EEA947B337FD29EB2E0CC ] C:\Windows\SysWOW64\devenum.dll
    12:16:34.0251 0x1534  C:\Windows\SysWOW64\devenum.dll - ok
    12:16:34.0251 0x1534  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
    12:16:34.0251 0x1534  C:\Windows\System32\bthprops.cpl - ok
    12:16:34.0251 0x1534  [ E24FE90E9DE8D8AE70E59F7B01675DEF, DDB0691488DB424CC203505E27364B24E4410E599A972CF2C1AFF4E2F3E3C04F ] C:\Windows\SysWOW64\avicap32.dll
    12:16:34.0251 0x1534  C:\Windows\SysWOW64\avicap32.dll - ok
    12:16:34.0251 0x1534  [ 7069AAB8536F29ED7323140973A2894B, 04B7FB6C64BFA3B80549F35CEF36D5DAE5D19A40E42444B3665B6BEFDF98EB5F ] C:\Windows\SysWOW64\msdmo.dll
    12:16:34.0251 0x1534  C:\Windows\SysWOW64\msdmo.dll - ok
    12:16:34.0251 0x1534  [ C335EC1182AC10B188705554E0BC1186, 963CD11CEF7A79559361134FDF9C07B8EA829A40D3996D77E95C291DD17AAD2B ] C:\Windows\SysWOW64\msvfw32.dll
    12:16:34.0251 0x1534  C:\Windows\SysWOW64\msvfw32.dll - ok
    12:16:34.0251 0x1534  [ 619901DE647FDC5E7901B9A854CE40CE, C961C31B34D63617BF85F252948B1DA163419DC6C52935A164942E9F16C6EDAB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
    12:16:34.0251 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll - ok
    12:16:34.0267 0x1534  [ 0F25194F0257C1ED7C93C55FE6AE6E8A, AD8BE609E52FD7C9663EADEB0498C23E720528FEB1374D3E6A119A6037FDADD2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\3f0016119cbaccffc68806e1c91da0fc\PresentationFramework.ni.dll
    12:16:34.0267 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\3f0016119cbaccffc68806e1c91da0fc\PresentationFramework.ni.dll - ok
    12:16:34.0267 0x1534  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
    12:16:34.0267 0x1534  C:\Windows\System32\FXSST.dll - ok
    12:16:34.0267 0x1534  [ AE098D9D3BD83440C59A0C3386F4F5DD, 13CFA7323349A2746D7FE662A7FCFC678F4E7AA9E12B45C62328022E3272384F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
    12:16:34.0267 0x1534  C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
    12:16:34.0267 0x1534  [ 942E57152F1CD0533644AB30EF1A4728, 4F72510BECFAFDBB06C9CAAC66BA9E95225DE1EA12B4D2FD5B67492A2E628ABD ] C:\Windows\SysWOW64\FXSAPI.dll
    12:16:34.0267 0x1534  C:\Windows\SysWOW64\FXSAPI.dll - ok
    12:16:34.0267 0x1534  [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
    12:16:34.0267 0x1534  C:\Windows\System32\FXSAPI.dll - ok
    12:16:34.0282 0x1534  [ C4096CA42199428B3D63DC206C197F0E, 76336CD81608650E5AAD02D59D2AC752E7BDD057314BBC7334CECF74D1EAB587 ] C:\Windows\SysWOW64\FXSRESM.dll
    12:16:34.0282 0x1534  C:\Windows\SysWOW64\FXSRESM.dll - ok
    12:16:34.0282 0x1534  [ 71C4F42DC8DB668E826DA79462EA741E, 69452DBC1CD4E09B27A42A535827B359FA9A2762A106E91653DDB7BF00A9C029 ] C:\Windows\SysWOW64\KBDUS.DLL
    12:16:34.0282 0x1534  C:\Windows\SysWOW64\KBDUS.DLL - ok
    12:16:34.0282 0x1534  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
    12:16:34.0282 0x1534  C:\Windows\System32\FXSRESM.dll - ok
    12:16:34.0282 0x1534  [ 6E656C325A5519A3A9D951709958CF6F, 1DC1D4BDF42F40A381D569297FEFB79B53CBD87088BA61A9EEA5AE4526B6182E ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
    12:16:34.0282 0x1534  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
    12:16:34.0282 0x1534  [ 674B0C0F6A448EB185CAAB9C51D44032, 6722351F46BF70BA967844D3239CD801DFC4538A4EB6C478D8497F27F7FD9F1D ] C:\Windows\SysWOW64\srchadmin.dll
    12:16:34.0282 0x1534  C:\Windows\SysWOW64\srchadmin.dll - ok
    12:16:34.0298 0x1534  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
    12:16:34.0298 0x1534  C:\Windows\System32\srchadmin.dll - ok
    12:16:34.0298 0x1534  [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\SysWOW64\mscms.dll
    12:16:34.0298 0x1534  C:\Windows\SysWOW64\mscms.dll - ok
    12:16:34.0298 0x1534  [ 1B1431D9520C7578AD5633ED2A70625F, 6852FAC1355CA69226B727A1355D6DA8C0865F5EEDA45D7690701CFED7C542A1 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
    12:16:34.0298 0x1534  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
    12:16:34.0298 0x1534  [ 140D9F911182357626165EA0BEB98C4F, 9B24047BF104895FCFDB68694934BDDD92DE98A0E6334A62E987C6DCBFFB9C5B ] C:\Windows\SysWOW64\ncsi.dll
    12:16:34.0298 0x1534  C:\Windows\SysWOW64\ncsi.dll - ok
    12:16:34.0298 0x1534  [ 43C9CF6825CEA58F1815B7C3DBBB385C, C79DB405D588C77E4ACAE3BC26080213BEEB604C0A109AFDF88031FC46B4CBC0 ] C:\Windows\SysWOW64\Wpc.dll
    12:16:34.0298 0x1534  C:\Windows\SysWOW64\Wpc.dll - ok
    12:16:34.0314 0x1534  [ D64D99EC088B54FFE8EE67A480386C20, A6D1E4CA40843B0B9B32019E69479457D46CA99A2804E937CDC385C9DEDFDE62 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
    12:16:34.0314 0x1534  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
    12:16:34.0314 0x1534  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
    12:16:34.0314 0x1534  C:\Windows\System32\FXSSVC.exe - ok
    12:16:34.0314 0x1534  [ 2867EB00222EB3AA5F4F80C451F9F2C9, 4ADDBA3A76EED9F60F87B12A43DCB06E95700D5562757835C76CEA6C72FADF05 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\fffa833a307c3ad981d98b81311f2ad3\WindowsFormsIntegration.ni.dll
    12:16:34.0314 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\fffa833a307c3ad981d98b81311f2ad3\WindowsFormsIntegration.ni.dll - ok
    12:16:34.0314 0x1534  [ 236F286E103FD44BD85FDD93097FD5DD, C369C98E76FEFBB05A12ABEECCF89C75132419B56866ED9AB77F61F84BA62785 ] C:\Windows\SysWOW64\SearchIndexer.exe
    12:16:34.0314 0x1534  C:\Windows\SysWOW64\SearchIndexer.exe - ok
    12:16:34.0314 0x1534  [ ACBABB8E45BEBFE6B03761ECA0126E55, 360ED24DA7FEA360FC563B2CA6AA44876E2AE5876BC77F2E323318A31D233769 ] C:\Windows\System32\gfxSrvc.dll
    12:16:34.0314 0x1534  C:\Windows\System32\gfxSrvc.dll - ok
    12:16:34.0329 0x1534  [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
    12:16:34.0329 0x1534  C:\Windows\System32\SearchIndexer.exe - ok
    12:16:34.0329 0x1534  [ 346242C94BA09626AE7F3591264900C9, 2EEF8552A286208A16DBD247D596735D5A5329F65D6706164ECB6399D2B37E83 ] C:\Windows\System32\IGFXDEVLib.dll
    12:16:34.0329 0x1534  C:\Windows\System32\IGFXDEVLib.dll - ok
    12:16:34.0329 0x1534  [ D39DA70FEA6BD713682F70635587DA9E, FF18C97642F48C711D75F32115B1260FE0BDF6072403E5A9226E9BE780AF1969 ] C:\Windows\SysWOW64\rasdlg.dll
    12:16:34.0329 0x1534  C:\Windows\SysWOW64\rasdlg.dll - ok
    12:16:34.0329 0x1534  [ 465DBF63A5049E4DB4BC5C12FFE781CB, D12F6A9FB92144B2CFFD28BD72C234BA42F882EF22122DB83CE5EB1B8EBE9017 ] C:\Windows\SysWOW64\tquery.dll
    12:16:34.0329 0x1534  C:\Windows\SysWOW64\tquery.dll - ok
    12:16:34.0329 0x1534  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
    12:16:34.0329 0x1534  C:\Windows\System32\rasdlg.dll - ok
    12:16:34.0329 0x1534  [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
    12:16:34.0329 0x1534  C:\Windows\System32\tquery.dll - ok
    12:16:34.0345 0x1534  [ 1F27643C4C626457FCE8F047AE1CD7E1, 68E2367B9AA21C1BDE7FEA566D5F0DBDF1E246CB53E949622F8EDC810AA95956 ] C:\Windows\SysWOW64\dxva2.dll
    12:16:34.0345 0x1534  C:\Windows\SysWOW64\dxva2.dll - ok
    12:16:34.0345 0x1534  [ 4C3DAEE652B005B483F16B8E9131C99D, 188DFF96F3B18A610C52775C8F95C99ABF27FF2E1D52B50EDF9F80FE337239CD ] C:\Windows\System32\d3d9.dll
    12:16:34.0345 0x1534  C:\Windows\System32\d3d9.dll - ok
    12:16:34.0345 0x1534  [ 04B88428A872390D235BE52D38A9D4EF, F6954D514B67547738EB012456342D65289B0B18A0304BBAD5BDAA3436181C77 ] C:\Windows\SysWOW64\dot3api.dll
    12:16:34.0345 0x1534  C:\Windows\SysWOW64\dot3api.dll - ok
    12:16:34.0345 0x1534  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
    12:16:34.0345 0x1534  C:\Windows\System32\dot3api.dll - ok
    12:16:34.0345 0x1534  [ 8063046AA70B97CA9985672B8848FB2E, C7A7F2D216D1F0D7F28A22E4933DB3D821AC52CC2EF7AE8BA08D18104FCF8B81 ] C:\Windows\SysWOW64\wlanhlp.dll
    12:16:34.0345 0x1534  C:\Windows\SysWOW64\wlanhlp.dll - ok
    12:16:34.0360 0x1534  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
    12:16:34.0360 0x1534  C:\Windows\System32\wlanhlp.dll - ok
    12:16:34.0360 0x1534  [ FDBA1DEC4F9BE4274A00B9B850C63484, 045846267BCB1D9C4931A4871C887D8496E92DF655936DD5D40375E09C950510 ] C:\Windows\SysWOW64\mf.dll
    12:16:34.0360 0x1534  C:\Windows\SysWOW64\mf.dll - ok
    12:16:34.0360 0x1534  [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
    12:16:34.0360 0x1534  C:\Windows\SysWOW64\wlanapi.dll - ok
    12:16:34.0360 0x1534  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
    12:16:34.0360 0x1534  C:\Windows\System32\wlanapi.dll - ok
    12:16:34.0360 0x1534  [ 6383C60EC0133B14F5705F96369421B2, EAB3FA2344B853148F199F744E716FBB8E9331B9DB588F784274599B6BCE2335 ] C:\Windows\SysWOW64\hnetcfg.dll
    12:16:34.0360 0x1534  C:\Windows\SysWOW64\hnetcfg.dll - ok
    12:16:34.0376 0x1534  [ 0241CB16136B9A4939CA0395768AE286, E7A3A0BDB4AC4BD718C93BE650541F96603739BDB3DB6860665DCC073DA8007D ] C:\Windows\SysWOW64\mssrch.dll
    12:16:34.0376 0x1534  C:\Windows\SysWOW64\mssrch.dll - ok
    12:16:34.0376 0x1534  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65, D99A8C10CC4E5C778D063E56A131DB549F01CA7F9605F6596406606BB12C0269 ] C:\Windows\System32\d3d8thk.dll
    12:16:34.0376 0x1534  C:\Windows\System32\d3d8thk.dll - ok
    12:16:34.0376 0x1534  [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
    12:16:34.0376 0x1534  C:\Windows\System32\mssrch.dll - ok
    12:16:34.0376 0x1534  [ D46104DB0B8CF8F5792FF2E622937E6F, 20F78CF502BF4781355CCD5CA44B394200D09115A54973BB17813AF73DFEFD63 ] C:\Windows\System32\igdumd64.dll
    12:16:34.0376 0x1534  C:\Windows\System32\igdumd64.dll - ok
    12:16:34.0376 0x1534  [ 5C3F9DBA818CD93379D1A0F215270374, 6A4D96AC83989D47D80332E41E627F2607A3B2167E1A5D8E21361136C4424633 ] C:\Windows\SysWOW64\esent.dll
    12:16:34.0376 0x1534  C:\Windows\SysWOW64\esent.dll - ok
    12:16:34.0392 0x1534  [ 600A65F922CCDCBB2D11467914241556, 9AE430D8CB346B43073E78886EF765199497F820D3295683167CD7FEBDDEE316 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
    12:16:34.0392 0x1534  C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
    12:16:34.0392 0x1534  [ 53AF1750FD45DDD705C9B68C7DC58827, A379F7B8289DB02FE336EE09D02C9FED9B407DD173AEECAE98B5551FAB9D1CEB ] C:\Windows\SysWOW64\evr.dll
    12:16:34.0392 0x1534  C:\Windows\SysWOW64\evr.dll - ok
    12:16:34.0392 0x1534  [ 81600E2E27ED61427AAD865B9BCDDB9D, 0D7D39C0A5A2C24FAADCA41658A1C62D13180B462C78103BDF6DBD76B64DD79A ] C:\Windows\SysWOW64\msidle.dll
    12:16:34.0392 0x1534  C:\Windows\SysWOW64\msidle.dll - ok
    12:16:34.0392 0x1534  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
    12:16:34.0392 0x1534  C:\Windows\System32\msidle.dll - ok
    12:16:34.0407 0x1534  [ DA2A1D13A569860040472B5DB8BE287D, 5D15E88EE6C81DB76FB2D3B16CEFAE2A586BE78C4B9D2880384A82CA8196BB2E ] C:\Windows\SysWOW64\igdumdx32.dll
    12:16:34.0407 0x1534  C:\Windows\SysWOW64\igdumdx32.dll - ok
    12:16:34.0407 0x1534  [ 6699A112A3BDC9B52338512894EBA9D6, 10888BB9C3799E1E8B010C0F9088CED376AAD63A509FCE1727C457B022CDC717 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
    12:16:34.0407 0x1534  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
    12:16:34.0407 0x1534  [ AC6E6940C8C98EE153D96FFA2CA7B272, FA2E79F75DFB471E84CE6D92D2EC131BD3482B31D3F0D67B562ECA069399EE87 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll
    12:16:34.0407 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll - ok
    12:16:34.0407 0x1534  [ 9174E09AF734124E3A68B862DBF9C706, F13DD5529AE914F15F5FEDC4DBF9AA880ED29566FF01BF8BCD782FE6557CCD1B ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
    12:16:34.0407 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll - ok
    12:16:34.0423 0x1534  [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
    12:16:34.0423 0x1534  C:\Windows\SysWOW64\wlanutil.dll - ok
    12:16:34.0423 0x1534  [ C02AA67276FEE0C15CC4D6D616BDE95E, 24B0FFA2903CC77FEDE6B491647BB759C4AE054E38A19EFA0D2662AC2959570B ] C:\Windows\SysWOW64\WWanAPI.dll
    12:16:34.0423 0x1534  C:\Windows\SysWOW64\WWanAPI.dll - ok
    12:16:34.0423 0x1534  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
    12:16:34.0423 0x1534  C:\Windows\System32\WWanAPI.dll - ok
    12:16:34.0423 0x1534  [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
    12:16:34.0423 0x1534  C:\Windows\SysWOW64\mssprxy.dll - ok
    12:16:34.0438 0x1534  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
    12:16:34.0438 0x1534  C:\Windows\System32\mssprxy.dll - ok
    12:16:34.0438 0x1534  [ 37E7B053C9B47CBC2A6F54CC3C0BC257, 4F27475B9B53D1792F4D75CABC49DF00D270E9C4C860123F9588A9847E7E109A ] C:\Windows\SysWOW64\igdumd32.dll
    12:16:34.0438 0x1534  C:\Windows\SysWOW64\igdumd32.dll - ok
    12:16:34.0438 0x1534  [ F24D69C3F5E98ABEE59ECCB0E2DF820E, E6B4CB7ED9FC8CD2B4237AB2A97BE92558E39965108E8F93B1708346FC2583D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fed86e49fe95761085bf287f901f5b53\System.Configuration.ni.dll
    12:16:34.0438 0x1534  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fed86e49fe95761085bf287f901f5b53\System.Configuration.ni.dll - ok
    12:16:34.0438 0x1534  [ BA551F659E36FE4FB419E5899279E4EF, 0B506914CAACC34A0EC0818ABC4CE8397E9F5F8D24D2AE7CD2D8B220EBF3FA17 ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libpeerconnection.dll
    12:16:34.0438 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libpeerconnection.dll - ok
    12:16:34.0454 0x1534  [ F2ED6D00921CA138289E5E0CCB9ABF87, 528F249CE0835CA4D8B7C4940F5132DF1155EB344177BEA4CD7FCF9B8DCCCA4B ] C:\Windows\SysWOW64\wwapi.dll
    12:16:34.0454 0x1534  C:\Windows\SysWOW64\wwapi.dll - ok
    12:16:34.0454 0x1534  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
    12:16:34.0454 0x1534  C:\Windows\System32\wwapi.dll - ok
    12:16:34.0454 0x1534  [ 62A6EB5771580CAE445804389F3F7432, CC529625540204E82794E5494C063371BF7A5164823E6C3B2CCAAC030AE4D5AE ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
    12:16:34.0454 0x1534  C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
    12:16:34.0454 0x1534  [ F1C19F0AA151B90A7416FA1D50DDB582, A4AE6B056BF65A12CE5BEDFC3ADE156F088AEAC7196EB5741C9573C64552A7C0 ] C:\Windows\System32\WindowsCodecsExt.dll
    12:16:34.0454 0x1534  C:\Windows\System32\WindowsCodecsExt.dll - ok
    12:16:34.0470 0x1534  [ 02530B0B7E048DD5AC8D52DAEACAEB2B, 2DEB454F8B71EC54C59185E2F1D679F7EC1C7AEFCD1D59761FDD3D70CABE0254 ] C:\Windows\SysWOW64\QAGENT.DLL
    12:16:34.0470 0x1534  C:\Windows\SysWOW64\QAGENT.DLL - ok
    12:16:34.0470 0x1534  [ 77B09C2C6F407531447DA75E3ACD1C5B, A272EFAC23733F6ED987C7599762CADF36BFDA9ECC759118A6DEB46544AD2C68 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    12:16:34.0470 0x1534  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll - ok
    12:16:34.0470 0x1534  [ 5BF8E37FA1E25227480F9CD2ACA21FB6, 58D9A00888AF693B2A5222FE74CFDED32CE83E74F85B474F1CBE5987217B5A9D ] C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\d3dcompiler_46.dll
    12:16:34.0470 0x1534  C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\d3dcompiler_46.dll - ok
    12:16:34.0470 0x1534  [ 8A1A8C8D8BC9DEA8CF21528AAFDF69AC, C8BBA9D444F305F59AA8F3FBF86002E604869A6F2D30C1B9AB2434FE3719877D ] C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271_0\McChPlg.dll
    12:16:34.0470 0x1534  C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271_0\McChPlg.dll - ok
    12:16:34.0485 0x1534  [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
    12:16:34.0485 0x1534  C:\Windows\System32\QAGENT.DLL - ok
    12:16:34.0485 0x1534  [ 816B681CC308FAA128EDCB90643DCED7, C2C6295F59F00F4D47673C361F1965BA62F9ADF6897A6A0BE224509628A27D7E ] C:\Windows\SysWOW64\icm32.dll
    12:16:34.0485 0x1534  C:\Windows\SysWOW64\icm32.dll - ok

  16. 12:16:32.0348 0x1534  [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
    12:16:32.0348 0x1534  C:\Windows\System32\wlgpclnt.dll - ok
    12:16:32.0348 0x1534  [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll
    12:16:32.0348 0x1534  C:\Windows\System32\msxml6.dll - ok
    12:16:32.0364 0x1534  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
    12:16:32.0364 0x1534  C:\Windows\System32\netcfgx.dll - ok
    12:16:32.0364 0x1534  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
    12:16:32.0364 0x1534  C:\Windows\System32\shsvcs.dll - ok
    12:16:32.0364 0x1534  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
    12:16:32.0364 0x1534  C:\Windows\System32\schedsvc.dll - ok
    12:16:32.0364 0x1534  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
    12:16:32.0364 0x1534  C:\Windows\System32\ktmw32.dll - ok
    12:16:32.0364 0x1534  [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
    12:16:32.0364 0x1534  C:\Windows\System32\fveapi.dll - ok
    12:16:32.0364 0x1534  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
    12:16:32.0364 0x1534  C:\Windows\System32\fvecerts.dll - ok
    12:16:32.0379 0x1534  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
    12:16:32.0379 0x1534  C:\Windows\System32\tbs.dll - ok
    12:16:32.0379 0x1534  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
    12:16:32.0379 0x1534  C:\Windows\System32\wiarpc.dll - ok
    12:16:32.0379 0x1534  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
    12:16:32.0379 0x1534  C:\Windows\System32\dllhost.exe - ok
    12:16:32.0379 0x1534  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
    12:16:32.0379 0x1534  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
    12:16:32.0379 0x1534  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
    12:16:32.0379 0x1534  C:\Windows\System32\taskcomp.dll - ok
    12:16:32.0379 0x1534  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
    12:16:32.0379 0x1534  C:\Windows\System32\drivers\http.sys - ok
    12:16:32.0395 0x1534  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
    12:16:32.0395 0x1534  C:\Windows\System32\spoolsv.exe - ok
    12:16:32.0395 0x1534  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
    12:16:32.0395 0x1534  C:\Windows\System32\BFE.DLL - ok
    12:16:32.0395 0x1534  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
    12:16:32.0395 0x1534  C:\Windows\System32\IDStore.dll - ok
    12:16:32.0395 0x1534  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
    12:16:32.0395 0x1534  C:\Windows\System32\localspl.dll - ok
    12:16:32.0395 0x1534  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
    12:16:32.0395 0x1534  C:\Windows\System32\rasadhlp.dll - ok
    12:16:32.0410 0x1534  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
    12:16:32.0410 0x1534  C:\Windows\System32\spoolss.dll - ok
    12:16:32.0410 0x1534  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
    12:16:32.0410 0x1534  C:\Windows\System32\winspool.drv - ok
    12:16:32.0410 0x1534  [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
    12:16:32.0410 0x1534  C:\Windows\System32\PrintIsolationProxy.dll - ok
    12:16:32.0410 0x1534  [ 986E8BBDB93B4F1998F414A25B499D9B, 8B3E63A622D5C31E0E2917006F77D7A07CF8A11A2ED8BFB6439E3B28C27070CE ] C:\Windows\System32\hpinksts6412LM.dll
    12:16:32.0410 0x1534  C:\Windows\System32\hpinksts6412LM.dll - ok
    12:16:32.0410 0x1534  [ 2F426408F5FBE1BCE56F8F772A911EA4, EA77849C098EF986C593AE947855FB4C219CD2FD77F6F4E5320508A440F10815 ] C:\Windows\System32\HPDiscoPM6412.dll
    12:16:32.0410 0x1534  C:\Windows\System32\HPDiscoPM6412.dll - ok
    12:16:32.0410 0x1534  [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
    12:16:32.0410 0x1534  C:\Windows\System32\wsnmp32.dll - ok
    12:16:32.0426 0x1534  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
    12:16:32.0426 0x1534  C:\Windows\System32\mpr.dll - ok
    12:16:32.0426 0x1534  [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
    12:16:32.0426 0x1534  C:\Windows\System32\FXSMON.dll - ok
    12:16:32.0426 0x1534  [ 62A0ED06E9FF55EEF51B27EC4839EE0B, C206495B66EC9CBCDE0D7D9A2F420ADEF750B81BBD75A578F0A15F66864A0C98 ] C:\Windows\System32\hpz3lw71.dll
    12:16:32.0426 0x1534  C:\Windows\System32\hpz3lw71.dll - ok
    12:16:32.0426 0x1534  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
    12:16:32.0426 0x1534  C:\Windows\System32\tcpmon.dll - ok
    12:16:32.0426 0x1534  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
    12:16:32.0426 0x1534  C:\Windows\System32\userinit.exe - ok
    12:16:32.0442 0x1534  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
    12:16:32.0442 0x1534  C:\Windows\System32\snmpapi.dll - ok
    12:16:32.0442 0x1534  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
    12:16:32.0442 0x1534  C:\Windows\System32\usbmon.dll - ok
    12:16:32.0442 0x1534  [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
    12:16:32.0442 0x1534  C:\Windows\System32\WSDApi.dll - ok
    12:16:32.0442 0x1534  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
    12:16:32.0442 0x1534  C:\Windows\System32\WSDMon.dll - ok
    12:16:32.0442 0x1534  [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
    12:16:32.0442 0x1534  C:\Windows\System32\webservices.dll - ok
    12:16:32.0442 0x1534  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
    12:16:32.0442 0x1534  C:\Windows\System32\fundisc.dll - ok
    12:16:32.0457 0x1534  [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
    12:16:32.0457 0x1534  C:\Windows\explorer.exe - ok
    12:16:32.0457 0x1534  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
    12:16:32.0457 0x1534  C:\Windows\System32\fdPnp.dll - ok
    12:16:32.0457 0x1534  [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
    12:16:32.0457 0x1534  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
    12:16:32.0457 0x1534  [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
    12:16:32.0457 0x1534  C:\Windows\System32\taskhost.exe - ok
    12:16:32.0457 0x1534  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
    12:16:32.0457 0x1534  C:\Windows\System32\drivers\bowser.sys - ok
    12:16:32.0473 0x1534  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
    12:16:32.0473 0x1534  C:\Windows\System32\drivers\mpsdrv.sys - ok
    12:16:32.0473 0x1534  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
    12:16:32.0473 0x1534  C:\Windows\System32\HotStartUserAgent.dll - ok
    12:16:32.0473 0x1534  [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69, CC29187582D78060AB7D910BF0D1E68F6B6E6DF7A71755205A2D466C32CD098D ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
    12:16:32.0473 0x1534  C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
    12:16:32.0473 0x1534  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
    12:16:32.0473 0x1534  C:\Windows\System32\PlaySndSrv.dll - ok
    12:16:32.0473 0x1534  [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
    12:16:32.0488 0x1534  C:\Windows\System32\win32spl.dll - ok
    12:16:32.0488 0x1534  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
    12:16:32.0488 0x1534  C:\Windows\System32\wfapigp.dll - ok
    12:16:32.0488 0x1534  [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
    12:16:32.0488 0x1534  C:\Windows\System32\inetpp.dll - ok
    12:16:32.0488 0x1534  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
    12:16:32.0488 0x1534  C:\Windows\System32\cscapi.dll - ok
    12:16:32.0488 0x1534  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
    12:16:32.0488 0x1534  C:\Windows\System32\drivers\mrxsmb.sys - ok
    12:16:32.0488 0x1534  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
    12:16:32.0488 0x1534  C:\Windows\System32\drivers\mrxsmb10.sys - ok
    12:16:32.0504 0x1534  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
    12:16:32.0504 0x1534  C:\Windows\System32\drivers\mrxsmb20.sys - ok
    12:16:32.0504 0x1534  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
    12:16:32.0504 0x1534  C:\Windows\System32\dwm.exe - ok
    12:16:32.0504 0x1534  [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
    12:16:32.0504 0x1534  C:\Windows\System32\dwmredir.dll - ok
    12:16:32.0504 0x1534  [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
    12:16:32.0504 0x1534  C:\Windows\System32\dwmcore.dll - ok
    12:16:32.0504 0x1534  [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
    12:16:32.0504 0x1534  C:\Windows\System32\d3d10_1.dll - ok
    12:16:32.0520 0x1534  [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
    12:16:32.0520 0x1534  C:\Windows\System32\d3d10_1core.dll - ok
    12:16:32.0520 0x1534  [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
    12:16:32.0520 0x1534  C:\Windows\System32\d3d11.dll - ok
    12:16:32.0520 0x1534  [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
    12:16:32.0520 0x1534  C:\Windows\System32\dxgi.dll - ok
    12:16:32.0520 0x1534  [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
    12:16:32.0520 0x1534  C:\Windows\System32\ExplorerFrame.dll - ok
    12:16:32.0520 0x1534  [ 7F59519CAF9AA22E6EE52EBE4C38D712, 4D2919E243D995CFAA061BDB51364C412D675CB541CE145A827F2F431DE26A0C ] C:\Windows\System32\igd10umd64.dll
    12:16:32.0520 0x1534  C:\Windows\System32\igd10umd64.dll - ok
    12:16:32.0535 0x1534  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
    12:16:32.0535 0x1534  C:\Windows\System32\EhStorShell.dll - ok
    12:16:32.0535 0x1534  [ 80CB571D6024D9D5915673AF4A426FE6, 476F8790B42C19522B70866CC4E555D2901A998298D65B0269794A0B48115ACF ] C:\Program Files (x86)\McAfee Online Backup\MOBK400shell.dll
    12:16:32.0535 0x1534  C:\Program Files (x86)\McAfee Online Backup\MOBK400shell.dll - ok
    12:16:32.0535 0x1534  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
    12:16:32.0535 0x1534  C:\Windows\System32\wkssvc.dll - ok
    12:16:32.0535 0x1534  [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
    12:16:32.0535 0x1534  C:\Windows\System32\mscms.dll - ok
    12:16:32.0551 0x1534  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
    12:16:32.0551 0x1534  C:\Windows\System32\winmm.dll - ok
    12:16:32.0551 0x1534  [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
    12:16:32.0551 0x1534  C:\Windows\System32\winhttp.dll - ok
    12:16:32.0551 0x1534  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
    12:16:32.0551 0x1534  C:\Windows\System32\MsCtfMonitor.dll - ok
    12:16:32.0551 0x1534  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
    12:16:32.0551 0x1534  C:\Windows\System32\msutb.dll - ok
    12:16:32.0566 0x1534  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
    12:16:32.0566 0x1534  C:\Windows\System32\pcasvc.dll - ok
    12:16:32.0566 0x1534  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
    12:16:32.0566 0x1534  C:\Windows\System32\snmptrap.exe - ok
    12:16:32.0566 0x1534  [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
    12:16:32.0566 0x1534  C:\Windows\System32\webio.dll - ok
    12:16:32.0566 0x1534  [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    12:16:32.0566 0x1534  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
    12:16:32.0566 0x1534  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
    12:16:32.0566 0x1534  C:\Windows\System32\provsvc.dll - ok
    12:16:32.0582 0x1534  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
    12:16:32.0582 0x1534  C:\Windows\System32\sstpsvc.dll - ok
    12:16:32.0582 0x1534  [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
    12:16:32.0582 0x1534  C:\Windows\System32\esent.dll - ok
    12:16:32.0582 0x1534  [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
    12:16:32.0582 0x1534  C:\Windows\System32\ntshrui.dll - ok
    12:16:32.0582 0x1534  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
    12:16:32.0582 0x1534  C:\Windows\System32\IconCodecService.dll - ok
    12:16:32.0598 0x1534  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    12:16:32.0598 0x1534  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
    12:16:32.0598 0x1534  [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
    12:16:32.0598 0x1534  C:\Windows\SysWOW64\ntdll.dll - ok
    12:16:32.0598 0x1534  [ 70833F5A59F65908698093889C34BCA2, 25777B910664827FC5C8258E4956CC936E0A1E42A9C7F2F390A83025E685D728 ] C:\Windows\System32\wow64.dll
    12:16:32.0598 0x1534  C:\Windows\System32\wow64.dll - ok
    12:16:32.0598 0x1534  [ 5674E21E82CFBEA36DDAD5DB285D6DBC, FBD2AC69D3E66E39651C5F2C88C0087EDC3CD1FD999FC2A574C97E9DDF2C1441 ] C:\Windows\System32\wow64win.dll
    12:16:32.0598 0x1534  C:\Windows\System32\wow64win.dll - ok
    12:16:32.0613 0x1534  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3, FCF173B0A324FA4780824CBD8C8FE4E402F27EACF1A41AAFEA636FA0B3AE7B35 ] C:\Windows\System32\wow64cpu.dll
    12:16:32.0613 0x1534  C:\Windows\System32\wow64cpu.dll - ok
    12:16:32.0613 0x1534  [ 365A5034093AD9E04F433046C4CDF6AB, 5D5B30A883B273D59C6C64286E0BA79DA0BDF1B7EBC791278248A9196701DDDF ] C:\Windows\SysWOW64\kernel32.dll
    12:16:32.0613 0x1534  C:\Windows\SysWOW64\kernel32.dll - ok
    12:16:32.0613 0x1534  [ 1B7343C3765638D4D17CB925F84F8ABE, FDD4F8B409A6C6870C56BBCDCD07902D825FCB13ABB316FD804B6AAAF996600B ] C:\Windows\SysWOW64\KernelBase.dll
    12:16:32.0613 0x1534  C:\Windows\SysWOW64\KernelBase.dll - ok
    12:16:32.0613 0x1534  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
    12:16:32.0613 0x1534  C:\Windows\SysWOW64\user32.dll - ok
    12:16:32.0613 0x1534  [ D6D3AD7BF1D6F6CE9547613ED5E170A2, EA3BD7FEC193A8CFE1D5736301ACADC476FB6AAC5475A45776D0A638E9845445 ] C:\Windows\SysWOW64\gdi32.dll
    12:16:32.0613 0x1534  C:\Windows\SysWOW64\gdi32.dll - ok
    12:16:32.0629 0x1534  [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
    12:16:32.0629 0x1534  C:\Windows\SysWOW64\lpk.dll - ok
    12:16:32.0629 0x1534  [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
    12:16:32.0629 0x1534  C:\Windows\SysWOW64\msvcrt.dll - ok
    12:16:32.0629 0x1534  [ B7230010D97787AF3D25E4C82F2B06B9, C795E9811CD461F8E98D1738667EB0C265A57065EA3420CE596D5038E7430C1E ] C:\Windows\SysWOW64\usp10.dll
    12:16:32.0629 0x1534  C:\Windows\SysWOW64\usp10.dll - ok
    12:16:32.0629 0x1534  [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
    12:16:32.0629 0x1534  C:\Windows\SysWOW64\advapi32.dll - ok
    12:16:32.0644 0x1534  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
    12:16:32.0644 0x1534  C:\Windows\SysWOW64\cryptbase.dll - ok
    12:16:32.0644 0x1534  [ 4DC999CED9429939D75682EBD7D48901, 4E2DB6E4C500980488010AF1125A73D0F958889379F05DB304A220B4BB2D1834 ] C:\Windows\SysWOW64\rpcrt4.dll
    12:16:32.0644 0x1534  C:\Windows\SysWOW64\rpcrt4.dll - ok
    12:16:32.0644 0x1534  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
    12:16:32.0644 0x1534  C:\Windows\SysWOW64\sechost.dll - ok
    12:16:32.0644 0x1534  [ EDA7AD21DF8945528F01F0A86D69E524, 8FF2CC12AF30F1DC367ABD19FA9CB0F42EC6EE820F6E755BEFCEFE952C22E2F6 ] C:\Windows\SysWOW64\sspicli.dll
    12:16:32.0644 0x1534  C:\Windows\SysWOW64\sspicli.dll - ok
    12:16:32.0644 0x1534  [ E02781D4871844DCD30DF1D69A650F78, DC77302F06CD6CF7FC2C3B0F433A4AE41DF869B9F342C0656CCD8A125B3D3318 ] C:\Windows\SysWOW64\shell32.dll
    12:16:32.0644 0x1534  C:\Windows\SysWOW64\shell32.dll - ok
    12:16:32.0660 0x1534  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
    12:16:32.0660 0x1534  C:\Windows\System32\uDWM.dll - ok
    12:16:32.0660 0x1534  [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
    12:16:32.0660 0x1534  C:\Windows\SysWOW64\ole32.dll - ok
    12:16:32.0660 0x1534  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
    12:16:32.0660 0x1534  C:\Windows\SysWOW64\shlwapi.dll - ok
    12:16:32.0660 0x1534  [ AE8EB083B050E17A7D6EB5E28AECDDD6, CC57A9AAA9E89A2F15F64C0F23D6CA7F7D0C5CE435DFAB2993A73F42764AC6B3 ] C:\Windows\SysWOW64\crypt32.dll
    12:16:32.0660 0x1534  C:\Windows\SysWOW64\crypt32.dll - ok
    12:16:32.0676 0x1534  [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
    12:16:32.0676 0x1534  C:\Windows\SysWOW64\oleaut32.dll - ok
    12:16:32.0676 0x1534  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
    12:16:32.0676 0x1534  C:\Windows\SysWOW64\msasn1.dll - ok
    12:16:32.0676 0x1534  [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
    12:16:32.0676 0x1534  C:\Windows\SysWOW64\wintrust.dll - ok
    12:16:32.0676 0x1534  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
    12:16:32.0676 0x1534  C:\Windows\SysWOW64\imm32.dll - ok
    12:16:32.0691 0x1534  [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5, AE163388201EF2F119E11265586E7DA32C6E5B348E0CC32E3F72E21EBFD0843B ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
    12:16:32.0691 0x1534  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
    12:16:32.0691 0x1534  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
    12:16:32.0691 0x1534  C:\Windows\SysWOW64\msctf.dll - ok
    12:16:32.0691 0x1534  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    12:16:32.0691 0x1534  C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - ok
    12:16:32.0691 0x1534  [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
    12:16:32.0691 0x1534  C:\Windows\SysWOW64\winhttp.dll - ok
    12:16:32.0691 0x1534  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
    12:16:32.0691 0x1534  C:\Windows\SysWOW64\clbcatq.dll - ok
    12:16:32.0691 0x1534  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
    12:16:32.0691 0x1534  C:\Windows\SysWOW64\profapi.dll - ok
    12:16:32.0707 0x1534  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
    12:16:32.0707 0x1534  C:\Windows\SysWOW64\SensApi.dll - ok
    12:16:32.0707 0x1534  [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
    12:16:32.0707 0x1534  C:\Windows\SysWOW64\webio.dll - ok
    12:16:32.0707 0x1534  [ EAADD6E47ED2A7003ACE1793B98CF63F, EE090284CA4595B6A140949A41025926CEC3CCACCD2931B6AC77A1E14D20E5B4 ] C:\Windows\SysWOW64\msxml6.dll
    12:16:32.0707 0x1534  C:\Windows\SysWOW64\msxml6.dll - ok
    12:16:32.0707 0x1534  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    12:16:32.0707 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
    12:16:32.0707 0x1534  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
    12:16:32.0707 0x1534  C:\Windows\System32\cryptsvc.dll - ok
    12:16:32.0707 0x1534  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
    12:16:32.0707 0x1534  C:\Windows\System32\dps.dll - ok
    12:16:32.0722 0x1534  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] C:\Windows\System32\IKEEXT.DLL
    12:16:32.0722 0x1534  C:\Windows\System32\IKEEXT.DLL - ok
    12:16:32.0722 0x1534  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
    12:16:32.0722 0x1534  C:\Windows\SysWOW64\cryptsp.dll - ok
    12:16:32.0722 0x1534  [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
    12:16:32.0722 0x1534  C:\Windows\System32\cryptnet.dll - ok
    12:16:32.0722 0x1534  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
    12:16:32.0722 0x1534  C:\Windows\System32\vssapi.dll - ok
    12:16:32.0722 0x1534  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
    12:16:32.0722 0x1534  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
    12:16:32.0722 0x1534  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
    12:16:32.0722 0x1534  C:\Windows\SysWOW64\rsaenh.dll - ok
    12:16:32.0738 0x1534  [ EF39CCCC9AD927A25334AE0B41A8A343, EC5FB376F84697F42B632BC9775D362CF6C54A68E26A0CF027D90F5A419BEA74 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
    12:16:32.0738 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
    12:16:32.0738 0x1534  [ 9275F02BEA644F43A459E316A932658F, A4B9A716BEF1ADFDDA4C44D4838EC57BD77DEE29C4B4737B58A9375C2366A87F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
    12:16:32.0738 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
    12:16:32.0738 0x1534  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
    12:16:32.0738 0x1534  C:\Windows\System32\taskschd.dll - ok
    12:16:32.0738 0x1534  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
    12:16:32.0738 0x1534  C:\Windows\SysWOW64\version.dll - ok
    12:16:32.0738 0x1534  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
    12:16:32.0738 0x1534  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
    12:16:32.0738 0x1534  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
    12:16:32.0738 0x1534  C:\Windows\SysWOW64\nsi.dll - ok
    12:16:32.0754 0x1534  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
    12:16:32.0754 0x1534  C:\Windows\SysWOW64\userenv.dll - ok
    12:16:32.0754 0x1534  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
    12:16:32.0754 0x1534  C:\Windows\SysWOW64\winnsi.dll - ok
    12:16:32.0754 0x1534  [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
    12:16:32.0754 0x1534  C:\Windows\SysWOW64\ws2_32.dll - ok
    12:16:32.0754 0x1534  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
    12:16:32.0754 0x1534  C:\Windows\SysWOW64\wtsapi32.dll - ok
    12:16:32.0754 0x1534  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
    12:16:32.0754 0x1534  C:\Windows\System32\vsstrace.dll - ok
    12:16:32.0754 0x1534  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    12:16:32.0754 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
    12:16:32.0769 0x1534  [ 80D8679BF84A9383BFF33E07D5D9FC35, 0986806F2504C8A66FA8DEF7923A69E90A2390DD447BE53AD1824240CE68EC1E ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
    12:16:32.0769 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
    12:16:32.0769 0x1534  [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
    12:16:32.0769 0x1534  C:\Windows\System32\vpnikeapi.dll - ok
    12:16:32.0769 0x1534  [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    12:16:32.0769 0x1534  C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe - ok
    12:16:32.0769 0x1534  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
    12:16:32.0769 0x1534  C:\Windows\SysWOW64\mpr.dll - ok
    12:16:32.0769 0x1534  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
    12:16:32.0769 0x1534  C:\Windows\SysWOW64\psapi.dll - ok
    12:16:32.0785 0x1534  [ 366FD6F3A451351B5DF2D7C4ECF4C73A, AE3CB6C6AFBA9A4AA5C85F66023C35338CA579B30326DD02918F9D55259503D5 ] C:\Windows\System32\msvcr100.dll
    12:16:32.0785 0x1534  C:\Windows\System32\msvcr100.dll - ok
    12:16:32.0785 0x1534  [ E8B624AEF824B508FEA02DE0D6DA71FA, 5D68BB045CBFF470802A5CFE31A0EBE12AD8B2903E1BB295D0A8171AB8DF4844 ] C:\PROGRA~2\McAfee\SITEAD~1\sasshmod.dll
    12:16:32.0785 0x1534  C:\PROGRA~2\McAfee\SITEAD~1\sasshmod.dll - ok
    12:16:32.0785 0x1534  [ 34FCA19FE407A7B9996DB5B4CCEC5C8C, B43AE1B6F9821BCC2CE0DD1D12F3716941487791237C7129CA9C961CBBFC1EEB ] C:\Program Files\McAfee\MSC\McAPExe.exe
    12:16:32.0785 0x1534  C:\Program Files\McAfee\MSC\McAPExe.exe - ok
    12:16:32.0785 0x1534  [ EC8DDCAA27A6946E2796FBC2D41C58DB, D5D27D742E051DD3BA2A1E417809237B416CCA1B3ABF5CBFF9E2C58E9C1BA6F1 ] C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll
    12:16:32.0785 0x1534  C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll - ok
    12:16:32.0785 0x1534  [ D06F5438E6175867BAAC281060AD662E, 55F5BE5473BAA2526CE9E154175DBC33BC3D43CA0652405A62D634D4EED1D4FF ] C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
    12:16:32.0785 0x1534  C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll - ok
    12:16:32.0785 0x1534  [ 295657F93F6B19DEEA804048E1CB4FF9, 1528AFDD25E59EBD1EFE3E694CCCA9365251DAC679D693AC9809A6D86B335770 ] C:\Windows\System32\lz32.dll
    12:16:32.0785 0x1534  C:\Windows\System32\lz32.dll - ok
    12:16:32.0800 0x1534  [ 9E18496715CF1BF8400DB120E69090E4, 3A24A7E5920FA7EC67FB078C23F7C403D74B7EDDA4817C6A55CAE1ADBC521BF1 ] C:\Windows\System32\mfevtps.exe
    12:16:32.0800 0x1534  C:\Windows\System32\mfevtps.exe - ok
    12:16:32.0800 0x1534  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
    12:16:32.0800 0x1534  C:\Windows\System32\sfc.dll - ok
    12:16:32.0800 0x1534  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
    12:16:32.0800 0x1534  C:\Windows\System32\sfc_os.dll - ok
    12:16:32.0800 0x1534  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
    12:16:32.0800 0x1534  C:\Windows\System32\nlasvc.dll - ok
    12:16:32.0800 0x1534  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
    12:16:32.0800 0x1534  C:\Windows\SysWOW64\ntmarta.dll - ok
    12:16:32.0800 0x1534  [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
    12:16:32.0800 0x1534  C:\Windows\SysWOW64\winsta.dll - ok
    12:16:32.0816 0x1534  [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
    12:16:32.0816 0x1534  C:\Windows\SysWOW64\Wldap32.dll - ok
    12:16:32.0816 0x1534  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
    12:16:32.0816 0x1534  C:\Windows\System32\drivers\PEAuth.sys - ok
    12:16:32.0816 0x1534  [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
    12:16:32.0816 0x1534  C:\Windows\System32\ncsi.dll - ok
    12:16:32.0816 0x1534  [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
    12:16:32.0816 0x1534  C:\Windows\SysWOW64\apphelp.dll - ok
    12:16:32.0816 0x1534  [ D1D5DAB39DCB4BE0359943738D87409B, 0BA45FE28568E852502879AE83C081517BB8103359BD5783328833EC59A54681 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    12:16:32.0816 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
    12:16:32.0816 0x1534  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
    12:16:32.0816 0x1534  C:\Windows\System32\drivers\secdrv.sys - ok
    12:16:32.0832 0x1534  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] C:\Windows\System32\seclogon.dll
    12:16:32.0832 0x1534  C:\Windows\System32\seclogon.dll - ok
    12:16:32.0832 0x1534  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
    12:16:32.0832 0x1534  C:\Windows\System32\ssdpapi.dll - ok
    12:16:32.0832 0x1534  [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
    12:16:32.0832 0x1534  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
    12:16:32.0832 0x1534  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
    12:16:32.0832 0x1534  C:\Windows\SysWOW64\dwmapi.dll - ok
    12:16:32.0832 0x1534  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
    12:16:32.0832 0x1534  C:\Windows\SysWOW64\uxtheme.dll - ok
    12:16:32.0847 0x1534  [ D6DB27F6E2C142EB01169F27D7062D17, DBB21E106D4A76FC23F7C6584C6E2360C537C15117569AE5A3F596D24B031AE6 ] C:\PROGRA~2\McAfee\SITEAD~1\saupkeep.dll
    12:16:32.0847 0x1534  C:\PROGRA~2\McAfee\SITEAD~1\saupkeep.dll - ok
    12:16:32.0847 0x1534  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
    12:16:32.0847 0x1534  C:\Windows\System32\netman.dll - ok
    12:16:32.0847 0x1534  [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
    12:16:32.0847 0x1534  C:\Windows\System32\aepic.dll - ok
    12:16:32.0847 0x1534  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe
    12:16:32.0847 0x1534  C:\Windows\System32\rundll32.exe - ok
    12:16:32.0847 0x1534  [ 95AA71FF23C1260BA4F69D7BBA1E7B4B, 00E120DEE2A543C45DA775A63D8D5938BBBA6B1469F5C4B3B0857B28773AFE0D ] C:\PROGRA~2\McAfee\SITEAD~1\x64\saHook.dll
    12:16:32.0847 0x1534  C:\PROGRA~2\McAfee\SITEAD~1\x64\saHook.dll - ok
    12:16:32.0847 0x1534  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
    12:16:32.0847 0x1534  C:\Windows\System32\drivers\srvnet.sys - ok
    12:16:32.0863 0x1534  [ 3D7E3F388680F1F854599C73D8AAF535, A459C50A40CD16FFB3ADFA0D56DDB79895CCD25F96C53F64F494745D58C3DA06 ] C:\Windows\System32\drivers\mfeapfk.sys
    12:16:32.0863 0x1534  C:\Windows\System32\drivers\mfeapfk.sys - ok
    12:16:32.0863 0x1534  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
    12:16:32.0863 0x1534  C:\Windows\SysWOW64\rundll32.exe - ok
    12:16:32.0863 0x1534  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
    12:16:32.0863 0x1534  C:\Windows\System32\httpapi.dll - ok
    12:16:32.0863 0x1534  [ B2DB6ABA2E292235749B80A9C3DFA867, 92BCB678E2D0A7A9C15A74B41846D8723B96E37181407C0E8A56C7105659AAF3 ] C:\Windows\SysWOW64\imagehlp.dll
    12:16:32.0863 0x1534  C:\Windows\SysWOW64\imagehlp.dll - ok
    12:16:32.0863 0x1534  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll
    12:16:32.0863 0x1534  C:\Windows\System32\tapisrv.dll - ok
    12:16:32.0863 0x1534  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
    12:16:32.0863 0x1534  C:\Windows\System32\wiaservc.dll - ok
    12:16:32.0878 0x1534  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
    12:16:32.0878 0x1534  C:\Windows\System32\wiatrace.dll - ok
    12:16:32.0878 0x1534  [ 3A763D2A127EDB1FC3BF872832DFBDAA, 037534232063EBA0CC614FD32A0E440BECBEAD5BE0B4244415753B17ECF0E36F ] C:\Windows\System32\HPWia2_OJ4620.dll
    12:16:32.0878 0x1534  C:\Windows\System32\HPWia2_OJ4620.dll - ok
    12:16:32.0878 0x1534  [ 4C1244FEF74C60A4B1B151C76609CBE2, 3E500204A9232D5B332BE16C281A32B957D03BBA836851BE7754F030872FAC83 ] C:\Windows\System32\wsdchngr.dll
    12:16:32.0878 0x1534  C:\Windows\System32\wsdchngr.dll - ok
    12:16:32.0878 0x1534  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
    12:16:32.0878 0x1534  C:\Windows\System32\drivers\tcpipreg.sys - ok
    12:16:32.0878 0x1534  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
    12:16:32.0878 0x1534  C:\Windows\System32\sysmain.dll - ok
    12:16:32.0878 0x1534  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
    12:16:32.0878 0x1534  C:\Windows\System32\wbem\WMIsvc.dll - ok
    12:16:32.0894 0x1534  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
    12:16:32.0894 0x1534  C:\Windows\System32\wbemcomn.dll - ok
    12:16:32.0894 0x1534  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
    12:16:32.0894 0x1534  C:\Windows\System32\wbem\WinMgmtR.dll - ok
    12:16:32.0894 0x1534  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
    12:16:32.0894 0x1534  C:\Windows\System32\wbem\fastprox.dll - ok
    12:16:32.0894 0x1534  [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
    12:16:32.0894 0x1534  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
    12:16:32.0894 0x1534  [ 07799D97DAD0674858B364E63012FF83, 94CC0FD05EFAE64E1DF140EF6DF65B0573E76D006E0B50A724681195134811B0 ] C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll
    12:16:32.0894 0x1534  C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll - ok
    12:16:32.0894 0x1534  [ 96C70BD48D49B87475F4572DEDC62EB9, DA841CEBDFF2C5821D4D3396BD9299940A4A2927C161554B66AB8F58CBF04467 ] C:\Windows\AppPatch\AcLayers.dll
    12:16:32.0894 0x1534  C:\Windows\AppPatch\AcLayers.dll - ok
    12:16:32.0910 0x1534  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
    12:16:32.0910 0x1534  C:\Windows\System32\ntdsapi.dll - ok
    12:16:32.0910 0x1534  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
    12:16:32.0910 0x1534  C:\Windows\System32\wbem\wbemprox.dll - ok
    12:16:32.0910 0x1534  [ 8036004F016125C907FC9351141F95AA, 10DE20FCB2D33E25E443C10EED4551CBAE9C16CD6D08B69BF91868A2F27DAF53 ] C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    12:16:32.0910 0x1534  C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe - ok
    12:16:32.0910 0x1534  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
    12:16:32.0910 0x1534  C:\Windows\System32\aeevts.dll - ok
    12:16:32.0910 0x1534  [ 0D7BE936A44E6B70F822D272A5CEBC22, 280E44BF707AD46DB480287975BFDC58C416E05193171836610FBFA2FFBA8AF3 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
    12:16:32.0910 0x1534  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
    12:16:32.0910 0x1534  [ 3072CBA059EE48E6A8D50B4682F80746, 97F9ED6C013F751E7E9F6BC57B250B7E9E29D61B8871993E3803D3CE09915C69 ] C:\Windows\System32\HPScanTRDrv_OJ4620.dll
    12:16:32.0910 0x1534  C:\Windows\System32\HPScanTRDrv_OJ4620.dll - ok
    12:16:32.0925 0x1534  [ 7E067D5C3EF2BB87B3E07DCD61286390, 6733450A35282D912E9A506562B89D6BB6C4204A0D8F765F4E099A18DE6A8E62 ] C:\Windows\AppPatch\acwow64.dll
    12:16:32.0925 0x1534  C:\Windows\AppPatch\acwow64.dll - ok
    12:16:32.0925 0x1534  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
    12:16:32.0925 0x1534  C:\Windows\SysWOW64\winspool.drv - ok
    12:16:32.0925 0x1534  [ 129857DD474DF774B6DF60B43D5E08C1, 86CB042932E7E2A991CF512F9A9CDB32C683E323F5099A73597F94CFDF9E604F ] C:\PROGRA~2\McAfee\SITEAD~1\sahook.dll
    12:16:32.0925 0x1534  C:\PROGRA~2\McAfee\SITEAD~1\sahook.dll - ok
    12:16:32.0925 0x1534  [ BE165318E0052A91F7EA36F515B5F2B1, 6FFADF9F6A2DC6097DD036FDFC718C856A67E64544019D029A4E767D3F84538D ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll
    12:16:32.0925 0x1534  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok
    12:16:32.0925 0x1534  [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
    12:16:32.0925 0x1534  C:\Windows\System32\wbem\wbemcore.dll - ok
    12:16:32.0925 0x1534  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
    12:16:32.0925 0x1534  C:\Windows\System32\wbem\esscli.dll - ok
    12:16:32.0941 0x1534  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
    12:16:32.0941 0x1534  C:\Windows\System32\wbem\wbemsvc.dll - ok
    12:16:32.0941 0x1534  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
    12:16:32.0941 0x1534  C:\Windows\System32\wbem\wmiutils.dll - ok
    12:16:32.0941 0x1534  [ 70F3997B351A2DD549D97554CB1507E0, 6F2147072CF401C878F4E33AB492CE348951B6659C24B8B7F3DA3FBFD85FEEA9 ] C:\Program Files\Common Files\McAfee\AMCore\quarantine.dll
    12:16:32.0941 0x1534  C:\Program Files\Common Files\McAfee\AMCore\quarantine.dll - ok
    12:16:32.0941 0x1534  [ 7D56A632391B8FB845947ADA9FDF2951, 3B493D63F3F14391E80973D805CD3360566A2335787AE08B487F14C1F32E02E7 ] C:\Program Files\Common Files\McAfee\AMCore\mfeunzip.dll
    12:16:32.0941 0x1534  C:\Program Files\Common Files\McAfee\AMCore\mfeunzip.dll - ok
    12:16:32.0941 0x1534  [ 2D8FDDCEE94C69504303E2327229C088, 8625B3A9210CBF2866BF2D158FCD9FCDC753568173AD34AA8CF286D3BA7F189E ] C:\Program Files\Common Files\McAfee\AMCore\mfezip.dll
    12:16:32.0941 0x1534  C:\Program Files\Common Files\McAfee\AMCore\mfezip.dll - ok
    12:16:32.0941 0x1534  [ B4B4FAB730F3392E2F7FF0F7BD59CFF9, 99237F6ACA1968154CF2621FC8364A28351F045690939216BAA6C4CDB3889B9A ] C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    12:16:32.0941 0x1534  C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe - ok
    12:16:32.0956 0x1534  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
    12:16:32.0956 0x1534  C:\Windows\System32\wbem\repdrvfs.dll - ok
    12:16:32.0956 0x1534  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll
    12:16:32.0956 0x1534  C:\Windows\System32\rasmans.dll - ok
    12:16:32.0956 0x1534  [ 55E7F6788B887F16E5302D35E3A0DA79, 07C7813B9E0D78B5368E36442BA61D010F348E717F30DE9580224B7EC8C66517 ] C:\Program Files\Common Files\McAfee\AMCore\MFE_DS.dll
    12:16:32.0956 0x1534  C:\Program Files\Common Files\McAfee\AMCore\MFE_DS.dll - ok
    12:16:32.0956 0x1534  [ D2013732B27F35DC28013991B50CEE8C, B119E5343BA92F63BB343FA77E000F4BB794CA7B8114709360608E83416C860A ] C:\Program Files\Common Files\McAfee\AMCore\lua_lib.dll
    12:16:32.0956 0x1534  C:\Program Files\Common Files\McAfee\AMCore\lua_lib.dll - ok
    12:16:32.0956 0x1534  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    12:16:32.0956 0x1534  C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe - ok
    12:16:32.0956 0x1534  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
    12:16:32.0956 0x1534  C:\Windows\System32\drivers\srv2.sys - ok
    12:16:32.0972 0x1534  [ F8B339E25A9713724F276BE0326CE046, 0D1A06F5103B4273FC0DC50BA9126D042C8B76BFB8EF093D012A95D42FE9BB3D ] C:\Program Files\Common Files\McAfee\Platform\McSvcHost\LogCntrl.dll
    12:16:32.0972 0x1534  C:\Program Files\Common Files\McAfee\Platform\McSvcHost\LogCntrl.dll - ok
    12:16:32.0972 0x1534  [ 24DFC30B72C011BF0D4EECA13700408A, 680B6608282F789AC6C775D1BFBB11F3CC28DF028A8CAD641B0F29214185B048 ] C:\Program Files\Common Files\McAfee\AMCore\MFE_CS.dll
    12:16:32.0972 0x1534  C:\Program Files\Common Files\McAfee\AMCore\MFE_CS.dll - ok
    12:16:32.0972 0x1534  [ 7714AB6553493E54A542943CF9F16D55, 6CF0C172F375C67871F297CB1A68F22BC1E5E1CD9556B241F134A4FB5AC38D62 ] C:\Program Files\Common Files\McAfee\AMCore\ncapi.dll
    12:16:32.0972 0x1534  C:\Program Files\Common Files\McAfee\AMCore\ncapi.dll - ok
    12:16:32.0972 0x1534  [ D16DD20498D914FC038BEBCC8911915F, 2EE7B028C849E6D6962E6468A371F790BB50FE5DFADD09A4385E915049E09F85 ] C:\Program Files\Common Files\McAfee\AMCore\EMMain.dll
    12:16:32.0972 0x1534  C:\Program Files\Common Files\McAfee\AMCore\EMMain.dll - ok
    12:16:32.0972 0x1534  [ 33A7CA87F604AA3AC6AC50AA00FEC9C5, CBF731B6C03D858DA97CF9AD91D56F4D56AF10F633859A6CB006F9B1ACECC89F ] C:\PROGRA~1\McAfee\MPF\MpfSvc.dll
    12:16:32.0972 0x1534  C:\PROGRA~1\McAfee\MPF\MpfSvc.dll - ok
    12:16:32.0988 0x1534  [ 1D9E16F8A44C53FA7679C8DA70933376, 0D16E569074483D53D520687DC7CD6D5F5711310CB2BEDDD8E6D8B42FA551869 ] C:\Program Files\Common Files\McAfee\McProxy\McProxy.dll
    12:16:32.0988 0x1534  C:\Program Files\Common Files\McAfee\McProxy\McProxy.dll - ok
    12:16:32.0988 0x1534  [ 244119FA877101604CE63172160C180B, 695131DE017BD99069920D264EB12F1FE622E7EC3F654507076757E9D4864C56 ] C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll
    12:16:32.0988 0x1534  C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll - ok
    12:16:32.0988 0x1534  [ 44C96B48112EB24AE7764EBF1C527000, 6691D008C834686906B4841EF27604B0F0E70E668C09CEE19369426BF168AF44 ] C:\Windows\System32\rastapi.dll
    12:16:32.0988 0x1534  C:\Windows\System32\rastapi.dll - ok
    12:16:32.0988 0x1534  [ FAFAE01E889DC9C05A6CA2138CFC220B, 192CFDE3593ED0A9B397461D912074C0F062015C23E6F6658571C7C2864D9A51 ] C:\Windows\System32\tapi32.dll
    12:16:32.0988 0x1534  C:\Windows\System32\tapi32.dll - ok
    12:16:32.0988 0x1534  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] C:\Windows\System32\iphlpsvc.dll
    12:16:32.0988 0x1534  C:\Windows\System32\iphlpsvc.dll - ok
    12:16:32.0988 0x1534  [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
    12:16:32.0988 0x1534  C:\Windows\System32\sqmapi.dll - ok
    12:16:33.0003 0x1534  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
    12:16:33.0003 0x1534  C:\Windows\System32\wdscore.dll - ok
    12:16:33.0003 0x1534  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
    12:16:33.0003 0x1534  C:\Windows\System32\hnetcfg.dll - ok
    12:16:33.0003 0x1534  [ D2A0FFA75AB181B19B5EB93BB29C7686, AC282D5EFFB191492F14638EB80F18E53C4A3D26C94A00A949366B3564D6C3E2 ] C:\Windows\System32\unimdm.tsp
    12:16:33.0003 0x1534  C:\Windows\System32\unimdm.tsp - ok
    12:16:33.0003 0x1534  [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
    12:16:33.0003 0x1534  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
    12:16:33.0003 0x1534  [ 94B7DF336815B47236724019FAB24B7C, 43549F1FB89D0585A0E0333BB8E1DDED2EBD0F3C0EC3EA93B238EA037188AA41 ] C:\Windows\System32\uniplat.dll
    12:16:33.0003 0x1534  C:\Windows\System32\uniplat.dll - ok
    12:16:33.0019 0x1534  [ 41326DD08ACC0CDC5F8177AF96C066E8, 9C21BB553EEDD28272E865396C9EF94655EC1CF216290A56581AEF7908B7AFDD ] C:\Windows\System32\kmddsp.tsp
    12:16:33.0019 0x1534  C:\Windows\System32\kmddsp.tsp - ok
    12:16:33.0019 0x1534  [ 7C1BAE7D23D4874FEE256A2B9C00E019, 4EE87C2F0CACE557AA159349133474A5857B6667DDB976BA5A18489A3333F798 ] C:\Windows\System32\hidphone.tsp
    12:16:33.0019 0x1534  C:\Windows\System32\hidphone.tsp - ok
    12:16:33.0019 0x1534  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
    12:16:33.0019 0x1534  C:\Windows\System32\ncobjapi.dll - ok
    12:16:33.0019 0x1534  [ 1D6BC2769DA66C1145F4DA5A65F52E61, B38EFF16652E751BF3B3BD85DA6EA33AB9B7F4228C59F741074E33085DB66ED0 ] C:\Windows\System32\ndptsp.tsp
    12:16:33.0019 0x1534  C:\Windows\System32\ndptsp.tsp - ok
    12:16:33.0019 0x1534  [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
    12:16:33.0019 0x1534  C:\Windows\System32\nci.dll - ok
    12:16:33.0019 0x1534  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
    12:16:33.0019 0x1534  C:\Windows\System32\wbem\wbemess.dll - ok
    12:16:33.0034 0x1534  [ A717A35120DBAB5AB707AB40662AF9DD, DE117E70D0AC7FC26BBCEAAB45A0270A1065B36CC8B062B4128B561F2AAA9E04 ] C:\Windows\System32\rasppp.dll
    12:16:33.0034 0x1534  C:\Windows\System32\rasppp.dll - ok
    12:16:33.0034 0x1534  [ 0FE5CD5F9C9248F42D1EF56E495B182E, 1EBD40C119A3D3251A19A8D15669D9DCB5D3CFBC3AFCF1CD00101C31320243E1 ] C:\Windows\System32\vpnike.dll
    12:16:33.0034 0x1534  C:\Windows\System32\vpnike.dll - ok
    12:16:33.0034 0x1534  [ 6A84E68B538B8B04608BF2F0D426CE6F, 59CE1C06364D1BBEE853DA4AEC1E8B678D6E181723ACCF6DB9F9776CAD47BBDA ] C:\Windows\System32\raschap.dll
    12:16:33.0034 0x1534  C:\Windows\System32\raschap.dll - ok
    12:16:33.0034 0x1534  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
    12:16:33.0034 0x1534  C:\Windows\System32\drivers\srv.sys - ok
    12:16:33.0034 0x1534  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
    12:16:33.0034 0x1534  C:\Windows\System32\srvsvc.dll - ok
    12:16:33.0050 0x1534  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
    12:16:33.0050 0x1534  C:\Windows\System32\browser.dll - ok
    12:16:33.0050 0x1534  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] C:\Windows\System32\ipnathlp.dll
    12:16:33.0050 0x1534  C:\Windows\System32\ipnathlp.dll - ok
    12:16:33.0050 0x1534  [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
    12:16:33.0050 0x1534  C:\Windows\System32\mprapi.dll - ok
    12:16:33.0050 0x1534  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
    12:16:33.0050 0x1534  C:\Windows\System32\netshell.dll - ok
    12:16:33.0066 0x1534  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
    12:16:33.0066 0x1534  C:\Windows\System32\netmsg.dll - ok
    12:16:33.0066 0x1534  [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
    12:16:33.0066 0x1534  C:\Windows\System32\sscore.dll - ok
    12:16:33.0066 0x1534  [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
    12:16:33.0066 0x1534  C:\Windows\System32\clusapi.dll - ok
    12:16:33.0066 0x1534  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
    12:16:33.0066 0x1534  C:\Windows\System32\resutils.dll - ok
    12:16:33.0066 0x1534  [ C0E490B633B738034FE6C90EB65B14B1, 16A14680A5B47BE2C7CEB1077A20F419D5B33A07CAB311DB8AE6F3DC59B82049 ] C:\PROGRA~1\McAfee\MPS\mps.dll
    12:16:33.0066 0x1534  C:\PROGRA~1\McAfee\MPS\mps.dll - ok
    12:16:33.0081 0x1534  [ 743E59F3979F6D35DB9F8D5669029F18, 2E98D5723252F4426D52FA3147296D3C2017FB18F21A4910E0E0FACDD5366375 ] C:\PROGRA~1\McAfee\MPS\mpscfg.dll
    12:16:33.0081 0x1534  C:\PROGRA~1\McAfee\MPS\mpscfg.dll - ok
    12:16:33.0081 0x1534  [ A8CED7F518413E0F35A4C33835E65B09, 9C20C2AF4F9EB00C63134AB8C4FD63102818B748A456041524CCD38122577FBC ] C:\PROGRA~1\COMMON~1\McAfee\Platform\Core\McEvtBrk.dll
    12:16:33.0081 0x1534  C:\PROGRA~1\COMMON~1\McAfee\Platform\Core\McEvtBrk.dll - ok
    12:16:33.0081 0x1534  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
    12:16:33.0081 0x1534  C:\Windows\System32\wdi.dll - ok
    12:16:33.0081 0x1534  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
    12:16:33.0081 0x1534  C:\Windows\System32\appinfo.dll - ok
    12:16:33.0081 0x1534  [ 4D0F6BE7A23428C6BC1776DDB7B0841E, 0EE72B92FC5B6A628A1DDC7CCC022CF4DBF41369B820A4B849C4E2C83D4AB232 ] C:\PROGRA~1\McAfee\MPS\mpsevh.dll
    12:16:33.0081 0x1534  C:\PROGRA~1\McAfee\MPS\mpsevh.dll - ok
    12:16:33.0097 0x1534  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
    12:16:33.0097 0x1534  C:\Windows\System32\perftrack.dll - ok
    12:16:33.0097 0x1534  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] C:\Windows\System32\hidserv.dll
    12:16:33.0097 0x1534  C:\Windows\System32\hidserv.dll - ok
    12:16:33.0097 0x1534  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
    12:16:33.0097 0x1534  C:\Windows\System32\wpdbusenum.dll - ok
    12:16:33.0097 0x1534  [ 03A03A453F1AAAE0C73AAAF895321C7A, BB46C581347EDA9CAF287E24163A593F07BD723E1C250ADD8E5C46BB349B668C ] C:\Windows\SysWOW64\FWPUCLNT.DLL
    12:16:33.0097 0x1534  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
    12:16:33.0097 0x1534  [ A63DC5C2EA944E6657203E0C8EDEAF61, F7AD4B09AFB301CE46DF695B22114331A57D52E6D4163FF74787BF68CCF44C78 ] C:\Windows\SysWOW64\dllhost.exe
    12:16:33.0097 0x1534  C:\Windows\SysWOW64\dllhost.exe - ok
    12:16:33.0097 0x1534  [ F4BB2A32318F7574DD3065B1B09ABC6B, 1B1696D58778365643F4090C1E136E2523677E2D61E634D284BF4C1546B89C96 ] C:\PROGRA~1\McAfee\MPS\MPSMisp.dll
    12:16:33.0097 0x1534  C:\PROGRA~1\McAfee\MPS\MPSMisp.dll - ok
    12:16:33.0112 0x1534  [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
    12:16:33.0112 0x1534  C:\Windows\System32\PortableDeviceApi.dll - ok
    12:16:33.0112 0x1534  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
    12:16:33.0112 0x1534  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
    12:16:33.0112 0x1534  [ C693E642ACFBDD76433AF6BE3C3EEE6F, 5241C30CCB095B10B10AD11F42F57B2DEA362C7F6DA36A9A5B23E4DFF113CFD7 ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
    12:16:33.0112 0x1534  C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok
    12:16:33.0112 0x1534  [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
    12:16:33.0112 0x1534  C:\Windows\System32\diagperf.dll - ok
    12:16:33.0112 0x1534  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
    12:16:33.0112 0x1534  C:\Windows\System32\pnpts.dll - ok
    12:16:33.0128 0x1534  [ D99621C0735B21DCC8BC4FEF02F379EF, C9FAD74DD80B6CCA95B83B767BB55644E775E8DC3FFC05CD89AEF16686F902FD ] C:\Windows\SysWOW64\Apphlpdm.dll
    12:16:33.0128 0x1534  C:\Windows\SysWOW64\Apphlpdm.dll - ok
    12:16:33.0128 0x1534  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
    12:16:33.0128 0x1534  C:\Windows\System32\Apphlpdm.dll - ok
    12:16:33.0128 0x1534  [ 14277DFB415073ABD9ED2A0938B6AA86, B5C779391B9F9D245C370F3EA3A4CC8780035F660745967501D66CF7830B0AC0 ] C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\avengine\5600.1067\mscan64a.dat
    12:16:33.0128 0x1534  C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\avengine\5600.1067\mscan64a.dat - ok
    12:16:33.0128 0x1534  [ 7FFD52D73352806969D424EF327D10A7, DD44B084F052EF798997D7A8578E98DD4EF3F0E2A0C522DA2CC169D362C7B900 ] C:\Windows\SysWOW64\radardt.dll
    12:16:33.0128 0x1534  C:\Windows\SysWOW64\radardt.dll - ok
    12:16:33.0128 0x1534  [ F14A9B1778376D0B1788E402AC1F831A, 6110F29669E03F8163B5CD7124BE0FF329F36C18529FA3B8FF70FC00B2D8AA02 ] C:\Windows\SysWOW64\shacct.dll
    12:16:33.0128 0x1534  C:\Windows\SysWOW64\shacct.dll - ok
    12:16:33.0144 0x1534  [ 590D5C506044FE02FF7643E32FF9BDAC, B8178A45E1DB6A39501E95CE4A2B2A1A88119367EC8DA7877120575A3EA47D16 ] C:\Windows\SysWOW64\wer.dll
    12:16:33.0144 0x1534  C:\Windows\SysWOW64\wer.dll - ok
    12:16:33.0144 0x1534  [ 549BA1A9F04F52596A334A48A8329CAB, 6CDDAACAF47D172712D53274DA7F9824F96CD32198221F34C2D0F14975C1E0C1 ] C:\PROGRA~1\McAfee\MSK\msksrvr.dll
    12:16:33.0144 0x1534  C:\PROGRA~1\McAfee\MSK\msksrvr.dll - ok
    12:16:33.0144 0x1534  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
    12:16:33.0144 0x1534  C:\Windows\System32\radardt.dll - ok
    12:16:33.0144 0x1534  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll
    12:16:33.0144 0x1534  C:\Windows\System32\wer.dll - ok
    12:16:33.0144 0x1534  [ 21D3A18769EC2C4E56756D04E989A221, 89F03143F662514957ADB513C16BA1F4CB15EF67A46037EEAAD09F2F3DD0841B ] C:\Windows\SysWOW64\msxml3.dll
    12:16:33.0144 0x1534  C:\Windows\SysWOW64\msxml3.dll - ok
    12:16:33.0144 0x1534  [ A064BA59CDFB52DC6B0C2646E29CBD2F, BCA711FAA24EBF71DC4FFEC36B53BFD36B88D02F89CD7E8B00FB9A3D2C01BC0E ] C:\Program Files\COMMON~1\McAfee\Platform\PlatformServiceFW.dll
    12:16:33.0144 0x1534  C:\Program Files\COMMON~1\McAfee\Platform\PlatformServiceFW.dll - ok
    12:16:33.0159 0x1534  [ 371948BC5911ABA06168FAC91ED25F06, 3DBBBC961627033613338418987F163C390750E2C5C64FF8B49E7E5B3BE92506 ] C:\Windows\System32\msxml3.dll
    12:16:33.0159 0x1534  C:\Windows\System32\msxml3.dll - ok
    12:16:33.0159 0x1534  [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
    12:16:33.0159 0x1534  C:\Windows\System32\wdiasqmmodule.dll - ok
    12:16:33.0159 0x1534  [ 525B88A0ED6530B60A265872CDEAC46C, 1ED966D0F66D77E18C65210603B4D187ED6850DD22EC0A45DD11FDC76267FF30 ] C:\Program Files\Common Files\McAfee\Platform\McRTMui.dll
    12:16:33.0159 0x1534  C:\Program Files\Common Files\McAfee\Platform\McRTMui.dll - ok
    12:16:33.0159 0x1534  [ F93674263F6B07C77956E966953242D9, 0BEE8864DB2925A2B3B7CD76FCF9A4CA3757F4E4670BB2C3A3105D5A591740CB ] C:\Windows\SysWOW64\secur32.dll
    12:16:33.0159 0x1534  C:\Windows\SysWOW64\secur32.dll - ok
    12:16:33.0175 0x1534  [ 876B49A50FE9D0F3838E63C4DDF03BC3, AC5C665353EE7AE00410B0BF26F341E2E9CAFBDC20229CC6C9A978ADAC759C39 ] C:\Program Files\Common Files\McAfee\Platform\LangSel.dll
    12:16:33.0175 0x1534  C:\Program Files\Common Files\McAfee\Platform\LangSel.dll - ok
    12:16:33.0175 0x1534  [ 85805688AA4B388F92E2D6B86599D46C, 3153AF3BE8025CF814A3061609FB021E19221847A40BA1E5C275711853D3258D ] C:\PROGRA~1\COMMON~1\McAfee\Platform\mcutil.dll
    12:16:33.0175 0x1534  C:\PROGRA~1\COMMON~1\McAfee\Platform\mcutil.dll - ok
    12:16:33.0175 0x1534  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
    12:16:33.0175 0x1534  C:\Windows\SysWOW64\sfc.dll - ok
    12:16:33.0175 0x1534  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
    12:16:33.0175 0x1534  C:\Windows\SysWOW64\sfc_os.dll - ok
    12:16:33.0175 0x1534  [ D7FE84D11BE0C73FC8787EB703733A74, F704E464CFEE14F8A5D621013ED7A13A11ED43E6E8612C5570B8349340BDC6F4 ] C:\PROGRA~1\McAfee\MSC\mcregobj\12_8_8~1\mcregobj.dll
    12:16:33.0175 0x1534  C:\PROGRA~1\McAfee\MSC\mcregobj\12_8_8~1\mcregobj.dll - ok
    12:16:33.0190 0x1534  [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
    12:16:33.0190 0x1534  C:\Windows\SysWOW64\npmproxy.dll - ok
    12:16:33.0190 0x1534  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
    12:16:33.0190 0x1534  C:\Windows\System32\npmproxy.dll - ok
    12:16:33.0190 0x1534  [ 01857E2D30ED2D4D37A70AEB38F9D27C, 03ABA9DBEAD2559A39BDD60E58B229B245FC40CD2BA7D3B62EE6EEAFA321188D ] C:\Program Files\Common Files\McAfee\AMContent\content\amcore\normal\1.12.117.2\x86_64\MCNormalizer.dat
    12:16:33.0190 0x1534  C:\Program Files\Common Files\McAfee\AMContent\content\amcore\normal\1.12.117.2\x86_64\MCNormalizer.dat - ok
    12:16:33.0190 0x1534  [ 4BDBBE5E4208022DD794F7EEEB0F7366, 4F69BA2EDABFA63A300B9F1880349EFAE185B899DD5C561E7B3BA6AAA4B22D6A ] C:\Windows\SysWOW64\SPInf.dll
    12:16:33.0190 0x1534  C:\Windows\SysWOW64\SPInf.dll - ok
    12:16:33.0206 0x1534  [ 4A41DDC58D033763FFB61A87884C1346, 97B8821D5DC69C25E197C570C18A67B3100DFC03B4674BBD752666CADCED91E7 ] C:\PROGRA~1\McAfee\MSK\mskengn.dll
    12:16:33.0206 0x1534  C:\PROGRA~1\McAfee\MSK\mskengn.dll - ok
    12:16:33.0206 0x1534  [ 5813E70D69DD80D047011714CB6C6661, A96B05650C9FCC5CDA49430355603211D045E4994D08CE2691E21A9D180A19C2 ] C:\PROGRA~1\McAfee\MSK\mskupd.dll
    12:16:33.0206 0x1534  C:\PROGRA~1\McAfee\MSK\mskupd.dll - ok
    12:16:33.0206 0x1534  [ D42A6A7C026F80748DC6B3387CD84C6E, C8A29EDFB175C42BCCB7613091E8DE39A497E15816573C2D66A8F6B57CCCFCB6 ] C:\PROGRA~1\McAfee\MSK\mskwm.dll
    12:16:33.0206 0x1534  C:\PROGRA~1\McAfee\MSK\mskwm.dll - ok
    12:16:33.0206 0x1534  [ F7FE730CE31B54145DEE1F1482BCCDD7, E7F0F59AB2B0D5EC5FE9B966006D06FE0FCEDBA99E2A4A8A6D410A0490F1F017 ] C:\Windows\SysWOW64\ndiscapCfg.dll
    12:16:33.0206 0x1534  C:\Windows\SysWOW64\ndiscapCfg.dll - ok
    12:16:33.0206 0x1534  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
    12:16:33.0206 0x1534  C:\Windows\System32\ndiscapCfg.dll - ok
    12:16:33.0222 0x1534  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
    12:16:33.0222 0x1534  C:\Windows\SysWOW64\gpapi.dll - ok
    12:16:33.0222 0x1534  [ 761A3A4038C1FD4F5795427907C28484, B9338BC022DC5B8C0502E6A88E7D76E03C19A828861A922360B147441FB09285 ] C:\Windows\SysWOW64\rascfg.dll
    12:16:33.0222 0x1534  C:\Windows\SysWOW64\rascfg.dll - ok
    12:16:33.0222 0x1534  [ 076AE4FE86D489437BDF50669771B3C5, 451F5A1899B9D4A00EE85EB975C5351358334F5DFC3E8A75F1DA745F2D908D57 ] C:\PROGRA~1\McAfee\MSC\mclwapi.dll
    12:16:33.0222 0x1534  C:\PROGRA~1\McAfee\MSC\mclwapi.dll - ok
    12:16:33.0222 0x1534  [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
    12:16:33.0222 0x1534  C:\Windows\System32\rascfg.dll - ok
    12:16:33.0237 0x1534  [ 8750BDCF0E11AE11FAFB1F353D63DE3A, D9EA9E7DAC9413E51F6BC746D6C8039A42489E7BD397AB6296C6CA639E68DDFF ] C:\PROGRA~1\McAfee\MSK\mskxaif.dll
    12:16:33.0237 0x1534  C:\PROGRA~1\McAfee\MSK\mskxaif.dll - ok
    12:16:33.0237 0x1534  [ D4191EFAB91E00FC09257AA5EBAF503B, 161B572CF4C65984EAFDBA95357373BC712AA414B52DDA23523F84151240E337 ] C:\Windows\SysWOW64\mprapi.dll
    12:16:33.0237 0x1534  C:\Windows\SysWOW64\mprapi.dll - ok
    12:16:33.0237 0x1534  [ 9A7B54D57594233EEB17892BAD309970, 64EF2A51BFA13455038DCB6773F9DEF6FD46FAA1F1CF47E7B61D3E64466DA5AA ] C:\Windows\SysWOW64\mprmsg.dll
    12:16:33.0237 0x1534  C:\Windows\SysWOW64\mprmsg.dll - ok
    12:16:33.0237 0x1534  [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
    12:16:33.0237 0x1534  C:\Windows\System32\mprmsg.dll - ok
    12:16:33.0237 0x1534  [ CAFC0B884E5590B5E80D84F592388B3D, FFCA66AEB6869BCC7A469C5E968B20A2DFA49D97E4E598CC36E839047FF7AB2B ] C:\Windows\SysWOW64\tcpipcfg.dll
    12:16:33.0237 0x1534  C:\Windows\SysWOW64\tcpipcfg.dll - ok
    12:16:33.0253 0x1534  [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
    12:16:33.0253 0x1534  C:\Windows\System32\tcpipcfg.dll - ok
    12:16:33.0253 0x1534  [ 0B31464B7B2D616BD5F7036673588EC1, AAC717D7FB02D5F7CC11AECC5C87FE6B7224340C569EBF7B77BD8C9F79FAA190 ] C:\Windows\SysWOW64\IDStore.dll
    12:16:33.0253 0x1534  C:\Windows\SysWOW64\IDStore.dll - ok
    12:16:33.0253 0x1534  [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
    12:16:33.0253 0x1534  C:\Windows\SysWOW64\runonce.exe - ok
    12:16:33.0253 0x1534  [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
    12:16:33.0253 0x1534  C:\Windows\System32\runonce.exe - ok
    12:16:33.0268 0x1534  [ C5C867CD7EFAC60D5021223E374DEEC5, 197FEE8F02DE348E75771AC9AD748EFB29939F1AAF02DA6555181EEF787FD099 ] C:\Windows\SysWOW64\dimsjob.dll
    12:16:33.0268 0x1534  C:\Windows\SysWOW64\dimsjob.dll - ok
    12:16:33.0268 0x1534  [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
    12:16:33.0268 0x1534  C:\Windows\System32\dimsjob.dll - ok
    12:16:33.0268 0x1534  [ 67AC9C5FA2494D6B7205318F87E66F8D, B9D13204F77992392A72B2BE48D14F92CE14467F2A2D1443974399732F234305 ] C:\PROGRA~1\McAfee\MPF\MpfEvt.dll
    12:16:33.0268 0x1534  C:\PROGRA~1\McAfee\MPF\MpfEvt.dll - ok
    12:16:33.0268 0x1534  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
    12:16:33.0268 0x1534  C:\Windows\SysWOW64\taskschd.dll - ok
    12:16:33.0268 0x1534  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
    12:16:33.0268 0x1534  C:\Windows\SysWOW64\netprofm.dll - ok
    12:16:33.0284 0x1534  [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll
    12:16:33.0284 0x1534  C:\Windows\SysWOW64\nlaapi.dll - ok
    12:16:33.0284 0x1534  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
    12:16:33.0284 0x1534  C:\Windows\SysWOW64\bcrypt.dll - ok
    12:16:33.0284 0x1534  [ 3AE404ED493BA8E40EE0A837CB7DD1A1, 449B9F108DDCAFE09F4043BEB72012FD7FABEF485EA94657744499D2156EDCBC ] C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll
    12:16:33.0284 0x1534  C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll - ok
    12:16:33.0284 0x1534  [ C3CB0F256997C96AB09FC25E4024B10D, 54756087FA94EE6A6CEFF81C3DE8B29B70B8603ED1C711A681F4886C7A914D2A ] C:\Program Files\Common Files\McAfee\VSCore_3_8\Lockdown.dll
    12:16:33.0284 0x1534  C:\Program Files\Common Files\McAfee\VSCore_3_8\Lockdown.dll - ok
    12:16:33.0300 0x1534  [ 14486EB6AF542F2BD3239F7FC3E713F7, C084C653CF6C63D7B4DB08CBDE2CAF059019D276BCACD923A29D22E69055012C ] C:\Windows\SysWOW64\pautoenr.dll
    12:16:33.0300 0x1534  C:\Windows\SysWOW64\pautoenr.dll - ok
    12:16:33.0300 0x1534  [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
    12:16:33.0300 0x1534  C:\Windows\SysWOW64\setupapi.dll - ok
    12:16:33.0300 0x1534  [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
    12:16:33.0300 0x1534  C:\Windows\SysWOW64\cfgmgr32.dll - ok
    12:16:33.0300 0x1534  [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
    12:16:33.0300 0x1534  C:\Windows\SysWOW64\credssp.dll - ok
    12:16:33.0300 0x1534  [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
    12:16:33.0300 0x1534  C:\Windows\SysWOW64\devobj.dll - ok
    12:16:33.0315 0x1534  [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
    12:16:33.0315 0x1534  C:\Windows\SysWOW64\propsys.dll - ok
    12:16:33.0315 0x1534  [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
    12:16:33.0315 0x1534  C:\Windows\SysWOW64\dnsapi.dll - ok
    12:16:33.0315 0x1534  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
    12:16:33.0315 0x1534  C:\Windows\SysWOW64\NapiNSP.dll - ok
    12:16:33.0315 0x1534  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
    12:16:33.0315 0x1534  C:\Windows\System32\NapiNSP.dll - ok
    12:16:33.0315 0x1534  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
    12:16:33.0315 0x1534  C:\Windows\SysWOW64\pnrpnsp.dll - ok
    12:16:33.0315 0x1534  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
    12:16:33.0315 0x1534  C:\Windows\System32\pnrpnsp.dll - ok
    12:16:33.0331 0x1534  [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
    12:16:33.0331 0x1534  C:\Windows\SysWOW64\mswsock.dll - ok
    12:16:33.0331 0x1534  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
    12:16:33.0331 0x1534  C:\Windows\SysWOW64\winrnr.dll - ok
    12:16:33.0331 0x1534  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
    12:16:33.0331 0x1534  C:\Windows\System32\winrnr.dll - ok
    12:16:33.0331 0x1534  [ 61DC3F2BE3093FE22CD717260946D7AD, 51C24E1F01D239EAD7254F759E213FC6CDBB74EAA466392FF1441A9D5A300A5D ] C:\Windows\SysWOW64\urlmon.dll
    12:16:33.0331 0x1534  C:\Windows\SysWOW64\urlmon.dll - ok
    12:16:33.0331 0x1534  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
    12:16:33.0331 0x1534  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
    12:16:33.0346 0x1534  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
    12:16:33.0346 0x1534  C:\Windows\SysWOW64\wship6.dll - ok
    12:16:33.0346 0x1534  [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
    12:16:33.0346 0x1534  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
    12:16:33.0346 0x1534  [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    12:16:33.0346 0x1534  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
    12:16:33.0346 0x1534  [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    12:16:33.0346 0x1534  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
    12:16:33.0346 0x1534  [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    12:16:33.0346 0x1534  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
    12:16:33.0362 0x1534  [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
    12:16:33.0362 0x1534  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
    12:16:33.0362 0x1534  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
    12:16:33.0362 0x1534  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
    12:16:33.0362 0x1534  [ 122B216B091D06F672CC8D331128FB06, AB2CFCF646785A2B171F81B08B25BABF0B7D9065D45C564B36E97E6A0CAE4744 ] C:\Windows\SysWOW64\iertutil.dll
    12:16:33.0362 0x1534  C:\Windows\SysWOW64\iertutil.dll - ok
    12:16:33.0362 0x1534  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
    12:16:33.0362 0x1534  C:\Windows\SysWOW64\rasadhlp.dll - ok
    12:16:33.0362 0x1534  [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
    12:16:33.0362 0x1534  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
    12:16:33.0362 0x1534  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
    12:16:33.0362 0x1534  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
    12:16:33.0378 0x1534  [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
    12:16:33.0378 0x1534  C:\Windows\System32\pautoenr.dll - ok
    12:16:33.0378 0x1534  [ 61B1ED5F429EFAC7E2036769870AB93E, 628CF28434C5DFB81B76B90BEA4CDD9EB1E4B0971BEE24136A09490F9439E00E ] C:\Windows\SysWOW64\certcli.dll
    12:16:33.0378 0x1534  C:\Windows\SysWOW64\certcli.dll - ok

  17. 12:16:31.0699 0x1534  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
    12:16:31.0699 0x1534  C:\Windows\System32\drivers\raspppoe.sys - ok
    12:16:31.0702 0x1534  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
    12:16:31.0702 0x1534  C:\Windows\System32\drivers\raspptp.sys - ok
    12:16:31.0705 0x1534  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
    12:16:31.0705 0x1534  C:\Windows\System32\drivers\kbdclass.sys - ok
    12:16:31.0707 0x1534  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
    12:16:31.0707 0x1534  C:\Windows\System32\drivers\mouclass.sys - ok
    12:16:31.0710 0x1534  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
    12:16:31.0710 0x1534  C:\Windows\System32\drivers\rassstp.sys - ok
    12:16:31.0713 0x1534  [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
    12:16:31.0713 0x1534  C:\Windows\System32\drivers\ks.sys - ok
    12:16:31.0715 0x1534  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
    12:16:31.0715 0x1534  C:\Windows\System32\drivers\swenum.sys - ok
    12:16:31.0718 0x1534  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
    12:16:31.0718 0x1534  C:\Windows\System32\drivers\umbus.sys - ok
    12:16:31.0721 0x1534  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] C:\Windows\System32\drivers\usbhub.sys
    12:16:31.0721 0x1534  C:\Windows\System32\drivers\usbhub.sys - ok
    12:16:31.0723 0x1534  [ 1084AA52CCC324EA54C7121FA24C2221, 6E972CF624F7C0DE8190434B3B30279A01C551713109F97B9EBB77FAC9364754 ] C:\Windows\System32\gdi32.dll
    12:16:31.0723 0x1534  C:\Windows\System32\gdi32.dll - ok
    12:16:31.0726 0x1534  [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
    12:16:31.0726 0x1534  C:\Windows\System32\msctf.dll - ok
    12:16:31.0728 0x1534  [ 882AC0DD997CFC90FBB468D698BD55C6, 127909B8C20EAB0A692ECDB50E9D3DF2B568C43F58E38655DEFA4F2831EAA92C ] C:\Windows\System32\urlmon.dll
    12:16:31.0728 0x1534  C:\Windows\System32\urlmon.dll - ok
    12:16:31.0731 0x1534  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
    12:16:31.0731 0x1534  C:\Windows\System32\drivers\ndproxy.sys - ok
    12:16:31.0733 0x1534  [ 21D26064AEDB4988F785BB4A3A2C051E, F6FA2CA351B24DA19645EB542596C82F9A68D84CC7CCFE6F9FC15CE2CE4D1961 ] C:\Windows\System32\drivers\drmk.sys
    12:16:31.0733 0x1534  C:\Windows\System32\drivers\drmk.sys - ok
    12:16:31.0736 0x1534  [ 32E11315B5126921FFD9074840EF13D3, FC7C0E1CC447FDD89C0FA5EBFD04CCEABFB27751AB57A7176F12BD0D35306E1C ] C:\Windows\System32\drivers\portcls.sys
    12:16:31.0736 0x1534  C:\Windows\System32\drivers\portcls.sys - ok
    12:16:31.0738 0x1534  [ 62C93ABEC0F8A9A235BF7A86B9FC3A0C, 0347B4277D8DF1EA371676D5718222963894F3697AE75A5F3370FC31F4B566F6 ] C:\Windows\System32\drivers\RTKVHD64.sys
    12:16:31.0738 0x1534  C:\Windows\System32\drivers\RTKVHD64.sys - ok
    12:16:31.0741 0x1534  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] C:\Windows\System32\drivers\IntcDAud.sys
    12:16:31.0741 0x1534  C:\Windows\System32\drivers\IntcDAud.sys - ok
    12:16:31.0744 0x1534  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
    12:16:31.0744 0x1534  C:\Windows\System32\drivers\ksthunk.sys - ok
    12:16:31.0749 0x1534  [ 486D22007426F10779C6351D305E9E43, 4796A017092DBDBCC8E282B36F89219944321B5279C88E369C0CFFF8CDC97742 ] C:\Windows\System32\drivers\mfeavfk.sys
    12:16:31.0749 0x1534  C:\Windows\System32\drivers\mfeavfk.sys - ok
    12:16:31.0752 0x1534  [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
    12:16:31.0753 0x1534  C:\Windows\System32\Wldap32.dll - ok
    12:16:31.0755 0x1534  [ A1BE6A720D02E37F72E9CD89AE9CB3CF, 80721B622AC1EEF1F534B9C8948E2226B733123B14ABE63894D5788E4F0D6B8B ] C:\Windows\System32\imagehlp.dll
    12:16:31.0755 0x1534  C:\Windows\System32\imagehlp.dll - ok
    12:16:31.0758 0x1534  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
    12:16:31.0758 0x1534  C:\Windows\System32\nsi.dll - ok
    12:16:31.0761 0x1534  [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
    12:16:31.0761 0x1534  C:\Windows\System32\oleaut32.dll - ok
    12:16:31.0764 0x1534  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
    12:16:31.0764 0x1534  C:\Windows\System32\sechost.dll - ok
    12:16:31.0767 0x1534  [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
    12:16:31.0767 0x1534  C:\Windows\System32\shlwapi.dll - ok
    12:16:31.0770 0x1534  [ D8973E71F1B35CD3F3DEA7C12D49D0F0, 23CAE14BF9D7208CD2A0B2691B1A64313A24A23E6D70F40AA0572ED37E8B542C ] C:\Windows\System32\kernel32.dll
    12:16:31.0770 0x1534  C:\Windows\System32\kernel32.dll - ok
    12:16:31.0773 0x1534  [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
    12:16:31.0773 0x1534  C:\Windows\System32\msvcrt.dll - ok
    12:16:31.0775 0x1534  [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
    12:16:31.0775 0x1534  C:\Windows\System32\ole32.dll - ok
    12:16:31.0778 0x1534  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
    12:16:31.0778 0x1534  C:\Windows\System32\psapi.dll - ok
    12:16:31.0782 0x1534  [ DFDDC10E9666DBFDB8F2E827B7C2DCE4, 7CCE610BAE3C8BBA59A90B840782C0F9DFDC82AFABA9E9AB5F78C02F7CADB8FA ] C:\Windows\System32\drivers\mfefirek.sys
    12:16:31.0783 0x1534  C:\Windows\System32\drivers\mfefirek.sys - ok
    12:16:31.0786 0x1534  [ 73A92690FF5CFFE5A741912311AA1A6C, 52B6DACF023A704785D2F346F61D5896DF1E06C1ED37540741227333C4BE921A ] C:\Windows\System32\drivers\mfencbdc.sys
    12:16:31.0786 0x1534  C:\Windows\System32\drivers\mfencbdc.sys - ok
    12:16:31.0789 0x1534  [ DBF99FD9CAF75CA66D042BD8D050FF71, D11A863EAEDE80A731FD7A63F744E518D3921043CC3982BAA87992F9E82F044F ] C:\Windows\System32\usp10.dll
    12:16:31.0789 0x1534  C:\Windows\System32\usp10.dll - ok
    12:16:31.0793 0x1534  [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
    12:16:31.0793 0x1534  C:\Windows\System32\comdlg32.dll - ok
    12:16:31.0794 0x1534  [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
    12:16:31.0795 0x1534  C:\Windows\System32\lpk.dll - ok
    12:16:31.0799 0x1534  [ D28B35DE88D27EFB27DF4B1E8319E3C0, 15188D68ADAD41422E0F0AFB03BD21A8DD8521D9284E3253E5434893D869E091 ] C:\Windows\System32\wininet.dll
    12:16:31.0799 0x1534  C:\Windows\System32\wininet.dll - ok
    12:16:31.0802 0x1534  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
    12:16:31.0802 0x1534  C:\Windows\System32\normaliz.dll - ok
    12:16:31.0802 0x1534  [ 26036E228D2467DE6975AD819C22C043, B4A30EC7ABAEFFF55DE662F4A17415F2BD737BD563215638C86C580B8F3EA907 ] C:\Windows\System32\rpcrt4.dll
    12:16:31.0802 0x1534  C:\Windows\System32\rpcrt4.dll - ok
    12:16:31.0802 0x1534  [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
    12:16:31.0802 0x1534  C:\Windows\System32\ws2_32.dll - ok
    12:16:31.0802 0x1534  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
    12:16:31.0802 0x1534  C:\Windows\System32\setupapi.dll - ok
    12:16:31.0802 0x1534  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
    12:16:31.0802 0x1534  C:\Windows\System32\imm32.dll - ok
    12:16:31.0802 0x1534  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
    12:16:31.0802 0x1534  C:\Windows\System32\difxapi.dll - ok
    12:16:31.0818 0x1534  [ AD662B34B161198B9D66A564EDDA7D43, 335807AA4E88234BF2C639781E92D0DBC41D973754D61AB1DA6C8BA4E108AEBD ] C:\Windows\System32\shell32.dll
    12:16:31.0818 0x1534  C:\Windows\System32\shell32.dll - ok
    12:16:31.0818 0x1534  [ 199BD40B1890E1EEFF7438B59787534F, 80F413195E8B8310AAC6F061B352ECAB683D70E0594B5999BB575A3BA5F8B16F ] C:\Windows\System32\iertutil.dll
    12:16:31.0818 0x1534  C:\Windows\System32\iertutil.dll - ok
    12:16:31.0818 0x1534  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
    12:16:31.0818 0x1534  C:\Windows\System32\clbcatq.dll - ok
    12:16:31.0818 0x1534  [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
    12:16:31.0818 0x1534  C:\Windows\System32\advapi32.dll - ok
    12:16:31.0818 0x1534  [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
    12:16:31.0818 0x1534  C:\Windows\System32\user32.dll - ok
    12:16:31.0818 0x1534  [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    12:16:31.0818 0x1534  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
    12:16:31.0833 0x1534  [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    12:16:31.0833 0x1534  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
    12:16:31.0833 0x1534  [ 287998A9BA0140ABB59792CDEB2F8483, 68187C80008BFF6C778B0163AC95A91B1EC98B811E2D4E818F385DD12C01A141 ] C:\Windows\System32\crypt32.dll
    12:16:31.0833 0x1534  C:\Windows\System32\crypt32.dll - ok
    12:16:31.0833 0x1534  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
    12:16:31.0833 0x1534  C:\Windows\System32\devobj.dll - ok
    12:16:31.0833 0x1534  [ B22C00ED0491FD7B8803D7DDE2849F4C, 11AB01BF17A4130A3C4EF493A42406DF106B0923DD6DCBFF5958F5C886B9DA93 ] C:\Windows\System32\KernelBase.dll
    12:16:31.0833 0x1534  C:\Windows\System32\KernelBase.dll - ok
    12:16:31.0849 0x1534  [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    12:16:31.0849 0x1534  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
    12:16:31.0849 0x1534  [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    12:16:31.0849 0x1534  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
    12:16:31.0849 0x1534  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
    12:16:31.0849 0x1534  C:\Windows\System32\comctl32.dll - ok
    12:16:31.0849 0x1534  [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
    12:16:31.0849 0x1534  C:\Windows\System32\cfgmgr32.dll - ok
    12:16:31.0849 0x1534  [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    12:16:31.0849 0x1534  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
    12:16:31.0849 0x1534  [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
    12:16:31.0849 0x1534  C:\Windows\System32\wintrust.dll - ok
    12:16:31.0864 0x1534  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    12:16:31.0864 0x1534  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
    12:16:31.0864 0x1534  [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
    12:16:31.0864 0x1534  C:\Windows\System32\msasn1.dll - ok
    12:16:31.0864 0x1534  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
    12:16:31.0864 0x1534  C:\Windows\SysWOW64\normaliz.dll - ok
    12:16:31.0864 0x1534  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
    12:16:31.0864 0x1534  C:\Windows\System32\drivers\dxapi.sys - ok
    12:16:31.0864 0x1534  [ 19320B121BFE7462EADD50A42C81AFD0, 410C34396C52DD3D915915DF49664AAE11090CE85A840E1853EBDB101A9ED745 ] C:\Windows\System32\win32k.sys
    12:16:31.0864 0x1534  C:\Windows\System32\win32k.sys - ok
    12:16:31.0864 0x1534  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
    12:16:31.0864 0x1534  C:\Windows\System32\basesrv.dll - ok
    12:16:31.0864 0x1534  [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
    12:16:31.0864 0x1534  C:\Windows\System32\csrsrv.dll - ok
    12:16:31.0880 0x1534  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
    12:16:31.0880 0x1534  C:\Windows\System32\csrss.exe - ok
    12:16:31.0880 0x1534  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
    12:16:31.0880 0x1534  C:\Windows\System32\winsrv.dll - ok
    12:16:31.0880 0x1534  [ 597C3699384E53CC59587ED50CCE5CA2, 4F61E9B5BEB3BD1634D733983381E516664BD7E250DF4B0150B168E05EFD652A ] C:\Windows\System32\drivers\hidclass.sys
    12:16:31.0880 0x1534  C:\Windows\System32\drivers\hidclass.sys - ok
    12:16:31.0880 0x1534  [ 856E76B3641746ABBC2946BED1372098, FD93CC7F72560F72CA49AD5609C079E25B8A3A4802E72B127B63A9E7B4884710 ] C:\Windows\System32\drivers\hidparse.sys
    12:16:31.0880 0x1534  C:\Windows\System32\drivers\hidparse.sys - ok
    12:16:31.0880 0x1534  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] C:\Windows\System32\drivers\hidusb.sys
    12:16:31.0880 0x1534  C:\Windows\System32\drivers\hidusb.sys - ok
    12:16:31.0880 0x1534  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys
    12:16:31.0880 0x1534  C:\Windows\System32\drivers\mouhid.sys - ok
    12:16:31.0896 0x1534  [ CCA2AB1752A61F29C3C941CD79D78CEA, 74D3B1710F2F90B3922341A9AA0B896CC5CD1AB9D32FF79F3CF3479928541CBD ] C:\Windows\System32\drivers\usbd.sys
    12:16:31.0896 0x1534  C:\Windows\System32\drivers\usbd.sys - ok
    12:16:31.0896 0x1534  [ 33BF7E4E3E5FF9DF8CA7A98F527B57CB, 460A4320B3C493CF80D058EC2A8C26E4A785ABB434D0D45A34F4A55B1A88CFF6 ] C:\Windows\System32\drivers\GeneStor.sys
    12:16:31.0896 0x1534  C:\Windows\System32\drivers\GeneStor.sys - ok
    12:16:31.0896 0x1534  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] C:\Windows\System32\drivers\usbccgp.sys
    12:16:31.0896 0x1534  C:\Windows\System32\drivers\usbccgp.sys - ok
    12:16:31.0896 0x1534  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] C:\Windows\System32\drivers\usbprint.sys
    12:16:31.0896 0x1534  C:\Windows\System32\drivers\usbprint.sys - ok
    12:16:31.0896 0x1534  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] C:\Windows\System32\drivers\usbscan.sys
    12:16:31.0896 0x1534  C:\Windows\System32\drivers\usbscan.sys - ok
    12:16:31.0896 0x1534  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] C:\Windows\System32\drivers\kbdhid.sys
    12:16:31.0896 0x1534  C:\Windows\System32\drivers\kbdhid.sys - ok
    12:16:31.0911 0x1534  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
    12:16:31.0911 0x1534  C:\Windows\System32\drivers\monitor.sys - ok
    12:16:31.0911 0x1534  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
    12:16:31.0911 0x1534  C:\Windows\System32\tsddd.dll - ok
    12:16:31.0911 0x1534  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
    12:16:31.0911 0x1534  C:\Windows\System32\sxssrv.dll - ok
    12:16:31.0911 0x1534  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
    12:16:31.0911 0x1534  C:\Windows\System32\wininit.exe - ok
    12:16:31.0911 0x1534  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
    12:16:31.0911 0x1534  C:\Windows\System32\profapi.dll - ok
    12:16:31.0911 0x1534  [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
    12:16:31.0911 0x1534  C:\Windows\System32\cdd.dll - ok
    12:16:31.0927 0x1534  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] C:\Windows\System32\drivers\USBAUDIO.sys
    12:16:31.0927 0x1534  C:\Windows\System32\drivers\USBAUDIO.sys - ok
    12:16:31.0927 0x1534  [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
    12:16:31.0927 0x1534  C:\Windows\System32\KBDUS.DLL - ok
    12:16:31.0927 0x1534  [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
    12:16:31.0927 0x1534  C:\Windows\System32\RpcRtRemote.dll - ok
    12:16:31.0927 0x1534  [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
    12:16:31.0927 0x1534  C:\Windows\System32\winlogon.exe - ok
    12:16:31.0927 0x1534  [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
    12:16:31.0927 0x1534  C:\Windows\System32\winsta.dll - ok
    12:16:31.0942 0x1534  [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
    12:16:31.0942 0x1534  C:\Windows\System32\sxs.dll - ok
    12:16:31.0942 0x1534  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
    12:16:31.0942 0x1534  C:\Windows\System32\WlS0WndH.dll - ok
    12:16:31.0942 0x1534  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
    12:16:31.0942 0x1534  C:\Windows\System32\cryptbase.dll - ok
    12:16:31.0942 0x1534  [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
    12:16:31.0942 0x1534  C:\Windows\System32\apphelp.dll - ok
    12:16:31.0942 0x1534  [ 66A6063D0BAAD3F7B2B9868859E0743B, EEAABD90410864E2992E1A3AB2C29D0E8EF955AD49AF72A6A8EAA3D3AE9EE33E ] C:\Windows\System32\lsasrv.dll
    12:16:31.0942 0x1534  C:\Windows\System32\lsasrv.dll - ok
    12:16:31.0958 0x1534  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] C:\Windows\System32\lsass.exe
    12:16:31.0958 0x1534  C:\Windows\System32\lsass.exe - ok
    12:16:31.0958 0x1534  [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
    12:16:31.0958 0x1534  C:\Windows\System32\lsm.exe - ok
    12:16:31.0958 0x1534  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
    12:16:31.0958 0x1534  C:\Windows\System32\services.exe - ok
    12:16:31.0958 0x1534  [ B66BC8B20B7F33975865B1DF99783FD8, 7CB446AAA2F1232AAA0178F90CEA857015CC21A9A615601F7DBFB7130CD0858B ] C:\Windows\System32\sspicli.dll
    12:16:31.0958 0x1534  C:\Windows\System32\sspicli.dll - ok
    12:16:31.0958 0x1534  [ 3A0CE5FE781708CD6ABD55313607EC8B, D7B4137ABFED3A46304605A83C1E5012E7D1C811E5C74A9F20E359988EFCD7A9 ] C:\Windows\System32\sspisrv.dll
    12:16:31.0958 0x1534  C:\Windows\System32\sspisrv.dll - ok
    12:16:31.0974 0x1534  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
    12:16:31.0974 0x1534  C:\Windows\System32\scext.dll - ok
    12:16:31.0974 0x1534  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
    12:16:31.0974 0x1534  C:\Windows\System32\sysntfy.dll - ok
    12:16:31.0974 0x1534  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
    12:16:31.0974 0x1534  C:\Windows\System32\wmsgapi.dll - ok
    12:16:31.0974 0x1534  [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
    12:16:31.0974 0x1534  C:\Windows\System32\scesrv.dll - ok
    12:16:31.0974 0x1534  [ 0144D8D75A0B12938AEEE859E3310A46, C3FB240B62F736230BAC81DE8315C9236300474B189A599DBC6437AB341F166B ] C:\Windows\System32\secur32.dll
    12:16:31.0974 0x1534  C:\Windows\System32\secur32.dll - ok
    12:16:31.0989 0x1534  [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
    12:16:31.0989 0x1534  C:\Windows\System32\srvcli.dll - ok
    12:16:31.0989 0x1534  [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
    12:16:31.0989 0x1534  C:\Windows\System32\samsrv.dll - ok
    12:16:31.0989 0x1534  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
    12:16:31.0989 0x1534  C:\Windows\System32\cryptdll.dll - ok
    12:16:31.0989 0x1534  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
    12:16:31.0989 0x1534  C:\Windows\System32\wevtapi.dll - ok
    12:16:31.0989 0x1534  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
    12:16:31.0989 0x1534  C:\Windows\System32\authz.dll - ok
    12:16:31.0989 0x1534  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
    12:16:31.0989 0x1534  C:\Windows\System32\cngaudit.dll - ok
    12:16:32.0005 0x1534  [ 5F3307352216618221A17CFEF273EEE2, 8EE55E9869FAF89EFDCADDDA74E9CAA072330CEF96C9DA2B8F8093FE5DAA5837 ] C:\Windows\System32\ncrypt.dll
    12:16:32.0005 0x1534  C:\Windows\System32\ncrypt.dll - ok
    12:16:32.0005 0x1534  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
    12:16:32.0005 0x1534  C:\Windows\System32\bcrypt.dll - ok
    12:16:32.0005 0x1534  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
    12:16:32.0005 0x1534  C:\Windows\System32\msprivs.dll - ok
    12:16:32.0005 0x1534  [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
    12:16:32.0005 0x1534  C:\Windows\System32\netjoin.dll - ok
    12:16:32.0005 0x1534  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
    12:16:32.0005 0x1534  C:\Windows\System32\negoexts.dll - ok
    12:16:32.0005 0x1534  [ 44E1A196DFCB53B01FE4B855C3B56A15, EDC31276EC325B642D07EE79F6E9021CBB7F8AFC32F9A408C91844175BF6B6E2 ] C:\Windows\System32\kerberos.dll
    12:16:32.0005 0x1534  C:\Windows\System32\kerberos.dll - ok
    12:16:32.0005 0x1534  [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
    12:16:32.0005 0x1534  C:\Windows\System32\cryptsp.dll - ok
    12:16:32.0020 0x1534  [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
    12:16:32.0020 0x1534  C:\Windows\System32\mswsock.dll - ok
    12:16:32.0020 0x1534  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
    12:16:32.0020 0x1534  C:\Windows\System32\wship6.dll - ok
    12:16:32.0020 0x1534  [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
    12:16:32.0020 0x1534  C:\Windows\System32\msv1_0.dll - ok
    12:16:32.0020 0x1534  [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
    12:16:32.0020 0x1534  C:\Windows\System32\netlogon.dll - ok
    12:16:32.0020 0x1534  [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
    12:16:32.0020 0x1534  C:\Windows\System32\dnsapi.dll - ok
    12:16:32.0020 0x1534  [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
    12:16:32.0020 0x1534  C:\Windows\System32\logoncli.dll - ok
    12:16:32.0036 0x1534  [ 1573C45E65DE32B1BC3572634F8F1E8E, 8B3D9636470ADCEEEAA83E69033487E270AB1AE58F4D44BB4B024B95F59C3CC9 ] C:\Windows\System32\schannel.dll
    12:16:32.0036 0x1534  C:\Windows\System32\schannel.dll - ok
    12:16:32.0036 0x1534  [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
    12:16:32.0036 0x1534  C:\Windows\System32\wdigest.dll - ok
    12:16:32.0036 0x1534  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
    12:16:32.0036 0x1534  C:\Windows\System32\rsaenh.dll - ok
    12:16:32.0036 0x1534  [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
    12:16:32.0036 0x1534  C:\Windows\System32\TSpkg.dll - ok
    12:16:32.0036 0x1534  [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
    12:16:32.0036 0x1534  C:\Windows\System32\bcryptprimitives.dll - ok
    12:16:32.0036 0x1534  [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
    12:16:32.0036 0x1534  C:\Windows\System32\pku2u.dll - ok
    12:16:32.0052 0x1534  [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
    12:16:32.0052 0x1534  C:\Windows\System32\credssp.dll - ok
    12:16:32.0052 0x1534  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
    12:16:32.0052 0x1534  C:\Windows\System32\efslsaext.dll - ok
    12:16:32.0052 0x1534  [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
    12:16:32.0052 0x1534  C:\Windows\System32\scecli.dll - ok
    12:16:32.0052 0x1534  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
    12:16:32.0052 0x1534  C:\Windows\System32\ubpm.dll - ok
    12:16:32.0052 0x1534  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
    12:16:32.0052 0x1534  C:\Windows\System32\svchost.exe - ok
    12:16:32.0052 0x1534  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
    12:16:32.0052 0x1534  C:\Windows\System32\umpnpmgr.dll - ok
    12:16:32.0067 0x1534  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
    12:16:32.0067 0x1534  C:\Windows\System32\SPInf.dll - ok
    12:16:32.0067 0x1534  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
    12:16:32.0067 0x1534  C:\Windows\System32\devrtl.dll - ok
    12:16:32.0067 0x1534  [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
    12:16:32.0067 0x1534  C:\Windows\System32\userenv.dll - ok
    12:16:32.0067 0x1534  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
    12:16:32.0067 0x1534  C:\Windows\System32\gpapi.dll - ok
    12:16:32.0067 0x1534  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
    12:16:32.0067 0x1534  C:\Windows\System32\umpo.dll - ok
    12:16:32.0067 0x1534  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
    12:16:32.0067 0x1534  C:\Windows\System32\pcwum.dll - ok
    12:16:32.0083 0x1534  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
    12:16:32.0083 0x1534  C:\Windows\System32\powrprof.dll - ok
    12:16:32.0083 0x1534  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
    12:16:32.0083 0x1534  C:\Windows\System32\drivers\luafv.sys - ok
    12:16:32.0083 0x1534  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] C:\Windows\System32\drivers\mbam.sys
    12:16:32.0083 0x1534  C:\Windows\System32\drivers\mbam.sys - ok
    12:16:32.0083 0x1534  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
    12:16:32.0083 0x1534  C:\Windows\System32\rpcss.dll - ok
    12:16:32.0083 0x1534  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
    12:16:32.0083 0x1534  C:\Windows\System32\RpcEpMap.dll - ok
    12:16:32.0098 0x1534  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
    12:16:32.0098 0x1534  C:\Windows\System32\WSHTCPIP.DLL - ok
    12:16:32.0098 0x1534  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
    12:16:32.0098 0x1534  C:\Windows\System32\wshqos.dll - ok
    12:16:32.0098 0x1534  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
    12:16:32.0098 0x1534  C:\Windows\System32\FirewallAPI.dll - ok
    12:16:32.0098 0x1534  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
    12:16:32.0098 0x1534  C:\Windows\System32\version.dll - ok
    12:16:32.0098 0x1534  [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
    12:16:32.0098 0x1534  C:\Windows\System32\wevtsvc.dll - ok
    12:16:32.0098 0x1534  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
    12:16:32.0114 0x1534  C:\Windows\System32\profsvc.dll - ok
    12:16:32.0114 0x1534  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
    12:16:32.0114 0x1534  C:\Windows\System32\audiosrv.dll - ok
    12:16:32.0114 0x1534  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
    12:16:32.0114 0x1534  C:\Windows\System32\mmcss.dll - ok
    12:16:32.0114 0x1534  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
    12:16:32.0114 0x1534  C:\Windows\System32\avrt.dll - ok
    12:16:32.0114 0x1534  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
    12:16:32.0114 0x1534  C:\Windows\System32\adtschema.dll - ok
    12:16:32.0114 0x1534  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
    12:16:32.0114 0x1534  C:\Windows\System32\MMDevAPI.dll - ok
    12:16:32.0130 0x1534  [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
    12:16:32.0130 0x1534  C:\Windows\System32\LogonUI.exe - ok
    12:16:32.0130 0x1534  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
    12:16:32.0130 0x1534  C:\Windows\System32\wlansvc.dll - ok
    12:16:32.0130 0x1534  [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
    12:16:32.0130 0x1534  C:\Windows\System32\propsys.dll - ok
    12:16:32.0130 0x1534  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
    12:16:32.0130 0x1534  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
    12:16:32.0130 0x1534  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
    12:16:32.0130 0x1534  C:\Windows\System32\drivers\fltMgr.sys - ok
    12:16:32.0130 0x1534  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
    12:16:32.0130 0x1534  C:\Windows\System32\PSHED.DLL - ok
    12:16:32.0145 0x1534  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
    12:16:32.0145 0x1534  C:\Windows\System32\netprofm.dll - ok
    12:16:32.0145 0x1534  [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
    12:16:32.0145 0x1534  C:\Windows\System32\audiodg.exe - ok
    12:16:32.0145 0x1534  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
    12:16:32.0145 0x1534  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
    12:16:32.0145 0x1534  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
    12:16:32.0145 0x1534  C:\Windows\System32\MPSSVC.dll - ok
    12:16:32.0145 0x1534  [ 3EF480BFED1B5947A32585E30A58D4ED, 798FECC095721EFB1C2B1DF3438DDABEEEA668EA00CB702164F2A0A0C30F1726 ] C:\Windows\System32\authui.dll
    12:16:32.0145 0x1534  C:\Windows\System32\authui.dll - ok
    12:16:32.0145 0x1534  [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
    12:16:32.0145 0x1534  C:\Windows\System32\cryptui.dll - ok
    12:16:32.0161 0x1534  [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
    12:16:32.0161 0x1534  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
    12:16:32.0161 0x1534  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
    12:16:32.0161 0x1534  C:\Windows\System32\samlib.dll - ok
    12:16:32.0161 0x1534  [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
    12:16:32.0161 0x1534  C:\Windows\System32\shacct.dll - ok
    12:16:32.0161 0x1534  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
    12:16:32.0161 0x1534  C:\Windows\System32\uxtheme.dll - ok
    12:16:32.0161 0x1534  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8, 59C4FE015CCBE922F7AB3838D7F34CACC08DD437B2BAD62926BF4A9C416F7C19 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
    12:16:32.0161 0x1534  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
    12:16:32.0176 0x1534  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
    12:16:32.0176 0x1534  C:\Windows\System32\dui70.dll - ok
    12:16:32.0176 0x1534  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
    12:16:32.0176 0x1534  C:\Windows\System32\duser.dll - ok
    12:16:32.0176 0x1534  [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
    12:16:32.0176 0x1534  C:\Windows\System32\SndVolSSO.dll - ok
    12:16:32.0176 0x1534  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
    12:16:32.0176 0x1534  C:\Windows\System32\dwmapi.dll - ok
    12:16:32.0176 0x1534  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
    12:16:32.0176 0x1534  C:\Windows\System32\hid.dll - ok
    12:16:32.0176 0x1534  [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
    12:16:32.0176 0x1534  C:\Windows\System32\xmllite.dll - ok
    12:16:32.0192 0x1534  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
    12:16:32.0192 0x1534  C:\Windows\System32\ntmarta.dll - ok
    12:16:32.0192 0x1534  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
    12:16:32.0192 0x1534  C:\Windows\System32\gpsvc.dll - ok
    12:16:32.0192 0x1534  [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
    12:16:32.0192 0x1534  C:\Windows\System32\nlaapi.dll - ok
    12:16:32.0192 0x1534  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
    12:16:32.0192 0x1534  C:\Windows\System32\atl.dll - ok
    12:16:32.0192 0x1534  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
    12:16:32.0192 0x1534  C:\Windows\System32\themeservice.dll - ok
    12:16:32.0192 0x1534  [ 3D7BB6DD7A87B3E36E44CA94444247A8, 8EC25387910A85624A76C0312A7A8C2A4624E9B7A546FD071F70FE3C2F7F7333 ] C:\Windows\System32\WindowsCodecs.dll
    12:16:32.0192 0x1534  C:\Windows\System32\WindowsCodecs.dll - ok
    12:16:32.0208 0x1534  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
    12:16:32.0208 0x1534  C:\Windows\System32\winbrand.dll - ok
    12:16:32.0208 0x1534  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
    12:16:32.0208 0x1534  C:\Windows\System32\dsrole.dll - ok
    12:16:32.0208 0x1534  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
    12:16:32.0208 0x1534  C:\Windows\System32\slc.dll - ok
    12:16:32.0208 0x1534  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
    12:16:32.0208 0x1534  C:\Windows\System32\es.dll - ok
    12:16:32.0208 0x1534  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
    12:16:32.0208 0x1534  C:\Windows\System32\comres.dll - ok
    12:16:32.0208 0x1534  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
    12:16:32.0208 0x1534  C:\Windows\System32\Sens.dll - ok
    12:16:32.0223 0x1534  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
    12:16:32.0223 0x1534  C:\Windows\System32\uxsms.dll - ok
    12:16:32.0223 0x1534  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
    12:16:32.0223 0x1534  C:\Windows\System32\wtsapi32.dll - ok
    12:16:32.0223 0x1534  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
    12:16:32.0223 0x1534  C:\Windows\System32\drivers\lltdio.sys - ok
    12:16:32.0223 0x1534  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
    12:16:32.0223 0x1534  C:\Windows\System32\VaultCredProvider.dll - ok
    12:16:32.0223 0x1534  [ CA2985996BB49924B677113DF95CFEA7, 91F63863B1B597AE421CD2C3D8A3E00578B17876E5F5B828D25C2C9B349ECCCD ] C:\Windows\System32\SmartcardCredentialProvider.dll
    12:16:32.0223 0x1534  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
    12:16:32.0239 0x1534  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
    12:16:32.0239 0x1534  C:\Windows\System32\BioCredProv.dll - ok
    12:16:32.0239 0x1534  [ CC0AB40F02D2C2A12209715A3C1B07B8, 90EB303A4E151340DB382248361FEFC5346C31394791DF83663086C8219C2B20 ] C:\Windows\System32\credui.dll
    12:16:32.0239 0x1534  C:\Windows\System32\credui.dll - ok
    12:16:32.0239 0x1534  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
    12:16:32.0239 0x1534  C:\Windows\System32\winbio.dll - ok
    12:16:32.0239 0x1534  [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
    12:16:32.0239 0x1534  C:\Windows\System32\netapi32.dll - ok
    12:16:32.0239 0x1534  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
    12:16:32.0239 0x1534  C:\Windows\System32\vaultcli.dll - ok
    12:16:32.0239 0x1534  [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
    12:16:32.0239 0x1534  C:\Windows\System32\netutils.dll - ok
    12:16:32.0254 0x1534  [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
    12:16:32.0254 0x1534  C:\Windows\System32\wkscli.dll - ok
    12:16:32.0254 0x1534  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
    12:16:32.0254 0x1534  C:\Windows\System32\certCredProvider.dll - ok
    12:16:32.0254 0x1534  [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
    12:16:32.0254 0x1534  C:\Windows\System32\samcli.dll - ok
    12:16:32.0254 0x1534  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
    12:16:32.0254 0x1534  C:\Windows\System32\rasplap.dll - ok
    12:16:32.0254 0x1534  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
    12:16:32.0254 0x1534  C:\Windows\System32\rasapi32.dll - ok
    12:16:32.0254 0x1534  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
    12:16:32.0254 0x1534  C:\Windows\System32\rasman.dll - ok
    12:16:32.0270 0x1534  [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
    12:16:32.0270 0x1534  C:\Windows\System32\rtutils.dll - ok
    12:16:32.0270 0x1534  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
    12:16:32.0270 0x1534  C:\Windows\System32\UXInit.dll - ok
    12:16:32.0270 0x1534  [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
    12:16:32.0270 0x1534  C:\Windows\System32\oleacc.dll - ok
    12:16:32.0270 0x1534  [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll
    12:16:32.0270 0x1534  C:\Windows\System32\UIAutomationCore.dll - ok
    12:16:32.0270 0x1534  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
    12:16:32.0270 0x1534  C:\Windows\System32\drivers\ndisuio.sys - ok
    12:16:32.0270 0x1534  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
    12:16:32.0270 0x1534  C:\Windows\System32\drivers\nwifi.sys - ok
    12:16:32.0286 0x1534  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
    12:16:32.0286 0x1534  C:\Windows\System32\drivers\rspndr.sys - ok
    12:16:32.0286 0x1534  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
    12:16:32.0286 0x1534  C:\Windows\System32\lmhsvc.dll - ok
    12:16:32.0286 0x1534  [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
    12:16:32.0286 0x1534  C:\Windows\System32\IPHLPAPI.DLL - ok
    12:16:32.0286 0x1534  [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
    12:16:32.0286 0x1534  C:\Windows\System32\nrpsrv.dll - ok
    12:16:32.0286 0x1534  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
    12:16:32.0286 0x1534  C:\Windows\System32\winnsi.dll - ok
    12:16:32.0286 0x1534  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
    12:16:32.0286 0x1534  C:\Windows\System32\eapsvc.dll - ok
    12:16:32.0301 0x1534  [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
    12:16:32.0301 0x1534  C:\Windows\System32\keyiso.dll - ok
    12:16:32.0301 0x1534  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
    12:16:32.0301 0x1534  C:\Windows\System32\nsisvc.dll - ok
    12:16:32.0301 0x1534  [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
    12:16:32.0301 0x1534  C:\Windows\System32\eapphost.dll - ok
    12:16:32.0301 0x1534  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
    12:16:32.0301 0x1534  C:\Windows\System32\dhcpcore.dll - ok
    12:16:32.0301 0x1534  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
    12:16:32.0301 0x1534  C:\Windows\System32\imageres.dll - ok
    12:16:32.0301 0x1534  [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
    12:16:32.0301 0x1534  C:\Windows\System32\dhcpcore6.dll - ok
    12:16:32.0317 0x1534  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
    12:16:32.0317 0x1534  C:\Windows\System32\dnsrslvr.dll - ok
    12:16:32.0317 0x1534  [ 0040C486584A8E582C861CFB57AB5387, 5EE17B55CB702D14AE75B19226DE21CD2498BDA6C6EF5872FDB8A718F401FED1 ] C:\Windows\System32\FWPUCLNT.DLL
    12:16:32.0317 0x1534  C:\Windows\System32\FWPUCLNT.DLL - ok
    12:16:32.0317 0x1534  [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
    12:16:32.0317 0x1534  C:\Windows\System32\dhcpcsvc6.dll - ok
    12:16:32.0317 0x1534  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
    12:16:32.0317 0x1534  C:\Windows\System32\dnsext.dll - ok
    12:16:32.0317 0x1534  [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
    12:16:32.0317 0x1534  C:\Windows\System32\wlanmsm.dll - ok
    12:16:32.0332 0x1534  [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
    12:16:32.0332 0x1534  C:\Windows\System32\umb.dll - ok
    12:16:32.0332 0x1534  [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
    12:16:32.0332 0x1534  C:\Windows\System32\wlansec.dll - ok
    12:16:32.0332 0x1534  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
    12:16:32.0332 0x1534  C:\Windows\System32\eappprxy.dll - ok
    12:16:32.0332 0x1534  [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
    12:16:32.0332 0x1534  C:\Windows\System32\onex.dll - ok
    12:16:32.0332 0x1534  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
    12:16:32.0332 0x1534  C:\Windows\System32\dhcpcsvc.dll - ok
    12:16:32.0348 0x1534  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
    12:16:32.0348 0x1534  C:\Windows\System32\eappcfg.dll - ok
    12:16:32.0348 0x1534  [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
    12:16:32.0348 0x1534  C:\Windows\System32\l2gpstore.dll - ok
    12:16:32.0348 0x1534  [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
    12:16:32.0348 0x1534  C:\Windows\System32\WinSCard.dll - ok
    12:16:32.0348 0x1534  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
    12:16:32.0348 0x1534  C:\Windows\System32\wlanutil.dll - ok
    12:16:32.0348 0x1534  [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
    12:16:32.0348 0x1534  C:\Windows\System32\wlgpclnt.dll - ok
    12:16:32.0348 0x1534  [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll
    12:16:32.0348 0x1534  C:\Windows\System32\msxml6.dll - ok
    12:16:32.0364 0x1534  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
    12:16:32.0364 0x1534  C:\Windows\System32\netcfgx.dll - ok
    12:16:32.0364 0x1534  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
    12:16:32.0364 0x1534  C:\Windows\System32\shsvcs.dll - ok
    12:16:32.0364 0x1534  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
    12:16:32.0364 0x1534  C:\Windows\System32\schedsvc.dll - ok
    12:16:32.0364 0x1534  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
    12:16:32.0364 0x1534  C:\Windows\System32\ktmw32.dll - ok
    12:16:32.0364 0x1534  [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
    12:16:32.0364 0x1534  C:\Windows\System32\fveapi.dll - ok
    12:16:32.0364 0x1534  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
    12:16:32.0364 0x1534  C:\Windows\System32\fvecerts.dll - ok
    12:16:32.0379 0x1534  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
    12:16:32.0379 0x1534  C:\Windows\System32\tbs.dll - ok
    12:16:32.0379 0x1534  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
    12:16:32.0379 0x1534  C:\Windows\System32\wiarpc.dll - ok
    12:16:32.0379 0x1534  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
    12:16:32.0379 0x1534  C:\Windows\System32\dllhost.exe - ok
    12:16:32.0379 0x1534  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
    12:16:32.0379 0x1534  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
    12:16:32.0379 0x1534  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
    12:16:32.0379 0x1534  C:\Windows\System32\taskcomp.dll - ok
    12:16:32.0379 0x1534  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
    12:16:32.0379 0x1534  C:\Windows\System32\drivers\http.sys - ok
    12:16:32.0395 0x1534  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
    12:16:32.0395 0x1534  C:\Windows\System32\spoolsv.exe - ok
    12:16:32.0395 0x1534  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
    12:16:32.0395 0x1534  C:\Windows\System32\BFE.DLL - ok
    12:16:32.0395 0x1534  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
    12:16:32.0395 0x1534  C:\Windows\System32\IDStore.dll - ok
    12:16:32.0395 0x1534  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
    12:16:32.0395 0x1534  C:\Windows\System32\localspl.dll - ok
    12:16:32.0395 0x1534  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
    12:16:32.0395 0x1534  C:\Windows\System32\rasadhlp.dll - ok
    12:16:32.0410 0x1534  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
    12:16:32.0410 0x1534  C:\Windows\System32\spoolss.dll - ok
    12:16:32.0410 0x1534  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
    12:16:32.0410 0x1534  C:\Windows\System32\winspool.drv - ok
    12:16:32.0410 0x1534  [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
    12:16:32.0410 0x1534  C:\Windows\System32\PrintIsolationProxy.dll - ok
    12:16:32.0410 0x1534  [ 986E8BBDB93B4F1998F414A25B499D9B, 8B3E63A622D5C31E0E2917006F77D7A07CF8A11A2ED8BFB6439E3B28C27070CE ] C:\Windows\System32\hpinksts6412LM.dll
    12:16:32.0410 0x1534  C:\Windows\System32\hpinksts6412LM.dll - ok
    12:16:32.0410 0x1534  [ 2F426408F5FBE1BCE56F8F772A911EA4, EA77849C098EF986C593AE947855FB4C219CD2FD77F6F4E5320508A440F10815 ] C:\Windows\System32\HPDiscoPM6412.dll
    12:16:32.0410 0x1534  C:\Windows\System32\HPDiscoPM6412.dll - ok
    12:16:32.0410 0x1534  [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
    12:16:32.0410 0x1534  C:\Windows\System32\wsnmp32.dll - ok
    12:16:32.0426 0x1534  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
    12:16:32.0426 0x1534  C:\Windows\System32\mpr.dll - ok
    12:16:32.0426 0x1534  [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
    12:16:32.0426 0x1534  C:\Windows\System32\FXSMON.dll - ok
    12:16:32.0426 0x1534  [ 62A0ED06E9FF55EEF51B27EC4839EE0B, C206495B66EC9CBCDE0D7D9A2F420ADEF750B81BBD75A578F0A15F66864A0C98 ] C:\Windows\System32\hpz3lw71.dll
    12:16:32.0426 0x1534  C:\Windows\System32\hpz3lw71.dll - ok
    12:16:32.0426 0x1534  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
    12:16:32.0426 0x1534  C:\Windows\System32\tcpmon.dll - ok
    12:16:32.0426 0x1534  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
    12:16:32.0426 0x1534  C:\Windows\System32\userinit.exe - ok
    12:16:32.0442 0x1534  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
    12:16:32.0442 0x1534  C:\Windows\System32\snmpapi.dll - ok
    12:16:32.0442 0x1534  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
    12:16:32.0442 0x1534  C:\Windows\System32\usbmon.dll - ok
    12:16:32.0442 0x1534  [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
    12:16:32.0442 0x1534  C:\Windows\System32\WSDApi.dll - ok
    12:16:32.0442 0x1534  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
    12:16:32.0442 0x1534  C:\Windows\System32\WSDMon.dll - ok
    12:16:32.0442 0x1534  [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
    12:16:32.0442 0x1534  C:\Windows\System32\webservices.dll - ok
    12:16:32.0442 0x1534  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
    12:16:32.0442 0x1534  C:\Windows\System32\fundisc.dll - ok
    12:16:32.0457 0x1534  [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
    12:16:32.0457 0x1534  C:\Windows\explorer.exe - ok
    12:16:32.0457 0x1534  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
    12:16:32.0457 0x1534  C:\Windows\System32\fdPnp.dll - ok
    12:16:32.0457 0x1534  [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
    12:16:32.0457 0x1534  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
    12:16:32.0457 0x1534  [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
    12:16:32.0457 0x1534  C:\Windows\System32\taskhost.exe - ok
    12:16:32.0457 0x1534  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
    12:16:32.0457 0x1534  C:\Windows\System32\drivers\bowser.sys - ok
    12:16:32.0473 0x1534  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
    12:16:32.0473 0x1534  C:\Windows\System32\drivers\mpsdrv.sys - ok
    12:16:32.0473 0x1534  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
    12:16:32.0473 0x1534  C:\Windows\System32\HotStartUserAgent.dll - ok
    12:16:32.0473 0x1534  [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69, CC29187582D78060AB7D910BF0D1E68F6B6E6DF7A71755205A2D466C32CD098D ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
    12:16:32.0473 0x1534  C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
    12:16:32.0473 0x1534  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
    12:16:32.0473 0x1534  C:\Windows\System32\PlaySndSrv.dll - ok
    12:16:32.0473 0x1534  [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
    12:16:32.0488 0x1534  C:\Windows\System32\win32spl.dll - ok
    12:16:32.0488 0x1534  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
    12:16:32.0488 0x1534  C:\Windows\System32\wfapigp.dll - ok
    12:16:32.0488 0x1534  [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
    12:16:32.0488 0x1534  C:\Windows\System32\inetpp.dll - ok
    12:16:32.0488 0x1534  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
    12:16:32.0488 0x1534  C:\Windows\System32\cscapi.dll - ok
    12:16:32.0488 0x1534  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
    12:16:32.0488 0x1534  C:\Windows\System32\drivers\mrxsmb.sys - ok
    12:16:32.0488 0x1534  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
    12:16:32.0488 0x1534  C:\Windows\System32\drivers\mrxsmb10.sys - ok
    12:16:32.0504 0x1534  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
    12:16:32.0504 0x1534  C:\Windows\System32\drivers\mrxsmb20.sys - ok
    12:16:32.0504 0x1534  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
    12:16:32.0504 0x1534  C:\Windows\System32\dwm.exe - ok
    12:16:32.0504 0x1534  [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
    12:16:32.0504 0x1534  C:\Windows\System32\dwmredir.dll - ok
    12:16:32.0504 0x1534  [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
    12:16:32.0504 0x1534  C:\Windows\System32\dwmcore.dll - ok
    12:16:32.0504 0x1534  [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
    12:16:32.0504 0x1534  C:\Windows\System32\d3d10_1.dll - ok
    12:16:32.0520 0x1534  [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
    12:16:32.0520 0x1534  C:\Windows\System32\d3d10_1core.dll - ok
    12:16:32.0520 0x1534  [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
    12:16:32.0520 0x1534  C:\Windows\System32\d3d11.dll - ok
    12:16:32.0520 0x1534  [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
    12:16:32.0520 0x1534  C:\Windows\System32\dxgi.dll - ok
    12:16:32.0520 0x1534  [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
    12:16:32.0520 0x1534  C:\Windows\System32\ExplorerFrame.dll - ok
    12:16:32.0520 0x1534  [ 7F59519CAF9AA22E6EE52EBE4C38D712, 4D2919E243D995CFAA061BDB51364C412D675CB541CE145A827F2F431DE26A0C ] C:\Windows\System32\igd10umd64.dll
    12:16:32.0520 0x1534  C:\Windows\System32\igd10umd64.dll - ok
    12:16:32.0535 0x1534  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
    12:16:32.0535 0x1534  C:\Windows\System32\EhStorShell.dll - ok
    12:16:32.0535 0x1534  [ 80CB571D6024D9D5915673AF4A426FE6, 476F8790B42C19522B70866CC4E555D2901A998298D65B0269794A0B48115ACF ] C:\Program Files (x86)\McAfee Online Backup\MOBK400shell.dll
    12:16:32.0535 0x1534  C:\Program Files (x86)\McAfee Online Backup\MOBK400shell.dll - ok
    12:16:32.0535 0x1534  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
    12:16:32.0535 0x1534  C:\Windows\System32\wkssvc.dll - ok
    12:16:32.0535 0x1534  [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
    12:16:32.0535 0x1534  C:\Windows\System32\mscms.dll - ok
    12:16:32.0551 0x1534  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
    12:16:32.0551 0x1534  C:\Windows\System32\winmm.dll - ok
    12:16:32.0551 0x1534  [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
    12:16:32.0551 0x1534  C:\Windows\System32\winhttp.dll - ok
    12:16:32.0551 0x1534  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
    12:16:32.0551 0x1534  C:\Windows\System32\MsCtfMonitor.dll - ok
    12:16:32.0551 0x1534  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
    12:16:32.0551 0x1534  C:\Windows\System32\msutb.dll - ok
    12:16:32.0566 0x1534  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
    12:16:32.0566 0x1534  C:\Windows\System32\pcasvc.dll - ok
    12:16:32.0566 0x1534  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
    12:16:32.0566 0x1534  C:\Windows\System32\snmptrap.exe - ok
    12:16:32.0566 0x1534  [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
    12:16:32.0566 0x1534  C:\Windows\System32\webio.dll - ok
    12:16:32.0566 0x1534  [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    12:16:32.0566 0x1534  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
    12:16:32.0566 0x1534  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
    12:16:32.0566 0x1534  C:\Windows\System32\provsvc.dll - ok
    12:16:32.0582 0x1534  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
    12:16:32.0582 0x1534  C:\Windows\System32\sstpsvc.dll - ok
    12:16:32.0582 0x1534  [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
    12:16:32.0582 0x1534  C:\Windows\System32\esent.dll - ok
    12:16:32.0582 0x1534  [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
    12:16:32.0582 0x1534  C:\Windows\System32\ntshrui.dll - ok
    12:16:32.0582 0x1534  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
    12:16:32.0582 0x1534  C:\Windows\System32\IconCodecService.dll - ok
    12:16:32.0598 0x1534  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    12:16:32.0598 0x1534  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
    12:16:32.0598 0x1534  [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
    12:16:32.0598 0x1534  C:\Windows\SysWOW64\ntdll.dll - ok
    12:16:32.0598 0x1534  [ 70833F5A59F65908698093889C34BCA2, 25777B910664827FC5C8258E4956CC936E0A1E42A9C7F2F390A83025E685D728 ] C:\Windows\System32\wow64.dll
    12:16:32.0598 0x1534  C:\Windows\System32\wow64.dll - ok
    12:16:32.0598 0x1534  [ 5674E21E82CFBEA36DDAD5DB285D6DBC, FBD2AC69D3E66E39651C5F2C88C0087EDC3CD1FD999FC2A574C97E9DDF2C1441 ] C:\Windows\System32\wow64win.dll
    12:16:32.0598 0x1534  C:\Windows\System32\wow64win.dll - ok
    12:16:32.0613 0x1534  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3, FCF173B0A324FA4780824CBD8C8FE4E402F27EACF1A41AAFEA636FA0B3AE7B35 ] C:\Windows\System32\wow64cpu.dll
    12:16:32.0613 0x1534  C:\Windows\System32\wow64cpu.dll - ok
    12:16:32.0613 0x1534  [ 365A5034093AD9E04F433046C4CDF6AB, 5D5B30A883B273D59C6C64286E0BA79DA0BDF1B7EBC791278248A9196701DDDF ] C:\Windows\SysWOW64\kernel32.dll
    12:16:32.0613 0x1534  C:\Windows\SysWOW64\kernel32.dll - ok
    12:16:32.0613 0x1534  [ 1B7343C3765638D4D17CB925F84F8ABE, FDD4F8B409A6C6870C56BBCDCD07902D825FCB13ABB316FD804B6AAAF996600B ] C:\Windows\SysWOW64\KernelBase.dll
    12:16:32.0613 0x1534  C:\Windows\SysWOW64\KernelBase.dll - ok
    12:16:32.0613 0x1534  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
    12:16:32.0613 0x1534  C:\Windows\SysWOW64\user32.dll - ok
    12:16:32.0613 0x1534  [ D6D3AD7BF1D6F6CE9547613ED5E170A2, EA3BD7FEC193A8CFE1D5736301ACADC476FB6AAC5475A45776D0A638E9845445 ] C:\Windows\SysWOW64\gdi32.dll
    12:16:32.0613 0x1534  C:\Windows\SysWOW64\gdi32.dll - ok
    12:16:32.0629 0x1534  [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
    12:16:32.0629 0x1534  C:\Windows\SysWOW64\lpk.dll - ok
    12:16:32.0629 0x1534  [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
    12:16:32.0629 0x1534  C:\Windows\SysWOW64\msvcrt.dll - ok
    12:16:32.0629 0x1534  [ B7230010D97787AF3D25E4C82F2B06B9, C795E9811CD461F8E98D1738667EB0C265A57065EA3420CE596D5038E7430C1E ] C:\Windows\SysWOW64\usp10.dll
    12:16:32.0629 0x1534  C:\Windows\SysWOW64\usp10.dll - ok
    12:16:32.0629 0x1534  [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
    12:16:32.0629 0x1534  C:\Windows\SysWOW64\advapi32.dll - ok
    12:16:32.0644 0x1534  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
    12:16:32.0644 0x1534  C:\Windows\SysWOW64\cryptbase.dll - ok
    12:16:32.0644 0x1534  [ 4DC999CED9429939D75682EBD7D48901, 4E2DB6E4C500980488010AF1125A73D0F958889379F05DB304A220B4BB2D1834 ] C:\Windows\SysWOW64\rpcrt4.dll
    12:16:32.0644 0x1534  C:\Windows\SysWOW64\rpcrt4.dll - ok
    12:16:32.0644 0x1534  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
    12:16:32.0644 0x1534  C:\Windows\SysWOW64\sechost.dll - ok
    12:16:32.0644 0x1534  [ EDA7AD21DF8945528F01F0A86D69E524, 8FF2CC12AF30F1DC367ABD19FA9CB0F42EC6EE820F6E755BEFCEFE952C22E2F6 ] C:\Windows\SysWOW64\sspicli.dll
    12:16:32.0644 0x1534  C:\Windows\SysWOW64\sspicli.dll - ok
    12:16:32.0644 0x1534  [ E02781D4871844DCD30DF1D69A650F78, DC77302F06CD6CF7FC2C3B0F433A4AE41DF869B9F342C0656CCD8A125B3D3318 ] C:\Windows\SysWOW64\shell32.dll
    12:16:32.0644 0x1534  C:\Windows\SysWOW64\shell32.dll - ok
    12:16:32.0660 0x1534  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
    12:16:32.0660 0x1534  C:\Windows\System32\uDWM.dll - ok
    12:16:32.0660 0x1534  [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
    12:16:32.0660 0x1534  C:\Windows\SysWOW64\ole32.dll - ok
    12:16:32.0660 0x1534  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
    12:16:32.0660 0x1534  C:\Windows\SysWOW64\shlwapi.dll - ok
    12:16:32.0660 0x1534  [ AE8EB083B050E17A7D6EB5E28AECDDD6, CC57A9AAA9E89A2F15F64C0F23D6CA7F7D0C5CE435DFAB2993A73F42764AC6B3 ] C:\Windows\SysWOW64\crypt32.dll
    12:16:32.0660 0x1534  C:\Windows\SysWOW64\crypt32.dll - ok
    12:16:32.0676 0x1534  [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
    12:16:32.0676 0x1534  C:\Windows\SysWOW64\oleaut32.dll - ok
    12:16:32.0676 0x1534  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
    12:16:32.0676 0x1534  C:\Windows\SysWOW64\msasn1.dll - ok
    12:16:32.0676 0x1534  [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
    12:16:32.0676 0x1534  C:\Windows\SysWOW64\wintrust.dll - ok
    12:16:32.0676 0x1534  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
    12:16:32.0676 0x1534  C:\Windows\SysWOW64\imm32.dll - ok
    12:16:32.0691 0x1534  [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5, AE163388201EF2F119E11265586E7DA32C6E5B348E0CC32E3F72E21EBFD0843B ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
    12:16:32.0691 0x1534  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
    12:16:32.0691 0x1534  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
    12:16:32.0691 0x1534  C:\Windows\SysWOW64\msctf.dll - ok
    12:16:32.0691 0x1534  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    12:16:32.0691 0x1534  C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - ok
    12:16:32.0691 0x1534  [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
    12:16:32.0691 0x1534  C:\Windows\SysWOW64\winhttp.dll - ok
    12:16:32.0691 0x1534  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
    12:16:32.0691 0x1534  C:\Windows\SysWOW64\clbcatq.dll - ok
    12:16:32.0691 0x1534  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
    12:16:32.0691 0x1534  C:\Windows\SysWOW64\profapi.dll - ok
    12:16:32.0707 0x1534  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
    12:16:32.0707 0x1534  C:\Windows\SysWOW64\SensApi.dll - ok
    12:16:32.0707 0x1534  [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
    12:16:32.0707 0x1534  C:\Windows\SysWOW64\webio.dll - ok
    12:16:32.0707 0x1534  [ EAADD6E47ED2A7003ACE1793B98CF63F, EE090284CA4595B6A140949A41025926CEC3CCACCD2931B6AC77A1E14D20E5B4 ] C:\Windows\SysWOW64\msxml6.dll
    12:16:32.0707 0x1534  C:\Windows\SysWOW64\msxml6.dll - ok
    12:16:32.0707 0x1534  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    12:16:32.0707 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
    12:16:32.0707 0x1534  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
    12:16:32.0707 0x1534  C:\Windows\System32\cryptsvc.dll - ok
    12:16:32.0707 0x1534  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
    12:16:32.0707 0x1534  C:\Windows\System32\dps.dll - ok
    12:16:32.0722 0x1534  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] C:\Windows\System32\IKEEXT.DLL
    12:16:32.0722 0x1534  C:\Windows\System32\IKEEXT.DLL - ok
    12:16:32.0722 0x1534  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
    12:16:32.0722 0x1534  C:\Windows\SysWOW64\cryptsp.dll - ok
    12:16:32.0722 0x1534  [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
    12:16:32.0722 0x1534  C:\Windows\System32\cryptnet.dll - ok
    12:16:32.0722 0x1534  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
    12:16:32.0722 0x1534  C:\Windows\System32\vssapi.dll - ok
    12:16:32.0722 0x1534  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
    12:16:32.0722 0x1534  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
    12:16:32.0722 0x1534  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
    12:16:32.0722 0x1534  C:\Windows\SysWOW64\rsaenh.dll - ok
    12:16:32.0738 0x1534  [ EF39CCCC9AD927A25334AE0B41A8A343, EC5FB376F84697F42B632BC9775D362CF6C54A68E26A0CF027D90F5A419BEA74 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
    12:16:32.0738 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
    12:16:32.0738 0x1534  [ 9275F02BEA644F43A459E316A932658F, A4B9A716BEF1ADFDDA4C44D4838EC57BD77DEE29C4B4737B58A9375C2366A87F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
    12:16:32.0738 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
    12:16:32.0738 0x1534  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
    12:16:32.0738 0x1534  C:\Windows\System32\taskschd.dll - ok
    12:16:32.0738 0x1534  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
    12:16:32.0738 0x1534  C:\Windows\SysWOW64\version.dll - ok
    12:16:32.0738 0x1534  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
    12:16:32.0738 0x1534  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
    12:16:32.0738 0x1534  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
    12:16:32.0738 0x1534  C:\Windows\SysWOW64\nsi.dll - ok
    12:16:32.0754 0x1534  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
    12:16:32.0754 0x1534  C:\Windows\SysWOW64\userenv.dll - ok
    12:16:32.0754 0x1534  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
    12:16:32.0754 0x1534  C:\Windows\SysWOW64\winnsi.dll - ok
    12:16:32.0754 0x1534  [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
    12:16:32.0754 0x1534  C:\Windows\SysWOW64\ws2_32.dll - ok
    12:16:32.0754 0x1534  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
    12:16:32.0754 0x1534  C:\Windows\SysWOW64\wtsapi32.dll - ok
    12:16:32.0754 0x1534  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
    12:16:32.0754 0x1534  C:\Windows\System32\vsstrace.dll - ok
    12:16:32.0754 0x1534  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    12:16:32.0754 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
    12:16:32.0769 0x1534  [ 80D8679BF84A9383BFF33E07D5D9FC35, 0986806F2504C8A66FA8DEF7923A69E90A2390DD447BE53AD1824240CE68EC1E ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
    12:16:32.0769 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
    12:16:32.0769 0x1534  [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
    12:16:32.0769 0x1534  C:\Windows\System32\vpnikeapi.dll - ok
    12:16:32.0769 0x1534  [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    12:16:32.0769 0x1534  C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe - ok
    12:16:32.0769 0x1534  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
    12:16:32.0769 0x1534  C:\Windows\SysWOW64\mpr.dll - ok
    12:16:32.0769 0x1534  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
    12:16:32.0769 0x1534  C:\Windows\SysWOW64\psapi.dll - ok
    12:16:32.0785 0x1534  [ 366FD6F3A451351B5DF2D7C4ECF4C73A, AE3CB6C6AFBA9A4AA5C85F66023C35338CA579B30326DD02918F9D55259503D5 ] C:\Windows\System32\msvcr100.dll
    12:16:32.0785 0x1534  C:\Windows\System32\msvcr100.dll - ok
    12:16:32.0785 0x1534  [ E8B624AEF824B508FEA02DE0D6DA71FA, 5D68BB045CBFF470802A5CFE31A0EBE12AD8B2903E1BB295D0A8171AB8DF4844 ] C:\PROGRA~2\McAfee\SITEAD~1\sasshmod.dll
    12:16:32.0785 0x1534  C:\PROGRA~2\McAfee\SITEAD~1\sasshmod.dll - ok
    12:16:32.0785 0x1534  [ 34FCA19FE407A7B9996DB5B4CCEC5C8C, B43AE1B6F9821BCC2CE0DD1D12F3716941487791237C7129CA9C961CBBFC1EEB ] C:\Program Files\McAfee\MSC\McAPExe.exe
    12:16:32.0785 0x1534  C:\Program Files\McAfee\MSC\McAPExe.exe - ok
    12:16:32.0785 0x1534  [ EC8DDCAA27A6946E2796FBC2D41C58DB, D5D27D742E051DD3BA2A1E417809237B416CCA1B3ABF5CBFF9E2C58E9C1BA6F1 ] C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll
    12:16:32.0785 0x1534  C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll - ok
    12:16:32.0785 0x1534  [ D06F5438E6175867BAAC281060AD662E, 55F5BE5473BAA2526CE9E154175DBC33BC3D43CA0652405A62D634D4EED1D4FF ] C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
    12:16:32.0785 0x1534  C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll - ok
    12:16:32.0785 0x1534  [ 295657F93F6B19DEEA804048E1CB4FF9, 1528AFDD25E59EBD1EFE3E694CCCA9365251DAC679D693AC9809A6D86B335770 ] C:\Windows\System32\lz32.dll
    12:16:32.0785 0x1534  C:\Windows\System32\lz32.dll - ok
    12:16:32.0800 0x1534  [ 9E18496715CF1BF8400DB120E69090E4, 3A24A7E5920FA7EC67FB078C23F7C403D74B7EDDA4817C6A55CAE1ADBC521BF1 ] C:\Windows\System32\mfevtps.exe
    12:16:32.0800 0x1534  C:\Windows\System32\mfevtps.exe - ok
    12:16:32.0800 0x1534  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
    12:16:32.0800 0x1534  C:\Windows\System32\sfc.dll - ok
    12:16:32.0800 0x1534  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
    12:16:32.0800 0x1534  C:\Windows\System32\sfc_os.dll - ok
    12:16:32.0800 0x1534  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
    12:16:32.0800 0x1534  C:\Windows\System32\nlasvc.dll - ok
    12:16:32.0800 0x1534  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
    12:16:32.0800 0x1534  C:\Windows\SysWOW64\ntmarta.dll - ok
    12:16:32.0800 0x1534  [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
    12:16:32.0800 0x1534  C:\Windows\SysWOW64\winsta.dll - ok
    12:16:32.0816 0x1534  [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
    12:16:32.0816 0x1534  C:\Windows\SysWOW64\Wldap32.dll - ok
    12:16:32.0816 0x1534  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
    12:16:32.0816 0x1534  C:\Windows\System32\drivers\PEAuth.sys - ok
    12:16:32.0816 0x1534  [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
    12:16:32.0816 0x1534  C:\Windows\System32\ncsi.dll - ok
    12:16:32.0816 0x1534  [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
    12:16:32.0816 0x1534  C:\Windows\SysWOW64\apphelp.dll - ok
    12:16:32.0816 0x1534  [ D1D5DAB39DCB4BE0359943738D87409B, 0BA45FE28568E852502879AE83C081517BB8103359BD5783328833EC59A54681 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    12:16:32.0816 0x1534  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
    12:16:32.0816 0x1534  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
    12:16:32.0816 0x1534  C:\Windows\System32\drivers\secdrv.sys - ok
    12:16:32.0832 0x1534  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] C:\Windows\System32\seclogon.dll
    12:16:32.0832 0x1534  C:\Windows\System32\seclogon.dll - ok
    12:16:32.0832 0x1534  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
    12:16:32.0832 0x1534  C:\Windows\System32\ssdpapi.dll - ok
    12:16:32.0832 0x1534  [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
    12:16:32.0832 0x1534  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
    12:16:32.0832 0x1534  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
    12:16:32.0832 0x1534  C:\Windows\SysWOW64\dwmapi.dll - ok

  18. It took me a while to digest and understand how to run the TDSSKiller program.  It came up with no threats.  The log is too long to post in one reply.  Here's the first part of the log.

     

    12:14:19.0292 0x0db8  TDSS rootkit removing tool 3.0.0.16 Nov  1 2013 15:53:38
    12:14:19.0838 0x0db8  ============================================================
    12:14:19.0838 0x0db8  Current date / time: 2013/11/05 12:14:19.0838
    12:14:19.0838 0x0db8  SystemInfo:
    12:14:19.0838 0x0db8  
    12:14:19.0838 0x0db8  OS Version: 6.1.7601 ServicePack: 1.0
    12:14:19.0838 0x0db8  Product type: Workstation
    12:14:19.0838 0x0db8  ComputerName: LINDA-PC
    12:14:19.0838 0x0db8  UserName: Linda
    12:14:19.0838 0x0db8  Windows directory: C:\windows
    12:14:19.0838 0x0db8  System windows directory: C:\windows
    12:14:19.0838 0x0db8  Running under WOW64
    12:14:19.0838 0x0db8  Processor architecture: Intel x64
    12:14:19.0838 0x0db8  Number of processors: 4
    12:14:19.0838 0x0db8  Page size: 0x1000
    12:14:19.0838 0x0db8  Boot type: Normal boot
    12:14:19.0838 0x0db8  ============================================================
    12:14:19.0838 0x0db8  BG loaded
    12:14:20.0306 0x0db8  System UUID: {EE8A3071-6067-00B0-B813-7CF0E54CB3A9}
    12:14:20.0961 0x0db8  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    12:14:20.0977 0x0db8  ============================================================
    12:14:20.0977 0x0db8  \Device\Harddisk0\DR0:
    12:14:20.0977 0x0db8  MBR partitions:
    12:14:20.0977 0x0db8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    12:14:20.0977 0x0db8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAB82F800
    12:14:20.0977 0x0db8  ============================================================
    12:14:21.0024 0x0db8  C: <-> \Device\Harddisk0\DR0\Partition2
    12:14:21.0024 0x0db8  ============================================================
    12:14:21.0024 0x0db8  Initialize success
    12:14:21.0024 0x0db8  ============================================================
    12:15:36.0797 0x1534  ============================================================
    12:15:36.0797 0x1534  Scan started
    12:15:36.0797 0x1534  Mode: Manual; SigCheck; TDLFS;
    12:15:36.0797 0x1534  ============================================================
    12:15:36.0797 0x1534  KSN ping started
    12:15:54.0555 0x1534  KSN ping finished: true
    12:15:56.0080 0x1534  ================ Scan system memory ========================
    12:15:56.0080 0x1534  System memory - ok
    12:15:56.0081 0x1534  ================ Scan services =============================
    12:15:56.0221 0x1534  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
    12:15:56.0367 0x1534  1394ohci - ok
    12:15:56.0394 0x1534  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
    12:15:56.0413 0x1534  ACPI - ok
    12:15:56.0427 0x1534  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
    12:15:56.0493 0x1534  AcpiPmi - ok
    12:15:56.0621 0x1534  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    12:15:56.0640 0x1534  AdobeARMservice - ok
    12:15:56.0735 0x1534  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    12:15:56.0756 0x1534  AdobeFlashPlayerUpdateSvc - ok
    12:15:56.0789 0x1534  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
    12:15:56.0812 0x1534  adp94xx - ok
    12:15:56.0833 0x1534  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
    12:15:56.0851 0x1534  adpahci - ok
    12:15:56.0868 0x1534  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
    12:15:56.0881 0x1534  adpu320 - ok
    12:15:56.0905 0x1534  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
    12:15:57.0004 0x1534  AeLookupSvc - ok
    12:15:57.0041 0x1534  [ 314C17917AC8523EC77A710215012A65, 725CF2D5F63C06F7704C24FE0CFA696215DADC6C0EC445D9671E82F8E23E56AD ] AFD             C:\windows\system32\drivers\afd.sys
    12:15:57.0087 0x1534  AFD - ok
    12:15:57.0102 0x1534  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
    12:15:57.0114 0x1534  agp440 - ok
    12:15:57.0140 0x1534  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
    12:15:57.0192 0x1534  ALG - ok
    12:15:57.0216 0x1534  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
    12:15:57.0234 0x1534  aliide - ok
    12:15:57.0264 0x1534  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
    12:15:57.0283 0x1534  amdide - ok
    12:15:57.0297 0x1534  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
    12:15:57.0325 0x1534  AmdK8 - ok
    12:15:57.0350 0x1534  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
    12:15:57.0367 0x1534  AmdPPM - ok
    12:15:57.0391 0x1534  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
    12:15:57.0406 0x1534  amdsata - ok
    12:15:57.0428 0x1534  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
    12:15:57.0446 0x1534  amdsbs - ok
    12:15:57.0460 0x1534  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
    12:15:57.0473 0x1534  amdxata - ok
    12:15:57.0500 0x1534  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
    12:15:57.0645 0x1534  AppID - ok
    12:15:57.0660 0x1534  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
    12:15:57.0714 0x1534  AppIDSvc - ok
    12:15:57.0759 0x1534  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
    12:15:57.0796 0x1534  Appinfo - ok
    12:15:57.0831 0x1534  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
    12:15:57.0842 0x1534  arc - ok
    12:15:57.0854 0x1534  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
    12:15:57.0866 0x1534  arcsas - ok
    12:15:57.0891 0x1534  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
    12:15:57.0931 0x1534  AsyncMac - ok
    12:15:57.0954 0x1534  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
    12:15:57.0963 0x1534  atapi - ok
    12:15:58.0110 0x1534  [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag        C:\windows\system32\DRIVERS\atikmdag.sys
    12:15:58.0301 0x1534  atikmdag - ok
    12:15:58.0330 0x1534  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
    12:15:58.0383 0x1534  AudioEndpointBuilder - ok
    12:15:58.0401 0x1534  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll
    12:15:58.0441 0x1534  AudioSrv - ok
    12:15:58.0473 0x1534  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
    12:15:58.0553 0x1534  AxInstSV - ok
    12:15:58.0594 0x1534  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
    12:15:58.0643 0x1534  b06bdrv - ok
    12:15:58.0677 0x1534  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
    12:15:58.0719 0x1534  b57nd60a - ok
    12:15:58.0794 0x1534  [ 28A4012E68BC9597BCB9B26B51AAC4B6, E198961620630C37C0FDD079B921AF2A0DD61DB4617EAD9C7ED58BE25F480E51 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
    12:15:58.0820 0x1534  BBSvc - ok
    12:15:58.0869 0x1534  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    12:15:58.0891 0x1534  BBUpdate - ok
    12:15:58.0914 0x1534  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
    12:15:58.0956 0x1534  BDESVC - ok
    12:15:58.0969 0x1534  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
    12:15:59.0025 0x1534  Beep - ok
    12:15:59.0091 0x1534  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
    12:15:59.0149 0x1534  BFE - ok
    12:15:59.0191 0x1534  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\system32\qmgr.dll
    12:15:59.0247 0x1534  BITS - ok
    12:15:59.0258 0x1534  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
    12:15:59.0270 0x1534  blbdrive - ok
    12:15:59.0286 0x1534  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
    12:15:59.0320 0x1534  bowser - ok
    12:15:59.0338 0x1534  [ AAA4F992F879977A000FE8B8C730CD2C, A109D3F7CA9D49B98FDA5CA34C60055690F72400CCC96D48076FA86086E4C74D ] BPntDrv         C:\windows\system32\drivers\BPntDrv.sys
    12:15:59.0352 0x1534  BPntDrv - ok
    12:15:59.0362 0x1534  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
    12:15:59.0391 0x1534  BrFiltLo - ok
    12:15:59.0403 0x1534  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
    12:15:59.0417 0x1534  BrFiltUp - ok
    12:15:59.0447 0x1534  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
    12:15:59.0484 0x1534  BridgeMP - ok
    12:15:59.0508 0x1534  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
    12:15:59.0534 0x1534  Browser - ok
    12:15:59.0556 0x1534  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
    12:15:59.0596 0x1534  Brserid - ok
    12:15:59.0609 0x1534  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
    12:15:59.0630 0x1534  BrSerWdm - ok
    12:15:59.0640 0x1534  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
    12:15:59.0654 0x1534  BrUsbMdm - ok
    12:15:59.0662 0x1534  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
    12:15:59.0674 0x1534  BrUsbSer - ok
    12:15:59.0689 0x1534  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
    12:15:59.0712 0x1534  BTHMODEM - ok
    12:15:59.0729 0x1534  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
    12:15:59.0771 0x1534  bthserv - ok
    12:15:59.0793 0x1534  catchme - ok
    12:15:59.0804 0x1534  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
    12:15:59.0835 0x1534  cdfs - ok
    12:15:59.0873 0x1534  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
    12:15:59.0898 0x1534  cdrom - ok
    12:15:59.0922 0x1534  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
    12:15:59.0951 0x1534  CertPropSvc - ok
    12:15:59.0983 0x1534  [ 4211C57BA2D3B714212E7AC63D6A3F1D, 0EB8996F4C9A70624DB7BA35F3426E47E5ED5F5E1A2933E6ED735BEFDB6B6156 ] cfwids          C:\windows\system32\drivers\cfwids.sys
    12:15:59.0991 0x1534  cfwids - ok
    12:16:00.0011 0x1534  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
    12:16:00.0026 0x1534  circlass - ok
    12:16:00.0043 0x1534  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
    12:16:00.0060 0x1534  CLFS - ok
    12:16:00.0128 0x1534  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    12:16:00.0147 0x1534  clr_optimization_v2.0.50727_32 - ok
    12:16:00.0168 0x1534  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    12:16:00.0188 0x1534  clr_optimization_v2.0.50727_64 - ok
    12:16:00.0243 0x1534  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    12:16:00.0284 0x1534  clr_optimization_v4.0.30319_32 - ok
    12:16:00.0313 0x1534  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    12:16:00.0325 0x1534  clr_optimization_v4.0.30319_64 - ok
    12:16:00.0341 0x1534  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\drivers\CmBatt.sys
    12:16:00.0364 0x1534  CmBatt - ok
    12:16:00.0376 0x1534  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
    12:16:00.0387 0x1534  cmdide - ok
    12:16:00.0424 0x1534  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\windows\system32\Drivers\cng.sys
    12:16:00.0449 0x1534  CNG - ok
    12:16:00.0459 0x1534  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
    12:16:00.0475 0x1534  Compbatt - ok
    12:16:00.0498 0x1534  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
    12:16:00.0529 0x1534  CompositeBus - ok
    12:16:00.0541 0x1534  COMSysApp - ok
    12:16:00.0555 0x1534  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
    12:16:00.0566 0x1534  crcdisk - ok
    12:16:00.0594 0x1534  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll
    12:16:00.0619 0x1534  CryptSvc - ok
    12:16:00.0654 0x1534  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
    12:16:00.0696 0x1534  DcomLaunch - ok
    12:16:00.0772 0x1534  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
    12:16:00.0818 0x1534  defragsvc - ok
    12:16:00.0834 0x1534  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
    12:16:00.0871 0x1534  DfsC - ok
    12:16:00.0886 0x1534  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
    12:16:00.0904 0x1534  Dhcp - ok
    12:16:00.0917 0x1534  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
    12:16:00.0954 0x1534  discache - ok
    12:16:00.0984 0x1534  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
    12:16:01.0004 0x1534  Disk - ok
    12:16:01.0039 0x1534  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
    12:16:01.0099 0x1534  Dnscache - ok
    12:16:01.0123 0x1534  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
    12:16:01.0173 0x1534  dot3svc - ok
    12:16:01.0195 0x1534  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
    12:16:01.0236 0x1534  DPS - ok
    12:16:01.0253 0x1534  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
    12:16:01.0277 0x1534  drmkaud - ok
    12:16:01.0356 0x1534  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
    12:16:01.0393 0x1534  DXGKrnl - ok
    12:16:01.0431 0x1534  [ 6BAFD9819D9FEC2EDBAEBC8493C711A4, 689A30C9F881D8C49F90A6C75DA816055B43B84776E815C1DE80B3933ADBB174 ] e1cexpress      C:\windows\system32\DRIVERS\e1c62x64.sys
    12:16:01.0444 0x1534  e1cexpress - ok
    12:16:01.0470 0x1534  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
    12:16:01.0500 0x1534  EapHost - ok
    12:16:01.0597 0x1534  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
    12:16:01.0774 0x1534  ebdrv - ok
    12:16:01.0799 0x1534  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\windows\System32\lsass.exe
    12:16:01.0839 0x1534  EFS - ok
    12:16:01.0896 0x1534  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
    12:16:01.0956 0x1534  ehRecvr - ok
    12:16:01.0966 0x1534  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
    12:16:01.0983 0x1534  ehSched - ok
    12:16:02.0029 0x1534  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
    12:16:02.0057 0x1534  elxstor - ok
    12:16:02.0066 0x1534  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
    12:16:02.0096 0x1534  ErrDev - ok
    12:16:02.0153 0x1534  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
    12:16:02.0204 0x1534  EventSystem - ok
    12:16:02.0228 0x1534  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
    12:16:02.0261 0x1534  exfat - ok
    12:16:02.0286 0x1534  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
    12:16:02.0330 0x1534  fastfat - ok
    12:16:02.0362 0x1534  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
    12:16:02.0407 0x1534  Fax - ok
    12:16:02.0696 0x1534  [ 3191ACA33088EE2481044FC0DB736442, 9311069BCA14FB7D5FDFFDB29566D045AB55A8657574C8BD864F8ED9527DEAF5 ] fbfmon          C:\windows\system32\drivers\fbfmon.sys
    12:16:02.0714 0x1534  fbfmon - ok
    12:16:02.0728 0x1534  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
    12:16:02.0748 0x1534  fdc - ok
    12:16:02.0782 0x1534  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
    12:16:02.0813 0x1534  fdPHost - ok
    12:16:02.0827 0x1534  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
    12:16:02.0860 0x1534  FDResPub - ok
    12:16:02.0882 0x1534  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
    12:16:02.0897 0x1534  FileInfo - ok
    12:16:02.0909 0x1534  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
    12:16:02.0969 0x1534  Filetrace - ok
    12:16:03.0002 0x1534  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
    12:16:03.0015 0x1534  flpydisk - ok
    12:16:03.0033 0x1534  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
    12:16:03.0048 0x1534  FltMgr - ok
    12:16:03.0231 0x1534  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
    12:16:03.0313 0x1534  FontCache - ok
    12:16:03.0386 0x1534  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    12:16:03.0401 0x1534  FontCache3.0.0.0 - ok
    12:16:03.0430 0x1534  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
    12:16:03.0449 0x1534  FsDepends - ok
    12:16:03.0501 0x1534  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
    12:16:03.0516 0x1534  Fs_Rec - ok
    12:16:03.0585 0x1534  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
    12:16:03.0615 0x1534  fvevol - ok
    12:16:03.0654 0x1534  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
    12:16:03.0665 0x1534  gagp30kx - ok
    12:16:03.0712 0x1534  [ 33BF7E4E3E5FF9DF8CA7A98F527B57CB, 460A4320B3C493CF80D058EC2A8C26E4A785ABB434D0D45A34F4A55B1A88CFF6 ] GeneStor        C:\windows\system32\DRIVERS\GeneStor.sys
    12:16:03.0737 0x1534  GeneStor - ok
    12:16:03.0829 0x1534  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
    12:16:03.0873 0x1534  gpsvc - ok
    12:16:03.0946 0x1534  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    12:16:03.0968 0x1534  gupdate - ok
    12:16:04.0055 0x1534  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    12:16:04.0068 0x1534  gupdatem - ok
    12:16:04.0086 0x1534  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
    12:16:04.0120 0x1534  hcw85cir - ok
    12:16:04.0186 0x1534  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
    12:16:04.0223 0x1534  HdAudAddService - ok
    12:16:04.0246 0x1534  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
    12:16:04.0271 0x1534  HDAudBus - ok
    12:16:04.0301 0x1534  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
    12:16:04.0314 0x1534  HidBatt - ok
    12:16:04.0361 0x1534  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
    12:16:04.0432 0x1534  HidBth - ok
    12:16:04.0452 0x1534  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
    12:16:04.0471 0x1534  HidIr - ok
    12:16:04.0513 0x1534  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\System32\hidserv.dll
    12:16:04.0565 0x1534  hidserv - ok
    12:16:04.0622 0x1534  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\drivers\hidusb.sys
    12:16:04.0647 0x1534  HidUsb - ok
    12:16:04.0877 0x1534  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\windows\system32\drivers\HipShieldK.sys
    12:16:04.0908 0x1534  HipShieldK - ok
    12:16:04.0938 0x1534  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
    12:16:05.0007 0x1534  hkmsvc - ok
    12:16:05.0028 0x1534  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
    12:16:05.0065 0x1534  HomeGroupListener - ok
    12:16:05.0101 0x1534  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
    12:16:05.0128 0x1534  HomeGroupProvider - ok
    12:16:05.0486 0x1534  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    12:16:05.0500 0x1534  HomeNetSvc - ok
    12:16:05.0645 0x1534  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
    12:16:05.0665 0x1534  HpSAMD - ok
    12:16:05.0754 0x1534  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
    12:16:05.0805 0x1534  HTTP - ok
    12:16:05.0816 0x1534  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
    12:16:05.0828 0x1534  hwpolicy - ok
    12:16:05.0877 0x1534  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
    12:16:05.0895 0x1534  i8042prt - ok
    12:16:05.0992 0x1534  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
    12:16:06.0037 0x1534  iaStorV - ok
    12:16:06.0135 0x1534  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    12:16:06.0174 0x1534  idsvc - ok
    12:16:06.0842 0x1534  [ 5A3D48DE22390A270FE8786ECA07D7FF, 32F9F83802C223BBE651D5F02C00A3AA9ACA09440F7F256C7E487FA9785B3E0D ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
    12:16:07.0230 0x1534  igfx - ok
    12:16:07.0270 0x1534  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
    12:16:07.0284 0x1534  iirsp - ok
    12:16:07.0393 0x1534  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\windows\System32\ikeext.dll
    12:16:07.0455 0x1534  IKEEXT - ok
    12:16:07.0687 0x1534  [ 62C93ABEC0F8A9A235BF7A86B9FC3A0C, 0347B4277D8DF1EA371676D5718222963894F3697AE75A5F3370FC31F4B566F6 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
    12:16:07.0742 0x1534  IntcAzAudAddService - ok
    12:16:07.0811 0x1534  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
    12:16:07.0837 0x1534  IntcDAud - ok
    12:16:07.0880 0x1534  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
    12:16:07.0898 0x1534  intelide - ok
    12:16:07.0929 0x1534  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
    12:16:08.0089 0x1534  intelppm - ok
    12:16:08.0141 0x1534  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
    12:16:08.0271 0x1534  IPBusEnum - ok
    12:16:08.0294 0x1534  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
    12:16:08.0324 0x1534  IpFilterDriver - ok
    12:16:08.0464 0x1534  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
    12:16:08.0542 0x1534  iphlpsvc - ok
    12:16:08.0648 0x1534  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
    12:16:08.0683 0x1534  IPMIDRV - ok
    12:16:08.0698 0x1534  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
    12:16:08.0754 0x1534  IPNAT - ok
    12:16:08.0786 0x1534  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
    12:16:08.0802 0x1534  IRENUM - ok
    12:16:08.0817 0x1534  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
    12:16:08.0827 0x1534  isapnp - ok
    12:16:08.0863 0x1534  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
    12:16:08.0883 0x1534  iScsiPrt - ok
    12:16:08.0942 0x1534  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
    12:16:08.0962 0x1534  kbdclass - ok
    12:16:09.0003 0x1534  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
    12:16:09.0025 0x1534  kbdhid - ok
    12:16:09.0046 0x1534  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\windows\system32\lsass.exe
    12:16:09.0057 0x1534  KeyIso - ok
    12:16:09.0176 0x1534  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
    12:16:09.0202 0x1534  KSecDD - ok
    12:16:09.0241 0x1534  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
    12:16:09.0262 0x1534  KSecPkg - ok
    12:16:09.0266 0x1534  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
    12:16:09.0330 0x1534  ksthunk - ok
    12:16:09.0429 0x1534  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
    12:16:09.0496 0x1534  KtmRm - ok
    12:16:09.0554 0x1534  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\System32\srvsvc.dll
    12:16:09.0620 0x1534  LanmanServer - ok
    12:16:09.0645 0x1534  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
    12:16:09.0689 0x1534  LanmanWorkstation - ok
    12:16:09.0738 0x1534  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
    12:16:09.0805 0x1534  lltdio - ok
    12:16:09.0826 0x1534  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
    12:16:09.0873 0x1534  lltdsvc - ok
    12:16:09.0915 0x1534  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
    12:16:09.0942 0x1534  lmhosts - ok
    12:16:10.0040 0x1534  [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    12:16:10.0063 0x1534  LMS - ok
    12:16:10.0108 0x1534  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
    12:16:10.0129 0x1534  LSI_FC - ok
    12:16:10.0137 0x1534  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
    12:16:10.0151 0x1534  LSI_SAS - ok
    12:16:10.0186 0x1534  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
    12:16:10.0198 0x1534  LSI_SAS2 - ok
    12:16:10.0215 0x1534  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
    12:16:10.0227 0x1534  LSI_SCSI - ok
    12:16:10.0293 0x1534  [ A9CB93A568B7F60ECBD4EC647B20EC88, 817D111E55A23EF8A8A7F03CD932BCE78B6DDCD919B66C3B9FC05FEE8960E3E3 ] lsnfd           C:\windows\system32\drivers\lsnfd.sys
    12:16:10.0310 0x1534  lsnfd - ok
    12:16:10.0340 0x1534  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
    12:16:10.0380 0x1534  luafv - ok
    12:16:10.0422 0x1534  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
    12:16:10.0432 0x1534  MBAMProtector - ok
    12:16:10.0471 0x1534  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    12:16:10.0487 0x1534  MBAMScheduler - ok
    12:16:10.0538 0x1534  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    12:16:10.0560 0x1534  MBAMService - ok
    12:16:10.0640 0x1534  [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    12:16:10.0662 0x1534  McAfee SiteAdvisor Service - ok
    12:16:10.0802 0x1534  [ 34FCA19FE407A7B9996DB5B4CCEC5C8C, B43AE1B6F9821BCC2CE0DD1D12F3716941487791237C7129CA9C961CBBFC1EEB ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
    12:16:10.0822 0x1534  McAPExe - ok
    12:16:10.0950 0x1534  [ 968BFF74AEB683C962960ECE0CAE4135, 3E08B39DE27FE27A27BD3E81486F0FCA1947D4B50BFE0167A0C27CE48DD56793 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
    12:16:10.0969 0x1534  McComponentHostService - ok
    12:16:10.0998 0x1534  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    12:16:11.0013 0x1534  McMPFSvc - ok
    12:16:11.0033 0x1534  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    12:16:11.0049 0x1534  McNaiAnn - ok
    12:16:11.0260 0x1534  [ 63D93A440E7AC015D85B9A3DA0C1BBAF, 849A13E91B041DEC2A47F5BE65ADBA6CAC8AF01675D0D8E13730724B54B4DD15 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
    12:16:11.0324 0x1534  McODS - ok
    12:16:11.0338 0x1534  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    12:16:11.0352 0x1534  mcpltsvc - ok
    12:16:11.0364 0x1534  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    12:16:11.0378 0x1534  McProxy - ok
    12:16:11.0413 0x1534  [ F4BE81C919FC0A012F5357E3911D4B67, 8FC3D787A1FACE8022D9BF1A4B024E313F8FD7535696D5E868DC2839E3B76E72 ] McPvDrv         C:\windows\system32\drivers\McPvDrv.sys
    12:16:11.0430 0x1534  McPvDrv - ok
    12:16:11.0467 0x1534  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
    12:16:11.0496 0x1534  Mcx2Svc - ok
    12:16:11.0523 0x1534  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
    12:16:11.0534 0x1534  megasas - ok
    12:16:11.0557 0x1534  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
    12:16:11.0575 0x1534  MegaSR - ok
    12:16:11.0669 0x1534  [ 1C6E73FC46B509EFF9D0086AA37132DF, B4FB5512D75112C553FC22593F6123A7C9B9B7825D40148F604CCEFEB149FD97 ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
    12:16:11.0686 0x1534  MEIx64 - ok
    12:16:11.0738 0x1534  [ 3D7E3F388680F1F854599C73D8AAF535, A459C50A40CD16FFB3ADFA0D56DDB79895CCD25F96C53F64F494745D58C3DA06 ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys
    12:16:11.0749 0x1534  mfeapfk - ok
    12:16:11.0805 0x1534  [ 486D22007426F10779C6351D305E9E43, 4796A017092DBDBCC8E282B36F89219944321B5279C88E369C0CFFF8CDC97742 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys
    12:16:11.0820 0x1534  mfeavfk - ok
    12:16:11.0966 0x1534  [ 8036004F016125C907FC9351141F95AA, 10DE20FCB2D33E25E443C10EED4551CBAE9C16CD6D08B69BF91868A2F27DAF53 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    12:16:11.0999 0x1534  mfecore - ok
    12:16:12.0074 0x1534  [ B4B4FAB730F3392E2F7FF0F7BD59CFF9, 99237F6ACA1968154CF2621FC8364A28351F045690939216BAA6C4CDB3889B9A ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    12:16:12.0086 0x1534  mfefire - ok
    12:16:12.0108 0x1534  [ DFDDC10E9666DBFDB8F2E827B7C2DCE4, 7CCE610BAE3C8BBA59A90B840782C0F9DFDC82AFABA9E9AB5F78C02F7CADB8FA ] mfefirek        C:\windows\system32\drivers\mfefirek.sys
    12:16:12.0129 0x1534  mfefirek - ok
    12:16:12.0182 0x1534  [ 514EC1C14BA51CE6B8F60AEFE390CA3E, 187E8539F4B97F0E1B9DF6717C80AD2A6C3C33210255DB927DE511991EC175DB ] mfehidk         C:\windows\system32\drivers\mfehidk.sys
    12:16:12.0224 0x1534  mfehidk - ok
    12:16:12.0247 0x1534  [ 73A92690FF5CFFE5A741912311AA1A6C, 52B6DACF023A704785D2F346F61D5896DF1E06C1ED37540741227333C4BE921A ] mfencbdc        C:\windows\system32\DRIVERS\mfencbdc.sys
    12:16:12.0264 0x1534  mfencbdc - ok
    12:16:12.0301 0x1534  [ CB987596EE0964958AFA677360B6174B, 2852B8DC0F160ED6B2EE310FEC1BB19B93D619688C25C6296F7214959996FA6B ] mfencrk         C:\windows\system32\DRIVERS\mfencrk.sys
    12:16:12.0311 0x1534  mfencrk - ok
    12:16:12.0367 0x1534  [ 9E18496715CF1BF8400DB120E69090E4, 3A24A7E5920FA7EC67FB078C23F7C403D74B7EDDA4817C6A55CAE1ADBC521BF1 ] mfevtp          C:\windows\system32\mfevtps.exe
    12:16:12.0379 0x1534  mfevtp - ok
    12:16:12.0443 0x1534  [ 4DC3D77F2BBC1EFFB08E8D25D7E6B4D6, 7F3A81FD0A45B67EC330EB1C611F0B36196A51E9209D02016CFE82BD267DA14A ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys
    12:16:12.0473 0x1534  mfewfpk - ok
    12:16:12.0508 0x1534  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
    12:16:12.0579 0x1534  MMCSS - ok
    12:16:12.0660 0x1534  [ AF70088AC53BC03B7EEA23F4E77AEC46, 71D36369CD01AE4C71179B2D1FECE5707B2F1F29E0EC2BA7232EFEE4AD61B98C ] MOBK400backup   C:\Program Files (x86)\McAfee Online Backup\MOBK400backup.exe
    12:16:12.0674 0x1534  MOBK400backup - ok
    12:16:12.0696 0x1534  [ 3C69AA906EE867ADE4437ACD8460B43D, E952B1F8B95EE89C12F5F943200D5764FDF77C1D21C19BF0FFBBFB44537AF732 ] MOBK400Filter   C:\windows\system32\DRIVERS\MOBK400.sys
    12:16:12.0705 0x1534  MOBK400Filter - ok
    12:16:12.0770 0x1534  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
    12:16:12.0828 0x1534  Modem - ok
    12:16:12.0855 0x1534  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
    12:16:12.0893 0x1534  monitor - ok
    12:16:12.0953 0x1534  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
    12:16:12.0971 0x1534  mouclass - ok
    12:16:13.0011 0x1534  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
    12:16:13.0106 0x1534  mouhid - ok
    12:16:13.0121 0x1534  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
    12:16:13.0138 0x1534  mountmgr - ok
    12:16:13.0328 0x1534  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    12:16:13.0343 0x1534  MozillaMaintenance - ok
    12:16:13.0379 0x1534  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
    12:16:13.0396 0x1534  mpio - ok
    12:16:13.0481 0x1534  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
    12:16:13.0535 0x1534  mpsdrv - ok
    12:16:13.0655 0x1534  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
    12:16:13.0721 0x1534  MpsSvc - ok
    12:16:13.0852 0x1534  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
    12:16:13.0915 0x1534  MRxDAV - ok
    12:16:13.0954 0x1534  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
    12:16:14.0019 0x1534  mrxsmb - ok
    12:16:14.0074 0x1534  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
    12:16:14.0098 0x1534  mrxsmb10 - ok
    12:16:14.0132 0x1534  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
    12:16:14.0144 0x1534  mrxsmb20 - ok
    12:16:14.0168 0x1534  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
    12:16:14.0178 0x1534  msahci - ok
    12:16:14.0199 0x1534  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
    12:16:14.0211 0x1534  msdsm - ok
    12:16:14.0227 0x1534  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
    12:16:14.0254 0x1534  MSDTC - ok
    12:16:14.0287 0x1534  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
    12:16:14.0314 0x1534  Msfs - ok
    12:16:14.0339 0x1534  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
    12:16:14.0386 0x1534  mshidkmdf - ok
    12:16:14.0413 0x1534  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
    12:16:14.0431 0x1534  msisadrv - ok
    12:16:14.0509 0x1534  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
    12:16:14.0575 0x1534  MSiSCSI - ok
    12:16:14.0577 0x1534  msiserver - ok
    12:16:14.0676 0x1534  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    12:16:14.0697 0x1534  MSK80Service - ok
    12:16:14.0722 0x1534  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
    12:16:14.0795 0x1534  MSKSSRV - ok
    12:16:14.0877 0x1534  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
    12:16:14.0918 0x1534  MSPCLOCK - ok
    12:16:14.0933 0x1534  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
    12:16:14.0999 0x1534  MSPQM - ok
    12:16:15.0063 0x1534  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
    12:16:15.0118 0x1534  MsRPC - ok
    12:16:15.0135 0x1534  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
    12:16:15.0147 0x1534  mssmbios - ok
    12:16:15.0168 0x1534  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
    12:16:15.0213 0x1534  MSTEE - ok
    12:16:15.0223 0x1534  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
    12:16:15.0239 0x1534  MTConfig - ok
    12:16:15.0257 0x1534  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
    12:16:15.0273 0x1534  Mup - ok
    12:16:15.0344 0x1534  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
    12:16:15.0425 0x1534  napagent - ok
    12:16:15.0466 0x1534  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
    12:16:15.0499 0x1534  NativeWifiP - ok
    12:16:15.0607 0x1534  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
    12:16:15.0638 0x1534  NDIS - ok
    12:16:15.0681 0x1534  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
    12:16:15.0749 0x1534  NdisCap - ok
    12:16:15.0775 0x1534  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
    12:16:15.0802 0x1534  NdisTapi - ok
    12:16:15.0822 0x1534  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
    12:16:15.0858 0x1534  Ndisuio - ok
    12:16:15.0909 0x1534  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
    12:16:15.0990 0x1534  NdisWan - ok
    12:16:16.0036 0x1534  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
    12:16:16.0077 0x1534  NDProxy - ok
    12:16:16.0170 0x1534  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
    12:16:16.0217 0x1534  NetBIOS - ok
    12:16:16.0238 0x1534  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
    12:16:16.0271 0x1534  NetBT - ok
    12:16:16.0282 0x1534  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\windows\system32\lsass.exe
    12:16:16.0293 0x1534  Netlogon - ok
    12:16:16.0366 0x1534  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
    12:16:16.0418 0x1534  Netman - ok
    12:16:16.0488 0x1534  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
    12:16:16.0552 0x1534  netprofm - ok
    12:16:16.0604 0x1534  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    12:16:16.0620 0x1534  NetTcpPortSharing - ok
    12:16:16.0665 0x1534  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
    12:16:16.0687 0x1534  nfrd960 - ok
    12:16:16.0749 0x1534  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll
    12:16:16.0773 0x1534  NlaSvc - ok
    12:16:16.0786 0x1534  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
    12:16:16.0817 0x1534  Npfs - ok
    12:16:16.0848 0x1534  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
    12:16:16.0939 0x1534  nsi - ok
    12:16:16.0951 0x1534  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
    12:16:16.0989 0x1534  nsiproxy - ok
    12:16:17.0159 0x1534  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
    12:16:17.0225 0x1534  Ntfs - ok
    12:16:17.0310 0x1534  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
    12:16:17.0347 0x1534  Null - ok
    12:16:17.0404 0x1534  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
    12:16:17.0424 0x1534  nvraid - ok
    12:16:17.0445 0x1534  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
    12:16:17.0460 0x1534  nvstor - ok
    12:16:17.0491 0x1534  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
    12:16:17.0505 0x1534  nv_agp - ok
    12:16:17.0525 0x1534  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
    12:16:17.0544 0x1534  ohci1394 - ok
    12:16:17.0610 0x1534  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    12:16:17.0631 0x1534  ose - ok
    12:16:18.0138 0x1534  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    12:16:18.0318 0x1534  osppsvc - ok
    12:16:18.0365 0x1534  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
    12:16:18.0435 0x1534  p2pimsvc - ok
    12:16:18.0504 0x1534  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
    12:16:18.0535 0x1534  p2psvc - ok
    12:16:18.0556 0x1534  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
    12:16:18.0570 0x1534  Parport - ok
    12:16:18.0585 0x1534  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
    12:16:18.0596 0x1534  partmgr - ok
    12:16:18.0609 0x1534  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
    12:16:18.0634 0x1534  PcaSvc - ok
    12:16:18.0653 0x1534  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
    12:16:18.0668 0x1534  pci - ok
    12:16:18.0682 0x1534  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
    12:16:18.0691 0x1534  pciide - ok
    12:16:18.0709 0x1534  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
    12:16:18.0723 0x1534  pcmcia - ok
    12:16:18.0739 0x1534  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
    12:16:18.0750 0x1534  pcw - ok
    12:16:18.0772 0x1534  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
    12:16:18.0820 0x1534  PEAUTH - ok
    12:16:19.0091 0x1534  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
    12:16:19.0126 0x1534  PerfHost - ok
    12:16:19.0192 0x1534  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
    12:16:19.0277 0x1534  pla - ok
    12:16:19.0315 0x1534  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
    12:16:19.0383 0x1534  PlugPlay - ok
    12:16:19.0407 0x1534  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
    12:16:19.0427 0x1534  PNRPAutoReg - ok
    12:16:19.0447 0x1534  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
    12:16:19.0468 0x1534  PNRPsvc - ok
    12:16:19.0605 0x1534  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
    12:16:19.0657 0x1534  PolicyAgent - ok
    12:16:19.0684 0x1534  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
    12:16:19.0728 0x1534  Power - ok
    12:16:19.0791 0x1534  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
    12:16:19.0827 0x1534  PptpMiniport - ok
    12:16:19.0864 0x1534  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
    12:16:19.0897 0x1534  Processor - ok
    12:16:19.0924 0x1534  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll
    12:16:19.0957 0x1534  ProfSvc - ok
    12:16:19.0972 0x1534  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\windows\system32\lsass.exe
    12:16:19.0985 0x1534  ProtectedStorage - ok
    12:16:19.0999 0x1534  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
    12:16:20.0042 0x1534  Psched - ok
    12:16:20.0137 0x1534  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
    12:16:20.0204 0x1534  ql2300 - ok
    12:16:20.0227 0x1534  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
    12:16:20.0241 0x1534  ql40xx - ok
    12:16:20.0271 0x1534  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
    12:16:20.0292 0x1534  QWAVE - ok
    12:16:20.0299 0x1534  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
    12:16:20.0314 0x1534  QWAVEdrv - ok
    12:16:20.0321 0x1534  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
    12:16:20.0361 0x1534  RasAcd - ok
    12:16:20.0393 0x1534  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
    12:16:20.0440 0x1534  RasAgileVpn - ok
    12:16:20.0453 0x1534  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
    12:16:20.0495 0x1534  RasAuto - ok
    12:16:20.0511 0x1534  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
    12:16:20.0556 0x1534  Rasl2tp - ok
    12:16:20.0574 0x1534  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
    12:16:20.0612 0x1534  RasMan - ok
    12:16:20.0620 0x1534  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
    12:16:20.0662 0x1534  RasPppoe - ok
    12:16:20.0687 0x1534  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
    12:16:20.0716 0x1534  RasSstp - ok
    12:16:20.0738 0x1534  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
    12:16:20.0780 0x1534  rdbss - ok
    12:16:20.0792 0x1534  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
    12:16:20.0805 0x1534  rdpbus - ok
    12:16:20.0819 0x1534  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
    12:16:20.0847 0x1534  RDPCDD - ok
    12:16:20.0859 0x1534  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
    12:16:20.0893 0x1534  RDPENCDD - ok
    12:16:20.0903 0x1534  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
    12:16:20.0930 0x1534  RDPREFMP - ok
    12:16:20.0950 0x1534  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
    12:16:20.0976 0x1534  RDPWD - ok
    12:16:20.0989 0x1534  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
    12:16:21.0004 0x1534  rdyboost - ok
    12:16:21.0020 0x1534  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
    12:16:21.0051 0x1534  RemoteAccess - ok
    12:16:21.0070 0x1534  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
    12:16:21.0101 0x1534  RemoteRegistry - ok
    12:16:21.0120 0x1534  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
    12:16:21.0160 0x1534  RpcEptMapper - ok
    12:16:21.0163 0x1534  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
    12:16:21.0174 0x1534  RpcLocator - ok
    12:16:21.0200 0x1534  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
    12:16:21.0237 0x1534  RpcSs - ok
    12:16:21.0252 0x1534  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
    12:16:21.0280 0x1534  rspndr - ok
    12:16:21.0356 0x1534  [ 5AD2F62A8AC45F40E02992F8793A5A23, D711F0899E3F70E34D1EBEA3EE6C0B4E1CB14F496E12300A7798296D4BC28CD2 ] RTL8192Ce       C:\windows\system32\DRIVERS\rtl8192Ce.sys
    12:16:21.0384 0x1534  RTL8192Ce - ok
    12:16:21.0396 0x1534  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\windows\system32\lsass.exe
    12:16:21.0407 0x1534  SamSs - ok
    12:16:21.0430 0x1534  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
    12:16:21.0442 0x1534  sbp2port - ok
    12:16:21.0463 0x1534  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
    12:16:21.0495 0x1534  SCardSvr - ok
    12:16:21.0502 0x1534  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
    12:16:21.0540 0x1534  scfilter - ok
    12:16:21.0577 0x1534  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
    12:16:21.0650 0x1534  Schedule - ok
    12:16:21.0675 0x1534  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
    12:16:21.0702 0x1534  SCPolicySvc - ok
    12:16:21.0723 0x1534  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
    12:16:21.0751 0x1534  SDRSVC - ok
    12:16:21.0766 0x1534  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
    12:16:21.0803 0x1534  secdrv - ok
    12:16:21.0816 0x1534  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
    12:16:21.0842 0x1534  seclogon - ok
    12:16:21.0853 0x1534  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\system32\sens.dll
    12:16:21.0895 0x1534  SENS - ok
    12:16:21.0919 0x1534  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
    12:16:21.0941 0x1534  SensrSvc - ok
    12:16:21.0961 0x1534  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
    12:16:21.0979 0x1534  Serenum - ok
    12:16:21.0996 0x1534  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
    12:16:22.0011 0x1534  Serial - ok
    12:16:22.0033 0x1534  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
    12:16:22.0059 0x1534  sermouse - ok
    12:16:22.0081 0x1534  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
    12:16:22.0121 0x1534  SessionEnv - ok
    12:16:22.0137 0x1534  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
    12:16:22.0150 0x1534  sffdisk - ok
    12:16:22.0158 0x1534  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
    12:16:22.0172 0x1534  sffp_mmc - ok
    12:16:22.0184 0x1534  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
    12:16:22.0198 0x1534  sffp_sd - ok
    12:16:22.0212 0x1534  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
    12:16:22.0224 0x1534  sfloppy - ok
    12:16:22.0250 0x1534  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
    12:16:22.0304 0x1534  SharedAccess - ok
    12:16:22.0321 0x1534  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
    12:16:22.0356 0x1534  ShellHWDetection - ok
    12:16:22.0376 0x1534  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
    12:16:22.0387 0x1534  SiSRaid2 - ok
    12:16:22.0402 0x1534  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
    12:16:22.0413 0x1534  SiSRaid4 - ok
    12:16:22.0436 0x1534  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
    12:16:22.0478 0x1534  Smb - ok
    12:16:22.0519 0x1534  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
    12:16:22.0551 0x1534  SNMPTRAP - ok
    12:16:22.0560 0x1534  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
    12:16:22.0571 0x1534  spldr - ok
    12:16:22.0645 0x1534  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
    12:16:22.0678 0x1534  Spooler - ok
    12:16:22.0771 0x1534  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
    12:16:22.0875 0x1534  sppsvc - ok
    12:16:22.0890 0x1534  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
    12:16:22.0969 0x1534  sppuinotify - ok
    12:16:22.0997 0x1534  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
    12:16:23.0045 0x1534  srv - ok
    12:16:23.0061 0x1534  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
    12:16:23.0090 0x1534  srv2 - ok
    12:16:23.0105 0x1534  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
    12:16:23.0120 0x1534  srvnet - ok
    12:16:23.0131 0x1534  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
    12:16:23.0165 0x1534  SSDPSRV - ok
    12:16:23.0192 0x1534  [ 1100066057FBF612B573EFD3B21383F1, 894F5A999E03807DFFEA67938D2E456D50D9E5511FE91D2E2293C51D98B3D87D ] ssmirrdr        C:\windows\system32\DRIVERS\ssmirrdr.sys
    12:16:23.0201 0x1534  ssmirrdr - ok
    12:16:23.0211 0x1534  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
    12:16:23.0240 0x1534  SstpSvc - ok
    12:16:23.0261 0x1534  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
    12:16:23.0271 0x1534  stexstor - ok
    12:16:23.0319 0x1534  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
    12:16:23.0351 0x1534  stisvc - ok
    12:16:23.0365 0x1534  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
    12:16:23.0373 0x1534  swenum - ok
    12:16:23.0410 0x1534  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
    12:16:23.0461 0x1534  swprv - ok
    12:16:23.0516 0x1534  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
    12:16:23.0580 0x1534  SysMain - ok

  19. After running combofix, I rebooted my computer and enabled McAfee.  Shortly after I enabled McAfee it popped up with another alert.  Here's the log of the threats for the day.

     

    Name Type Risk Date Discovered RDN/Generic.tfr!439965AE05C1 Trojan Low 11/4/2013 RDN/Generic PUP.x!8177351F9B85 Program Low 11/4/2013 RDN/Generic.dx!CAC6C2AF6E28 Trojan Low 11/4/2013 RDN/Generic.bfr!fg!4A6B099DCC06 Trojan Low 11/4/2013 RDN/Generic StartPage!bq!8429B1BBFEEF Trojan Low 11/4/2013 RDN/Generic PWS.y!vn!C6C2BA42BFB0

     

     

    Also, I still can't use the Google search engine. 

  20. Here is the Combofix Log..................................

     

    ComboFix 13-11-03.02 - Linda 11/04/2013  20:15:09.1.4 - x64
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5992.3771 [GMT -8:00]
    Running from: c:\users\Linda\Desktop\ComboFix.exe
    AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Linda\Documents\~WRD0001.tmp
    c:\users\Linda\WINDOWS
    .
    .
    (((((((((((((((((((((((((   Files Created from 2013-10-05 to 2013-11-05  )))))))))))))))))))))))))))))))
    .
    .
    2013-11-05 04:19 . 2013-11-05 04:19    --------    d-----w-    c:\users\Default\AppData\Local\temp
    2013-11-01 04:00 . 2013-11-01 04:00    --------    d-----w-    c:\program files (x86)\ESET
    2013-11-01 02:28 . 2013-11-01 02:28    --------    d-----w-    c:\program files (x86)\Browsersafeguard
    2013-11-01 02:28 . 2013-11-01 02:28    --------    d-----w-    c:\program files (x86)\ScorpionSaver
    2013-11-01 02:28 . 2013-11-01 02:28    --------    d-----w-    c:\program files (x86)\Level Quality Watcher
    2013-11-01 01:42 . 2013-11-01 01:42    --------    d-----w-    c:\windows\ERUNT
    2013-10-31 06:23 . 2013-10-31 06:51    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
    2013-10-31 06:23 . 2013-10-31 06:40    116440    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
    2013-10-31 06:18 . 2013-10-31 06:39    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
    2013-10-31 04:09 . 2013-10-31 04:32    --------    d-----w-    c:\users\Linda\AppData\Roaming\U3
    2013-10-30 19:41 . 2013-10-30 19:41    --------    d-----w-    c:\users\Linda\AppData\Roaming\Malwarebytes
    2013-10-30 19:40 . 2013-10-30 19:40    --------    d-----w-    c:\programdata\Malwarebytes
    2013-10-30 19:40 . 2013-10-30 19:41    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
    2013-10-30 19:40 . 2013-04-04 21:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
    2013-10-30 19:40 . 2013-10-30 19:40    --------    d-----w-    c:\users\Linda\AppData\Local\Programs
    2013-10-30 04:39 . 2013-10-30 04:39    --------    d-----w-    c:\programdata\Oracle
    2013-10-30 04:39 . 2013-10-30 04:39    --------    d-----w-    c:\program files (x86)\Common Files\Java
    2013-10-30 04:38 . 2013-10-30 04:38    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-10-30 04:38 . 2013-10-30 04:38    --------    d-----w-    c:\program files (x86)\Java
    2013-10-29 20:56 . 2013-10-29 20:56    --------    d--h--w-    c:\programdata\Common Files
    2013-10-22 01:10 . 2013-10-22 01:10    --------    d-----w-    c:\program files\McAfee Security Scan
    2013-10-16 03:02 . 2013-09-23 20:49    197704    ----a-w-    c:\windows\system32\drivers\HipShieldK.sys
    2013-10-10 23:58 . 2013-10-10 23:58    --------    d-----w-    c:\users\Linda\AppData\Local\McAfee File Lock
    2013-10-10 10:05 . 2013-09-23 01:25    775256    ----a-w-    c:\program files\Internet Explorer\iexplore.exe
    2013-10-10 03:49 . 2013-07-04 12:50    633856    ----a-w-    c:\windows\system32\comctl32.dll
    2013-10-10 03:49 . 2013-07-04 11:50    530432    ----a-w-    c:\windows\SysWow64\comctl32.dll
    2013-10-10 03:49 . 2013-07-12 10:41    100864    ----a-w-    c:\windows\system32\drivers\usbcir.sys
    2013-10-10 03:49 . 2013-07-12 10:40    109824    ----a-w-    c:\windows\system32\drivers\USBAUDIO.sys
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-10-10 10:02 . 2011-07-08 00:34    80541720    ----a-w-    c:\windows\system32\MRT.exe
    2013-10-09 02:59 . 2012-04-12 10:18    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2013-10-09 02:59 . 2011-07-09 00:49    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-10-02 21:14 . 2013-10-02 21:14    58192    ----a-w-    c:\windows\system32\drivers\lsnfd.sys
    2013-09-25 03:29 . 2013-05-13 23:30    70112    ----a-w-    c:\windows\system32\drivers\cfwids.sys
    2013-09-25 03:25 . 2013-02-19 20:56    343568    ----a-w-    c:\windows\system32\drivers\mfewfpk.sys
    2013-09-25 03:25 . 2013-05-13 23:24    182752    ----a-w-    c:\windows\system32\mfevtps.exe
    2013-09-25 03:22 . 2013-02-19 20:54    781312    ----a-w-    c:\windows\system32\drivers\mfehidk.sys
    2013-09-25 03:21 . 2013-05-13 23:30    519192    ----a-w-    c:\windows\system32\drivers\mfefirek.sys
    2013-09-25 03:20 . 2013-05-13 23:30    310224    ----a-w-    c:\windows\system32\drivers\mfeavfk.sys
    2013-09-25 03:19 . 2013-02-19 20:52    179664    ----a-w-    c:\windows\system32\drivers\mfeapfk.sys
    2013-09-20 16:38 . 2013-09-20 16:38    10856    ----a-w-    c:\windows\system32\drivers\mfeclnrk.sys
    2013-09-20 16:38 . 2013-09-20 16:38    95984    ----a-w-    c:\windows\system32\drivers\mfencrk.sys
    2013-09-20 16:37 . 2013-09-20 16:37    390552    ----a-w-    c:\windows\system32\drivers\mfencbdc.sys
    2013-09-09 18:11 . 2013-05-13 23:30    74560    ----a-w-    c:\windows\system32\drivers\McPvDrv.sys
    2013-08-29 01:48 . 2013-10-10 03:48    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    .
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BrowserSafeguard"="c:\program files (x86)\Browsersafeguard\Browsersafeguard.exe" [2013-10-29 573952]
    "GoogleChromeAutoLaunch_72A69F45706A1906C3BB8A81AA94F778"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-10-09 844752]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "jmekey"="c:\program files (x86)\jmesoft\hotkey.exe" [2009-07-16 114688]
    "Lenovo Eye Distance System"="c:\program files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe" [2010-09-09 265216]
    "Lenovo Dynamic Brightness System"="c:\program files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe" [2010-10-08 285696]
    "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 958576]
    "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
    "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
    .
    c:\users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Launch Utility Application.lnk - c:\users\Linda\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe [2012-8-31 903096]
    Monitor Ink Alerts - HP Officejet 4620 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN28V2412305RT;CONNECTION=USB;MONITOR=1; [2009-7-13 45568]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
    R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
    R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
    R3 ssmirrdr;ssmirrdr;c:\windows\system32\DRIVERS\ssmirrdr.sys;c:\windows\SYSNATIVE\DRIVERS\ssmirrdr.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
    S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
    S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys;c:\windows\SYSNATIVE\drivers\McPvDrv.sys [x]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
    S0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
    S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
    S1 lsnfd;lsnfd;c:\windows\system32\drivers\lsnfd.sys;c:\windows\SYSNATIVE\drivers\lsnfd.sys [x]
    S1 MOBK400Filter;MOBK400Filter;c:\windows\system32\DRIVERS\MOBK400.sys;c:\windows\SYSNATIVE\DRIVERS\MOBK400.sys [x]
    S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
    S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
    S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
    S2 MOBK400backup;McAfee Online Backup;c:\program files (x86)\McAfee Online Backup\MOBK400backup.exe;c:\program files (x86)\McAfee Online Backup\MOBK400backup.exe [x]
    S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
    S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys;c:\windows\SYSNATIVE\DRIVERS\GeneStor.sys [x]
    S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
    S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2013-10-18 17:01    1185744    ----a-w-    c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-11-05 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 02:59]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK400]
    @="{73552f1f-bf89-9213-24d3-b502f837bb93}"
    [HKEY_CLASSES_ROOT\CLSID\{73552f1f-bf89-9213-24d3-b502f837bb93}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK4002]
    @="{81d6082a-73e9-8567-a371-6ad62982aca6}"
    [HKEY_CLASSES_ROOT\CLSID\{81d6082a-73e9-8567-a371-6ad62982aca6}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK4003]
    @="{44391887-365b-8585-2ab9-799a50b9ef5e}"
    [HKEY_CLASSES_ROOT\CLSID\{44391887-365b-8585-2ab9-799a50b9ef5e}]
    2010-06-01 09:05    4741944    ----a-w-    c:\program files (x86)\McAfee Online Backup\MOBK400shell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-18 167960]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-18 391704]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-18 417304]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-26 11543656]
    "UMonit"="c:\windows\SysWOW64\UMonit.exe" [2010-12-01 28672]
    "Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-05-19 114688]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm

    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <-loopback>
    uInternet Settings,ProxyServer = http=127.0.0.1:49156;https=127.0.0.1:49156
    Trusted Zone: microsoft.com\.windowsupdate
    Trusted Zone: windowsupdate.com
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\jeuc81t6.default-1383517261482\
    FF - ExtSQL: 2013-10-31 19:28; linksicle@linksicle.com; c:\program files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
    FF - ExtSQL: 2013-11-03 09:50; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files (x86)\McAfee\SiteAdvisor
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-10 - (no file)
    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
    Toolbar-Locked - (no file)
    Toolbar-10 - (no file)
    AddRemove-Linksicle - c:\program files (x86)\Linksicle\Uninstall.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
       00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2013-11-04  20:20:55
    ComboFix-quarantined-files.txt  2013-11-05 04:20
    .
    Pre-Run: 1,406,226,747,392 bytes free
    Post-Run: 1,405,844,467,712 bytes free
    .
    - - End Of File - - B7810786D24E468A238373C8C5F27D97
    A36C5E4F47E84449FF07ED3517B43A31
     

  21. I seem to have some sort of new issue.  I just tried to use the Google search engine to find something and got the message that "This connection is untrusted."

     

     

    Edited to add that on FireFox, under "Add-ons" is McAfee SiteAdvisor 3.6.3.  I haven't added anything to the "Add-on" feature and checked it because yesterday I found that add-on that was making the clickable links.  I don't know how the McAfee SiteAdvisor got there.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.