bootkit.Malmo.MBR is false positive or not?

luci · December 16, 2018

Im checked the option scan root in malwarebyte,premium version 3.5.1 and detected bootkit.Malmo.MBR, but if i not checked scan for rootkit so my scan result is clean.

I also try malwarebyte antirootkit beta, i update the database, then scan, the result is clean.

I scan using tdsskiller, the result is clean

i scan using gmer, the result is clean

i scan using asW MBR, the result is clean

I read https://support.emsisoft.com/topic/26435-boot-virus-malmo-just-one-problem-out-of-many/ but people at there said that is false positive

""This is an older MBR bootkit

\DosDevices\PhysicalDrive1 detected: Rootkit.MBR.Malmo.A (Boot image) (B) [krnl.xmd]
and is very likey a false positive based on what I can see in your logs.

Now, if it turned out to be a real false positive, the question of how I get rid of it by replacing the MBR raise tough questions for me:""

1. LOG SCAN MALWAREBYTE PREMIUM 3.5.1

-Log Details-
Scan Date: 12/14/18
Scan Time: 7:51 PM
Log File: 06c5a37a-ff9f-11e8-82d0-00ff3820cd7a.json
Administrator: Yes

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.365
Update Package Version: 1.0.8055
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: AzurLanePC\Yuudachi

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 232927
Threats Detected: 2
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 5 min, 0 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 2
Bootkit.Malmo.MBR, 0, No Action By User, [15174], [514093],0.0.0
Bootkit.Malmo.MBR, 1, No Action By User, [15174], [514093],0.0.0

WMI: 0
(No malicious items detected)

(end)

2. LOG SCAN TDSSKILLER

16:42:07.0223 0x0a30 TDSS rootkit removing tool 3.1.0.20 Nov 27 2018 09:10:38
16:42:07.0300 0x0a30 ============================================================
16:42:07.0300 0x0a30 Current date / time: 2018/11/28 16:42:07.0300
16:42:07.0300 0x0a30 SystemInfo:
16:42:07.0300 0x0a30
16:42:07.0300 0x0a30 OS Version: 6.1.7601 ServicePack: 1.0
16:42:07.0300 0x0a30 Product type: Workstation
16:42:07.0300 0x0a30 ComputerName: AZURLANEPC
16:42:07.0300 0x0a30 UserName: Yoizuki
16:42:07.0300 0x0a30 Windows directory: C:\Windows
16:42:07.0300 0x0a30 System windows directory: C:\Windows
16:42:07.0300 0x0a30 Running under WOW64
16:42:07.0300 0x0a30 Processor architecture: Intel x64
16:42:07.0300 0x0a30 Number of processors: 4
16:42:07.0300 0x0a30 Page size: 0x1000
16:42:07.0300 0x0a30 Boot type: Normal boot
16:42:07.0300 0x0a30 CodeIntegrityOptions = 0x00000001
16:42:07.0300 0x0a30 ============================================================
16:42:07.0301 0x0a30 KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 7601.17514, osProperties = 0x1
16:42:07.0301 0x0a30 KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 7601.17514, osProperties = 0x1
16:42:07.0301 0x0a30 BG loaded
16:42:07.0631 0x0a30 System UUID: {706CB789-2415-83A0-82D3-EC190BB7E4FD}
16:42:08.0993 0x0a30 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:42:09.0007 0x0a30 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:42:09.0011 0x0a30 ============================================================
16:42:09.0011 0x0a30 \Device\Harddisk0\DR0:
16:42:09.0011 0x0a30 MBR partitions:
16:42:09.0011 0x0a30 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x6, StartLBA 0x800, BlocksNum 0x74705800
16:42:09.0011 0x0a30 \Device\Harddisk1\DR1:
16:42:09.0011 0x0a30 MBR partitions:
16:42:09.0012 0x0a30 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:42:09.0012 0x0a30 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x8CA0000
16:42:09.0012 0x0a30 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x8CD2800, BlocksNum 0x1C75B800
16:42:09.0012 0x0a30 ============================================================
16:42:09.0028 0x0a30 C: <-> \Device\Harddisk1\DR1\Partition2
16:42:09.0222 0x0a30 D: <-> \Device\Harddisk1\DR1\Partition3
16:42:09.0234 0x0a30 I: <-> \Device\Harddisk0\DR0\Partition1
16:42:09.0234 0x0a30 ============================================================
16:42:09.0234 0x0a30 Initialize success
16:42:09.0234 0x0a30 ============================================================
16:42:27.0810 0x0f18 ============================================================
16:42:27.0810 0x0f18 Scan started
16:42:27.0810 0x0f18 Mode: Manual;
16:42:27.0810 0x0f18 ============================================================
16:42:27.0810 0x0f18 KSN ping started
16:42:30.0398 0x0f18 KSN ping finished: false
16:42:36.0870 0x0f18 ================ Scan BIOS =================================
16:42:48.0073 0x0f18 [ DB99E49A49E493682680CDCCAA99A093, D57577DAF73FA5542EF77E563C1812BA62832AA8A032678D1B06FA2C991A256A ] BIOS
16:42:48.0073 0x0f18 BIOS - ok
16:42:48.0074 0x0f18 ================ Scan system memory ========================
16:42:48.0076 0x0f18 System memory - ok
16:42:48.0077 0x0f18 ================ Scan services =============================
16:42:48.0211 0x0f18 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:42:48.0218 0x0f18 1394ohci - ok
16:42:48.0244 0x0f18 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:42:48.0252 0x0f18 ACPI - ok
16:42:48.0277 0x0f18 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:42:48.0279 0x0f18 AcpiPmi - ok
16:42:48.0308 0x0f18 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:42:48.0328 0x0f18 adp94xx - ok
16:42:48.0344 0x0f18 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:42:48.0352 0x0f18 adpahci - ok
16:42:48.0386 0x0f18 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:42:48.0390 0x0f18 adpu320 - ok
16:42:48.0430 0x0f18 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:42:48.0431 0x0f18 AeLookupSvc - ok
16:42:48.0459 0x0f18 [ D31DC7A16DEA4A9BAF179F3D6FBDB38C, 532678D86E3E667F2E789C4873565E0B92C549A93F10802BB6D5B505CA3238CE ] AFD C:\Windows\system32\drivers\afd.sys
16:42:48.0467 0x0f18 AFD - ok
16:42:48.0490 0x0f18 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:42:48.0493 0x0f18 agp440 - ok
16:42:48.0509 0x0f18 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:42:48.0510 0x0f18 ALG - ok
16:42:48.0537 0x0f18 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:42:48.0539 0x0f18 aliide - ok
16:42:48.0579 0x0f18 [ 840281F034189612E19DF5DA51F1441E, EDC7C65223A8FA13C4AAB05A589F8B8758FF7C632C89AEA4F23A35E80F79CD38 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:42:48.0582 0x0f18 AMD External Events Utility - ok
16:42:48.0597 0x0f18 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:42:48.0599 0x0f18 amdide - ok
16:42:48.0624 0x0f18 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:42:48.0627 0x0f18 AmdK8 - ok
16:42:48.0967 0x0f18 [ B731548D89A3DB08753BD36D5CBD5396, 88631860DC73A152305C400CA68F5216E972427912E1D60D0265426E5C3D33D1 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:42:49.0126 0x0f18 amdkmdag - ok
16:42:49.0192 0x0f18 [ 0BD67C5B7B2A6A6ADA81DC9EFBD9EF63, 1B0AA9C241EABA0A0D6A9C70566893034F08292133BACB662586876B5D39B780 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:42:49.0200 0x0f18 amdkmdap - ok
16:42:49.0216 0x0f18 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:42:49.0218 0x0f18 AmdPPM - ok
16:42:49.0245 0x0f18 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:42:49.0249 0x0f18 amdsata - ok
16:42:49.0281 0x0f18 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:42:49.0286 0x0f18 amdsbs - ok
16:42:49.0299 0x0f18 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:42:49.0300 0x0f18 amdxata - ok
16:42:49.0444 0x0f18 [ B23A016180FC5B0BC2686F2C2D7B706C, 1268FC4755DC504D27F3D63F4C358817F8AFFB339BE0B318307E018BFBA70346 ] aow_drv D:\Program Files\TxGameAssistant\UI\aow_drv_x64.sys
16:42:49.0457 0x0f18 aow_drv - ok
16:42:49.0490 0x0f18 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:42:49.0492 0x0f18 AppID - ok
16:42:49.0513 0x0f18 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:42:49.0515 0x0f18 AppIDSvc - ok
16:42:49.0531 0x0f18 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
16:42:49.0534 0x0f18 Appinfo - ok
16:42:49.0589 0x0f18 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:42:49.0594 0x0f18 AppMgmt - ok
16:42:49.0628 0x0f18 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:42:49.0631 0x0f18 arc - ok
16:42:49.0645 0x0f18 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:42:49.0648 0x0f18 arcsas - ok
16:42:49.0730 0x0f18 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:42:49.0739 0x0f18 aspnet_state - ok
16:42:49.0775 0x0f18 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:42:49.0776 0x0f18 AsyncMac - ok
16:42:49.0783 0x0f18 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:42:49.0783 0x0f18 atapi - ok
16:42:49.0839 0x0f18 [ 4E5C72F003BFCB75701480DDCA5F0F09, 00B5943AF9C3C0EF57BF0FDCC94EBBEE354082EB5E187CC067F6E735B304D45E ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:42:49.0841 0x0f18 AtiHDAudioService - ok
16:42:49.0884 0x0f18 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:42:49.0894 0x0f18 AudioEndpointBuilder - ok
16:42:49.0924 0x0f18 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:42:49.0933 0x0f18 AudioSrv - ok
16:42:49.0957 0x0f18 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:42:49.0960 0x0f18 AxInstSV - ok
16:42:50.0008 0x0f18 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:42:50.0037 0x0f18 b06bdrv - ok
16:42:50.0077 0x0f18 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:42:50.0118 0x0f18 b57nd60a - ok
16:42:50.0153 0x0f18 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:42:50.0164 0x0f18 BDESVC - ok
16:42:50.0192 0x0f18 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:42:50.0193 0x0f18 Beep - ok
16:42:50.0238 0x0f18 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:42:50.0248 0x0f18 BFE - ok
16:42:50.0286 0x0f18 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:42:50.0317 0x0f18 BITS - ok
16:42:50.0345 0x0f18 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:42:50.0346 0x0f18 blbdrive - ok
16:42:50.0372 0x0f18 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:42:50.0374 0x0f18 bowser - ok
16:42:50.0392 0x0f18 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:42:50.0395 0x0f18 BrFiltLo - ok
16:42:50.0398 0x0f18 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:42:50.0399 0x0f18 BrFiltUp - ok
16:42:50.0437 0x0f18 [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser C:\Windows\System32\browser.dll
16:42:50.0439 0x0f18 Browser - ok
16:42:50.0467 0x0f18 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:42:50.0474 0x0f18 Brserid - ok
16:42:50.0478 0x0f18 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:42:50.0479 0x0f18 BrSerWdm - ok
16:42:50.0482 0x0f18 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:42:50.0484 0x0f18 BrUsbMdm - ok
16:42:50.0486 0x0f18 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:42:50.0487 0x0f18 BrUsbSer - ok
16:42:50.0491 0x0f18 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:42:50.0493 0x0f18 BTHMODEM - ok
16:42:50.0548 0x0f18 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:42:50.0579 0x0f18 bthserv - ok
16:42:50.0605 0x0f18 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:42:50.0607 0x0f18 cdfs - ok
16:42:50.0642 0x0f18 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:42:50.0644 0x0f18 cdrom - ok
16:42:50.0746 0x0f18 [ FB1F7C3E1C0D47D129AFE30B8C5626A7, FAEEDDA23DD38323CD9B6B37431DCEA213CEC6FE7539A9591B776DB06647DA76 ] CDROM_Detect C:\Program Files\4G LTE Wingle\4G_Server.exe
16:42:50.0751 0x0f18 CDROM_Detect - ok
16:42:50.0791 0x0f18 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:42:50.0794 0x0f18 CertPropSvc - ok
16:42:50.0822 0x0f18 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:42:50.0824 0x0f18 circlass - ok
16:42:50.0854 0x0f18 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:42:50.0863 0x0f18 CLFS - ok
16:42:50.0921 0x0f18 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:42:50.0930 0x0f18 clr_optimization_v2.0.50727_32 - ok
16:42:50.0968 0x0f18 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:42:50.0975 0x0f18 clr_optimization_v2.0.50727_64 - ok
16:42:51.0030 0x0f18 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:42:51.0132 0x0f18 clr_optimization_v4.0.30319_32 - ok
16:42:51.0151 0x0f18 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:42:51.0164 0x0f18 clr_optimization_v4.0.30319_64 - ok
16:42:51.0190 0x0f18 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:42:51.0191 0x0f18 CmBatt - ok
16:42:51.0221 0x0f18 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:42:51.0222 0x0f18 cmdide - ok
16:42:51.0256 0x0f18 [ D5FEA92400F12412B3922087C09DA6A5, C8CD9215D26D3295FE487C96A4FC3F4C8AFED764AE9445D9858D7489823A8A2B ] CNG C:\Windows\system32\Drivers\cng.sys
16:42:51.0277 0x0f18 CNG - ok
16:42:51.0291 0x0f18 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:42:51.0293 0x0f18 Compbatt - ok
16:42:51.0317 0x0f18 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:42:51.0318 0x0f18 CompositeBus - ok
16:42:51.0329 0x0f18 COMSysApp - ok
16:42:51.0348 0x0f18 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:42:51.0350 0x0f18 crcdisk - ok
16:42:51.0378 0x0f18 [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:42:51.0381 0x0f18 CryptSvc - ok
16:42:51.0413 0x0f18 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:42:51.0420 0x0f18 CSC - ok
16:42:51.0437 0x0f18 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:42:51.0447 0x0f18 CscService - ok
16:42:51.0496 0x0f18 [ 0F3A8694F7A54056A4162DAD17C25D65, 4C07B3AC56B174BE8840A49BF93CD3CF76A5AE41D685914CBA78364E72E4B36A ] CT_QUALCOMM_U_drv C:\Windows\system32\DRIVERS\CT_QUALCOMM_U_drv.sys
16:42:51.0499 0x0f18 CT_QUALCOMM_U_drv - ok
16:42:51.0535 0x0f18 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:42:51.0542 0x0f18 DcomLaunch - ok
16:42:51.0577 0x0f18 [ F1BF87B19D32D68DC3A8B1C03F9861B5, 5F81CE9E024D81AD89AC162F14B46AFFF9B8C843985ED512942E6983E216C83E ] ddmdrv C:\Windows\system32\ddmdrv.sys
16:42:51.0578 0x0f18 ddmdrv - ok
16:42:51.0638 0x0f18 [ 2ECE89037A8E4F055B34E3213A8E12C9, F42C3700C10D1654238E9E396BF39A68E0AFB6DEA299F3C4A9BD94EA59E8DEDE ] DeepFrz C:\Windows\system32\drivers\DeepFrz.sys
16:42:51.0643 0x0f18 DeepFrz - ok
16:42:51.0684 0x0f18 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:42:51.0691 0x0f18 defragsvc - ok
16:42:51.0711 0x0f18 [ 95D836EC864389AD66815385902041B1, 9396F6AF4CFD519F5B9340D26F946B87EF0885C301CEE6CAA947DF4B792FF40A ] DfDiskLow C:\Windows\system32\drivers\DfDiskLow.sys
16:42:51.0712 0x0f18 DfDiskLow - ok
16:42:51.0753 0x0f18 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:42:51.0754 0x0f18 DfsC - ok
16:42:51.0927 0x0f18 [ B8D295E795C679CE045D022EE0F7B080, DCD19AFCDF54B1A1E4E210D97D1642A797288C4F4A31F90DA232A8E5E4348465 ] DFServ C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe
16:42:51.0942 0x0f18 DFServ - ok
16:42:51.0983 0x0f18 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:42:51.0988 0x0f18 Dhcp - ok
16:42:52.0008 0x0f18 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:42:52.0011 0x0f18 discache - ok
16:42:52.0044 0x0f18 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:42:52.0047 0x0f18 Disk - ok
16:42:52.0126 0x0f18 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:42:52.0130 0x0f18 dmvsc - ok
16:42:52.0151 0x0f18 [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:42:52.0154 0x0f18 Dnscache - ok
16:42:52.0178 0x0f18 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:42:52.0185 0x0f18 dot3svc - ok
16:42:52.0191 0x0f18 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:42:52.0194 0x0f18 DPS - ok
16:42:52.0223 0x0f18 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:42:52.0225 0x0f18 drmkaud - ok
16:42:52.0266 0x0f18 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:42:52.0279 0x0f18 DXGKrnl - ok
16:42:52.0290 0x0f18 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:42:52.0292 0x0f18 EapHost - ok
16:42:52.0384 0x0f18 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:42:52.0476 0x0f18 ebdrv - ok
16:42:52.0515 0x0f18 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
16:42:52.0516 0x0f18 EFS - ok
16:42:52.0574 0x0f18 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:42:52.0594 0x0f18 ehRecvr - ok
16:42:52.0604 0x0f18 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:42:52.0608 0x0f18 ehSched - ok
16:42:52.0655 0x0f18 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:42:52.0675 0x0f18 elxstor - ok
16:42:52.0690 0x0f18 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:42:52.0692 0x0f18 ErrDev - ok
16:42:52.0724 0x0f18 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:42:52.0730 0x0f18 EventSystem - ok
16:42:52.0764 0x0f18 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:42:52.0769 0x0f18 exfat - ok
16:42:52.0779 0x0f18 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:42:52.0799 0x0f18 fastfat - ok
16:42:52.0841 0x0f18 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:42:52.0850 0x0f18 Fax - ok
16:42:52.0867 0x0f18 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
16:42:52.0869 0x0f18 fdc - ok
16:42:52.0906 0x0f18 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:42:52.0908 0x0f18 fdPHost - ok
16:42:52.0920 0x0f18 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:42:52.0922 0x0f18 FDResPub - ok
16:42:52.0938 0x0f18 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:42:52.0940 0x0f18 FileInfo - ok
16:42:52.0943 0x0f18 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:42:52.0945 0x0f18 Filetrace - ok
16:42:52.0947 0x0f18 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:42:52.0949 0x0f18 flpydisk - ok
16:42:52.0961 0x0f18 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:42:52.0966 0x0f18 FltMgr - ok
16:42:53.0006 0x0f18 [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache C:\Windows\system32\FntCache.dll
16:42:53.0047 0x0f18 FontCache - ok
16:42:53.0097 0x0f18 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:42:53.0100 0x0f18 FontCache3.0.0.0 - ok
16:42:53.0115 0x0f18 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:42:53.0118 0x0f18 FsDepends - ok
16:42:53.0150 0x0f18 [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:42:53.0151 0x0f18 Fs_Rec - ok
16:42:53.0169 0x0f18 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:42:53.0175 0x0f18 fvevol - ok
16:42:53.0198 0x0f18 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:42:53.0201 0x0f18 gagp30kx - ok
16:42:53.0247 0x0f18 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:42:53.0258 0x0f18 gpsvc - ok
16:42:53.0314 0x0f18 [ 92EE791A630830452485E8E375F8DB35, 542294724926B0E156224B9EBD33E6354D79DA4C828FB52F7F4233DF45E3F624 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:53.0319 0x0f18 gupdate - ok
16:42:53.0324 0x0f18 [ 92EE791A630830452485E8E375F8DB35, 542294724926B0E156224B9EBD33E6354D79DA4C828FB52F7F4233DF45E3F624 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:53.0326 0x0f18 gupdatem - ok
16:42:53.0373 0x0f18 [ B401271BD21D10D9C71F4516C802A49C, 454990BB4D71AF46C0186BFA55D7DD648ACCB0EA7D8AE864BE47E99E4F0C72C8 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
16:42:53.0376 0x0f18 gzflt - ok
16:42:53.0392 0x0f18 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:42:53.0394 0x0f18 hcw85cir - ok
16:42:53.0433 0x0f18 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:42:53.0441 0x0f18 HdAudAddService - ok
16:42:53.0477 0x0f18 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:42:53.0479 0x0f18 HDAudBus - ok
16:42:53.0496 0x0f18 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:42:53.0498 0x0f18 HidBatt - ok
16:42:53.0511 0x0f18 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:42:53.0514 0x0f18 HidBth - ok
16:42:53.0534 0x0f18 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:42:53.0536 0x0f18 HidIr - ok
16:42:53.0561 0x0f18 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:42:53.0562 0x0f18 hidserv - ok
16:42:53.0587 0x0f18 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:42:53.0587 0x0f18 HidUsb - ok
16:42:53.0614 0x0f18 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:42:53.0618 0x0f18 hkmsvc - ok
16:42:53.0643 0x0f18 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:42:53.0649 0x0f18 HomeGroupListener - ok
16:42:53.0674 0x0f18 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:42:53.0677 0x0f18 HomeGroupProvider - ok
16:42:53.0703 0x0f18 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:42:53.0706 0x0f18 HpSAMD - ok
16:42:53.0747 0x0f18 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:42:53.0757 0x0f18 HTTP - ok
16:42:53.0768 0x0f18 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:42:53.0769 0x0f18 hwpolicy - ok
16:42:53.0799 0x0f18 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:42:53.0803 0x0f18 i8042prt - ok
16:42:53.0821 0x0f18 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:42:53.0830 0x0f18 iaStorV - ok
16:42:53.0883 0x0f18 [ BF02D8EF91CEF81DEB20260FE796B0F7, D0CD3A7568D9F08B5F40B1DE0F1CC41182727F686488E10040034ED2EEE83C66 ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
16:42:53.0886 0x0f18 IDMWFP - ok
16:42:53.0937 0x0f18 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:42:53.0968 0x0f18 idsvc - ok
16:42:53.0993 0x0f18 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:42:53.0995 0x0f18 iirsp - ok
16:42:54.0040 0x0f18 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
16:42:54.0052 0x0f18 IKEEXT - ok
16:42:54.0086 0x0f18 [ D9CF8609CF87E28629F2072FFF5611C6, C4CFFBC82F69DD0E8D8A65100848F7E4A2F065EC37B7FB7906567688F0EC7ED1 ] IMFCameraProtect C:\Windows\system32\drivers\IMFCameraProtect.sys
16:42:54.0086 0x0f18 IMFCameraProtect - ok
16:42:54.0241 0x0f18 [ C7418DBEDD20064B600FF24111F67A12, 8EA23CEE7C98330EE43364FBC14DDF5C31115093BC0AC93138DDDFADF0DB0AE1 ] IMFDownProtect C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys
16:42:54.0241 0x0f18 IMFDownProtect - ok
16:42:54.0259 0x0f18 [ A7B8FCF652F7646DB82E44249338426D, DB36C0B1FD14BAEEF153676340D1552F73A813658B7D2E896D73449522945591 ] IMFFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys
16:42:54.0261 0x0f18 IMFFilter - ok
16:42:54.0296 0x0f18 [ 86166381B52F9E85E09C52CD1CDB4919, 07327C7D3DE82A90D4CE43DF1314536E05F7414C7F5A4F63885B6495872C777B ] IMFForceDelete C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys
16:42:54.0296 0x0f18 IMFForceDelete - ok
16:42:54.0319 0x0f18 [ 5697EA0244BA083A00E0D50B864B1F15, D176FD67F9E736CD4A36DDE3E8D278ECA80A0668B21433CD3D0BD04D50AB3660 ] IMFMBRProtect C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys
16:42:54.0319 0x0f18 IMFMBRProtect - ok
16:42:54.0337 0x0f18 [ C2689A3972DEACF8278F6C1FA48A7D43, 2549B9B68BD5A1FC74658C38F0960FD5DB9B97A62341B0F5A4588AB90775073B ] IMFSafeBox C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys
16:42:54.0337 0x0f18 IMFSafeBox - ok
16:42:54.0402 0x0f18 [ DCF9DAD20AEB64979CA7C6484C6E9915, BEE03DB86241431873A75316D3471671D625DB8C0E93F1160D43EADCB580AC05 ] IMFservice C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
16:42:54.0434 0x0f18 IMFservice - ok
16:42:54.0581 0x0f18 [ 517869DB2BC6058D250A2963AE32B2D4, 155452DCBA19ABDF8ED72286E9AC43947A06F08C1BD044F88A870F3465981B79 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:42:54.0632 0x0f18 IntcAzAudAddService - ok
16:42:54.0707 0x0f18 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:42:54.0718 0x0f18 Intel(R) Capability Licensing Service Interface - ok
16:42:54.0753 0x0f18 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
16:42:54.0783 0x0f18 Intel(R) Capability Licensing Service TCP IP Interface - ok
16:42:54.0799 0x0f18 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
16:42:54.0800 0x0f18 intelide - ok
16:42:54.0835 0x0f18 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:42:54.0836 0x0f18 intelppm - ok
16:42:54.0868 0x0f18 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:42:54.0872 0x0f18 IPBusEnum - ok
16:42:54.0885 0x0f18 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:54.0888 0x0f18 IpFilterDriver - ok
16:42:54.0919 0x0f18 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:42:54.0927 0x0f18 iphlpsvc - ok
16:42:54.0939 0x0f18 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:42:54.0942 0x0f18 IPMIDRV - ok
16:42:54.0947 0x0f18 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:42:54.0949 0x0f18 IPNAT - ok
16:42:54.0972 0x0f18 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:42:54.0974 0x0f18 IRENUM - ok
16:42:54.0996 0x0f18 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:42:54.0998 0x0f18 isapnp - ok
16:42:55.0016 0x0f18 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:42:55.0023 0x0f18 iScsiPrt - ok
16:42:55.0089 0x0f18 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:42:55.0093 0x0f18 jhi_service - ok
16:42:55.0105 0x0f18 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:42:55.0106 0x0f18 kbdclass - ok
16:42:55.0137 0x0f18 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:42:55.0138 0x0f18 kbdhid - ok
16:42:55.0160 0x0f18 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
16:42:55.0161 0x0f18 KeyIso - ok
16:42:55.0174 0x0f18 [ CCD53B5BD33CE0C889E830D839C8B66E, 51B7556DA7DAA0BC75E00E53099776016A55FAA115D5A4E6830E12A0A0869C10 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:42:55.0178 0x0f18 KSecDD - ok
16:42:55.0189 0x0f18 [ 9FF918A261752C12639E8AD4208D2C2F, B60F7A730C92F2BF7E85A6CA14DD7671AEECEE154CEC83B1E23EF268C25C9E5E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:42:55.0194 0x0f18 KSecPkg - ok
16:42:55.0205 0x0f18 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:42:55.0206 0x0f18 ksthunk - ok
16:42:55.0233 0x0f18 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:42:55.0242 0x0f18 KtmRm - ok
16:42:55.0283 0x0f18 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:42:55.0287 0x0f18 LanmanServer - ok
16:42:55.0304 0x0f18 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:42:55.0307 0x0f18 LanmanWorkstation - ok
16:42:55.0342 0x0f18 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:42:55.0343 0x0f18 lltdio - ok
16:42:55.0366 0x0f18 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:42:55.0374 0x0f18 lltdsvc - ok
16:42:55.0390 0x0f18 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:42:55.0391 0x0f18 lmhosts - ok
16:42:55.0433 0x0f18 [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:42:55.0454 0x0f18 LMS - ok
16:42:55.0476 0x0f18 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:42:55.0480 0x0f18 LSI_FC - ok
16:42:55.0500 0x0f18 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:42:55.0504 0x0f18 LSI_SAS - ok
16:42:55.0514 0x0f18 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:42:55.0516 0x0f18 LSI_SAS2 - ok
16:42:55.0529 0x0f18 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:42:55.0533 0x0f18 LSI_SCSI - ok
16:42:55.0540 0x0f18 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:42:55.0542 0x0f18 luafv - ok
16:42:55.0830 0x0f18 [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
16:42:56.0016 0x0f18 MBAMService - ok
16:42:56.0045 0x0f18 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:42:56.0048 0x0f18 Mcx2Svc - ok
16:42:56.0081 0x0f18 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:42:56.0083 0x0f18 megasas - ok
16:42:56.0110 0x0f18 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:42:56.0117 0x0f18 MegaSR - ok
16:42:56.0147 0x0f18 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
16:42:56.0149 0x0f18 MEIx64 - ok
16:42:56.0208 0x0f18 Microsoft SharePoint Workspace Audit Service - ok
16:42:56.0234 0x0f18 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:42:56.0235 0x0f18 MMCSS - ok
16:42:56.0246 0x0f18 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:42:56.0247 0x0f18 Modem - ok
16:42:56.0275 0x0f18 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:42:56.0276 0x0f18 monitor - ok
16:42:56.0286 0x0f18 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:42:56.0287 0x0f18 mouclass - ok
16:42:56.0292 0x0f18 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:42:56.0293 0x0f18 mouhid - ok
16:42:56.0315 0x0f18 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:42:56.0318 0x0f18 mountmgr - ok
16:42:56.0333 0x0f18 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:42:56.0337 0x0f18 mpio - ok
16:42:56.0346 0x0f18 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:42:56.0347 0x0f18 mpsdrv - ok
16:42:56.0397 0x0f18 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:42:56.0408 0x0f18 MpsSvc - ok
16:42:56.0427 0x0f18 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:42:56.0432 0x0f18 MRxDAV - ok
16:42:56.0448 0x0f18 [ FAF015B07E3A2874A790A39B7D2C579F, C614B0E80B38EBF7C670EEB833F5E476B33042097DA07206D6C5EE3E52B9A427 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:42:56.0450 0x0f18 mrxsmb - ok
16:42:56.0468 0x0f18 [ 08E2345DF129082BCDFFDC1440F9C00D, 2ADF69F49DF8C43D4440B6C8A62085C51518CA895A88D37264C60A0B4B1EC55F ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:42:56.0473 0x0f18 mrxsmb10 - ok
16:42:56.0480 0x0f18 [ 108D87409C5812EF47D81E22843E8C9D, CAE9B91B6BD1DF1552463BD63A06288F5D3E0B81B040BC1C7EC0C2A0119CCECA ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:42:56.0482 0x0f18 mrxsmb20 - ok
16:42:56.0493 0x0f18 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:42:56.0496 0x0f18 msahci - ok
16:42:56.0506 0x0f18 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:42:56.0510 0x0f18 msdsm - ok
16:42:56.0531 0x0f18 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:42:56.0590 0x0f18 MSDTC - ok
16:42:56.0676 0x0f18 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:42:56.0676 0x0f18 Msfs - ok
16:42:56.0693 0x0f18 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:42:56.0695 0x0f18 mshidkmdf - ok
16:42:56.0900 0x0f18 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:42:56.0901 0x0f18 msisadrv - ok
16:42:56.0934 0x0f18 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:42:56.0939 0x0f18 MSiSCSI - ok
16:42:56.0941 0x0f18 msiserver - ok
16:42:56.0965 0x0f18 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:42:56.0968 0x0f18 MSKSSRV - ok
16:42:56.0970 0x0f18 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:42:56.0971 0x0f18 MSPCLOCK - ok
16:42:56.0996 0x0f18 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:42:56.0998 0x0f18 MSPQM - ok
16:42:57.0022 0x0f18 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:42:57.0030 0x0f18 MsRPC - ok
16:42:57.0044 0x0f18 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:42:57.0045 0x0f18 mssmbios - ok
16:42:57.0057 0x0f18 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:42:57.0063 0x0f18 MSTEE - ok
16:42:57.0066 0x0f18 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:42:57.0067 0x0f18 MTConfig - ok
16:42:57.0080 0x0f18 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:42:57.0082 0x0f18 Mup - ok
16:42:57.0171 0x0f18 [ CD180A9701D5259E4A30CE25CFF56181, DC34B347D0E15CC95E502B3F5E1A2B9E970B465EA0E317220850A27B5EBB60FF ] MyPublicWiFiService C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe
16:42:57.0181 0x0f18 MyPublicWiFiService - ok
16:42:57.0233 0x0f18 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:42:57.0258 0x0f18 napagent - ok
16:42:57.0308 0x0f18 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:42:57.0313 0x0f18 NativeWifiP - ok
16:42:57.0364 0x0f18 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:42:57.0395 0x0f18 NDIS - ok
16:42:57.0418 0x0f18 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:42:57.0420 0x0f18 NdisCap - ok
16:42:57.0454 0x0f18 [ DE7A0EC26C6992954667FF7FD8EFC277, DD0443739F4526E0620CAF669F76D321981C974413BF22BC2FFB4A72EE262E15 ] ndiskhaz C:\Windows\system32\DRIVERS\ndiskhaz.sys
16:42:57.0455 0x0f18 ndiskhaz - ok
16:42:57.0471 0x0f18 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:42:57.0472 0x0f18 NdisTapi - ok
16:42:57.0507 0x0f18 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:42:57.0508 0x0f18 Ndisuio - ok
16:42:57.0538 0x0f18 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:42:57.0540 0x0f18 NdisWan - ok
16:42:57.0554 0x0f18 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:42:57.0555 0x0f18 NDProxy - ok
16:42:57.0726 0x0f18 [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
16:42:57.0739 0x0f18 Nero BackItUp Scheduler 4.0 - ok
16:42:57.0771 0x0f18 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:42:57.0772 0x0f18 NetBIOS - ok
16:42:57.0805 0x0f18 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:42:57.0809 0x0f18 NetBT - ok
16:42:57.0835 0x0f18 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
16:42:57.0836 0x0f18 Netlogon - ok
16:42:57.0875 0x0f18 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:42:57.0881 0x0f18 Netman - ok
16:42:57.0931 0x0f18 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:57.0954 0x0f18 NetMsmqActivator - ok
16:42:57.0958 0x0f18 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:57.0960 0x0f18 NetPipeActivator - ok
16:42:57.0982 0x0f18 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:42:57.0989 0x0f18 netprofm - ok
16:42:58.0179 0x0f18 [ 86B56851FD68ADD6DC224EA36F8EFE92, 1842701DF25069A105F511BE9D12D23F7617E49A18C5F3828D8C30F62BB99ADC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
16:42:58.0209 0x0f18 netr28ux - ok
16:42:58.0256 0x0f18 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:58.0258 0x0f18 NetTcpActivator - ok
16:42:58.0263 0x0f18 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:58.0265 0x0f18 NetTcpPortSharing - ok
16:42:58.0303 0x0f18 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:42:58.0306 0x0f18 nfrd960 - ok
16:42:58.0335 0x0f18 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:42:58.0340 0x0f18 NlaSvc - ok
16:42:58.0355 0x0f18 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:42:58.0356 0x0f18 Npfs - ok
16:42:58.0385 0x0f18 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:42:58.0386 0x0f18 nsi - ok
16:42:58.0395 0x0f18 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:42:58.0396 0x0f18 nsiproxy - ok
16:42:58.0444 0x0f18 [ 05D78AA5CB5F3F5C31160BDB955D0B7C, E3CD3FAF52ED11A8FB96D667510F1EDCA49053705AA3A13F560F8F6EC995CA45 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:42:58.0495 0x0f18 Ntfs - ok
16:42:58.0512 0x0f18 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:42:58.0513 0x0f18 Null - ok
16:42:58.0541 0x0f18 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:42:58.0545 0x0f18 nvraid - ok
16:42:58.0563 0x0f18 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:42:58.0567 0x0f18 nvstor - ok
16:42:58.0585 0x0f18 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:42:58.0588 0x0f18 nv_agp - ok
16:42:58.0600 0x0f18 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:42:58.0602 0x0f18 ohci1394 - ok
16:42:58.0647 0x0f18 [ 4628C852B721472918C0F07C954AD11D, C3970EC979CCBDB03D38C1DF606FC3437A85CEA2F3B56A2F03C32FDE4DFE9046 ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv2.exe
16:42:58.0649 0x0f18 OpenVPNService - ok
16:42:58.0671 0x0f18 [ 35BA1F08E93D79BE1127A435A2FD38C2, 5ACB3F284E83579AE6B5EBA087BA2E13F89A848E018638E2F642518078FFBBFE ] OpenVPNServiceInteractive C:\Program Files\OpenVPN\bin\openvpnserv.exe
16:42:58.0672 0x0f18 OpenVPNServiceInteractive - ok
16:42:58.0676 0x0f18 [ 35BA1F08E93D79BE1127A435A2FD38C2, 5ACB3F284E83579AE6B5EBA087BA2E13F89A848E018638E2F642518078FFBBFE ] OpenVPNServiceLegacy C:\Program Files\OpenVPN\bin\openvpnserv.exe
16:42:58.0677 0x0f18 OpenVPNServiceLegacy - ok
16:42:58.0715 0x0f18 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:42:58.0720 0x0f18 ose - ok
16:42:59.0146 0x0f18 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:42:59.0344 0x0f18 osppsvc - ok
16:42:59.0389 0x0f18 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:42:59.0399 0x0f18 p2pimsvc - ok
16:42:59.0433 0x0f18 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:42:59.0454 0x0f18 p2psvc - ok
16:42:59.0478 0x0f18 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:42:59.0492 0x0f18 Parport - ok
16:42:59.0502 0x0f18 [ 871EADAC56B0A4C6512BBE32753CCF79, F9FD9DBA55274BB72B897550988DCDFD0F2D9367BE641DFDE07D240052DDC180 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:42:59.0506 0x0f18 partmgr - ok
16:42:59.0520 0x0f18 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:42:59.0538 0x0f18 PcaSvc - ok
16:42:59.0557 0x0f18 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:42:59.0572 0x0f18 pci - ok
16:42:59.0586 0x0f18 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:42:59.0588 0x0f18 pciide - ok
16:42:59.0606 0x0f18 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:42:59.0616 0x0f18 pcmcia - ok
16:42:59.0633 0x0f18 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:42:59.0636 0x0f18 pcw - ok
16:42:59.0671 0x0f18 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:42:59.0691 0x0f18 PEAUTH - ok
16:42:59.0845 0x0f18 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:42:59.0886 0x0f18 PeerDistSvc - ok
16:43:00.0086 0x0f18 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:43:00.0097 0x0f18 PerfHost - ok
16:43:00.0263 0x0f18 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:43:00.0341 0x0f18 pla - ok
16:43:00.0395 0x0f18 [ B806E50427511BCF4AD8E8239C3E25FA, AB89B48ECCF90F701B314D18BE531CDA5ABE1636C17B994A5E4BE5AAC136B4E3 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:43:00.0409 0x0f18 PlugPlay - ok
16:43:00.0420 0x0f18 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:43:00.0423 0x0f18 PNRPAutoReg - ok
16:43:00.0452 0x0f18 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:43:00.0463 0x0f18 PNRPsvc - ok
16:43:00.0540 0x0f18 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:43:00.0563 0x0f18 PolicyAgent - ok
16:43:00.0581 0x0f18 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:43:00.0585 0x0f18 Power - ok
16:43:00.0617 0x0f18 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:43:00.0619 0x0f18 PptpMiniport - ok
16:43:00.0647 0x0f18 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:43:00.0650 0x0f18 Processor - ok
16:43:00.0676 0x0f18 [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc C:\Windows\system32\profsvc.dll
16:43:00.0684 0x0f18 ProfSvc - ok
16:43:00.0693 0x0f18 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:43:00.0695 0x0f18 ProtectedStorage - ok
16:43:00.0727 0x0f18 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:43:00.0731 0x0f18 Psched - ok
16:43:00.0804 0x0f18 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:43:00.0901 0x0f18 ql2300 - ok
16:43:00.0937 0x0f18 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:43:00.0940 0x0f18 ql40xx - ok
16:43:01.0159 0x0f18 [ E39ED1EA1A5039C86FB94B0CBC619D2B, 31F0DB46E6D00416C25CAA4AF1682F34F0093C4B6DB001AF1349796B3D241F72 ] QMEmulatorService D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
16:43:01.0170 0x0f18 QMEmulatorService - ok
16:43:01.0229 0x0f18 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:43:01.0245 0x0f18 QWAVE - ok
16:43:01.0258 0x0f18 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:43:01.0262 0x0f18 QWAVEdrv - ok
16:43:01.0266 0x0f18 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:43:01.0268 0x0f18 RasAcd - ok
16:43:01.0309 0x0f18 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:43:01.0312 0x0f18 RasAgileVpn - ok
16:43:01.0340 0x0f18 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:43:01.0347 0x0f18 RasAuto - ok
16:43:01.0371 0x0f18 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:43:01.0375 0x0f18 Rasl2tp - ok
16:43:01.0436 0x0f18 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:43:01.0448 0x0f18 RasMan - ok
16:43:01.0499 0x0f18 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:43:01.0502 0x0f18 RasPppoe - ok
16:43:01.0517 0x0f18 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:43:01.0520 0x0f18 RasSstp - ok
16:43:01.0552 0x0f18 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:43:01.0561 0x0f18 rdbss - ok
16:43:01.0582 0x0f18 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:43:01.0583 0x0f18 rdpbus - ok
16:43:01.0615 0x0f18 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:43:01.0616 0x0f18 RDPCDD - ok
16:43:01.0644 0x0f18 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:43:01.0653 0x0f18 RDPDR - ok
16:43:01.0668 0x0f18 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:43:01.0669 0x0f18 RDPENCDD - ok
16:43:01.0684 0x0f18 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:43:01.0685 0x0f18 RDPREFMP - ok
16:43:01.0706 0x0f18 [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:43:01.0708 0x0f18 RdpVideoMiniport - ok
16:43:01.0728 0x0f18 [ 15B66C206B5CB095BAB980553F38ED23, 3CA50786A8D3D6BAF145AFD22C1ED92C2EB39F5D6AF4F6B09B69610FDE0C5B24 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:43:01.0749 0x0f18 RDPWD - ok
16:43:01.0777 0x0f18 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:43:01.0798 0x0f18 rdyboost - ok
16:43:01.0812 0x0f18 [ 7D6D5BA7C96F07258FE3988B5469E14D, DF51BC33DB471939FB8A20B829CA9BE26C6E7EF5F7768EF436BA805FAC9CFCA2 ] RegFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
16:43:01.0815 0x0f18 RegFilter - ok
16:43:01.0843 0x0f18 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:43:01.0849 0x0f18 RemoteAccess - ok
16:43:01.0893 0x0f18 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:43:01.0901 0x0f18 RemoteRegistry - ok
16:43:01.0925 0x0f18 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:43:01.0929 0x0f18 RpcEptMapper - ok
16:43:01.0948 0x0f18 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:43:01.0963 0x0f18 RpcLocator - ok
16:43:01.0998 0x0f18 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:43:02.0015 0x0f18 RpcSs - ok
16:43:02.0034 0x0f18 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:43:02.0037 0x0f18 rspndr - ok
16:43:02.0211 0x0f18 [ EF91E0806C01806C3CF62AF006901127, 1F49D57B6598EF0923DF70FD31B755B29D5ED4D38840D7619D3399B759FD579F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:43:02.0224 0x0f18 RTL8167 - ok
16:43:02.0253 0x0f18 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:43:02.0269 0x0f18 s3cap - ok
16:43:02.0289 0x0f18 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
16:43:02.0292 0x0f18 SamSs - ok
16:43:02.0365 0x0f18 [ 06223E155B363A9D51AD26B2ECA92576, 016BB196FF3A2AB12B5039983C68CDB7B71A19E2517F97C4333350E7C170E2DF ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
16:43:02.0374 0x0f18 SbieDrv - ok
16:43:02.0400 0x0f18 [ 538E59BB39E6303412A6973DD58F4B73, F41FBFCFD2B912C3052DECA53CCA98045CF161326D786F52C6C8D59586245BE5 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
16:43:02.0410 0x0f18 SbieSvc - ok
16:43:02.0424 0x0f18 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:43:02.0428 0x0f18 sbp2port - ok
16:43:02.0454 0x0f18 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:43:02.0461 0x0f18 SCardSvr - ok
16:43:02.0483 0x0f18 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:43:02.0485 0x0f18 scfilter - ok
16:43:02.0546 0x0f18 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:43:02.0565 0x0f18 Schedule - ok
16:43:02.0588 0x0f18 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:43:02.0590 0x0f18 SCPolicySvc - ok
16:43:02.0634 0x0f18 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:43:02.0652 0x0f18 SDRSVC - ok
16:43:02.0684 0x0f18 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:43:02.0686 0x0f18 secdrv - ok
16:43:02.0703 0x0f18 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:43:02.0713 0x0f18 seclogon - ok
16:43:02.0739 0x0f18 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:43:02.0743 0x0f18 SENS - ok
16:43:02.0757 0x0f18 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:43:02.0762 0x0f18 SensrSvc - ok
16:43:02.0766 0x0f18 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:43:02.0768 0x0f18 Serenum - ok
16:43:02.0790 0x0f18 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:43:02.0794 0x0f18 Serial - ok
16:43:02.0826 0x0f18 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:43:02.0829 0x0f18 sermouse - ok
16:43:02.0855 0x0f18 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:43:02.0863 0x0f18 SessionEnv - ok
16:43:02.0867 0x0f18 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:43:02.0869 0x0f18 sffdisk - ok
16:43:02.0873 0x0f18 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:43:02.0875 0x0f18 sffp_mmc - ok
16:43:02.0880 0x0f18 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:43:02.0882 0x0f18 sffp_sd - ok
16:43:02.0886 0x0f18 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:43:02.0888 0x0f18 sfloppy - ok
16:43:02.0943 0x0f18 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:43:02.0955 0x0f18 SharedAccess - ok
16:43:02.0988 0x0f18 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:43:02.0994 0x0f18 ShellHWDetection - ok
16:43:03.0035 0x0f18 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:43:03.0050 0x0f18 SiSRaid2 - ok
16:43:03.0073 0x0f18 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:43:03.0077 0x0f18 SiSRaid4 - ok
16:43:03.0107 0x0f18 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:43:03.0112 0x0f18 Smb - ok
16:43:03.0148 0x0f18 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:43:03.0150 0x0f18 SNMPTRAP - ok
16:43:03.0166 0x0f18 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:43:03.0168 0x0f18 spldr - ok
16:43:03.0198 0x0f18 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
16:43:03.0208 0x0f18 Spooler - ok
16:43:03.0466 0x0f18 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:43:03.0588 0x0f18 sppsvc - ok
16:43:03.0625 0x0f18 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:43:03.0630 0x0f18 sppuinotify - ok
16:43:03.0659 0x0f18 [ 2098B8556D1CEC2ACA9A29CD479E3692, D5826407C64F18C16EB36E6F00787CFAFCD9B24B5BD8AD126AD01E6E4134966F ] srv C:\Windows\system32\DRIVERS\srv.sys
16:43:03.0671 0x0f18 srv - ok
16:43:03.0711 0x0f18 [ D0F73A42040F21F92FD314B42AC5C9E7, A021C4318C9CFA594305458B2643BB0C22DDE1F3D51C93C9F3E7F7AB75B31278 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:43:03.0723 0x0f18 srv2 - ok
16:43:03.0745 0x0f18 [ 2BA8F3250828CCDB4204ECF2C6F40B6A, 22C4FBF9A87C46E69C48B681FF733D68D9CB7B7D73FB14C8C2A06E9009F9860E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:43:03.0750 0x0f18 srvnet - ok
16:43:03.0800 0x0f18 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:43:03.0808 0x0f18 SSDPSRV - ok
16:43:03.0815 0x0f18 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:43:03.0820 0x0f18 SstpSvc - ok
16:43:03.0835 0x0f18 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:43:03.0837 0x0f18 stexstor - ok
16:43:03.0880 0x0f18 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:43:03.0914 0x0f18 stisvc - ok
16:43:03.0939 0x0f18 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:43:03.0942 0x0f18 storflt - ok
16:43:03.0968 0x0f18 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:43:03.0972 0x0f18 storvsc - ok
16:43:03.0994 0x0f18 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:43:03.0995 0x0f18 swenum - ok
16:43:04.0160 0x0f18 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:43:04.0175 0x0f18 SwitchBoard - ok
16:43:04.0245 0x0f18 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:43:04.0276 0x0f18 swprv - ok
16:43:04.0305 0x0f18 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
16:43:04.0310 0x0f18 Synth3dVsc - ok
16:43:04.0385 0x0f18 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:43:04.0411 0x0f18 SysMain - ok
16:43:04.0436 0x0f18 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:43:04.0445 0x0f18 TabletInputService - ok
16:43:04.0494 0x0f18 [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
16:43:04.0495 0x0f18 tap0901 - ok
16:43:04.0528 0x0f18 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:43:04.0539 0x0f18 TapiSrv - ok
16:43:04.0551 0x0f18 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:43:04.0555 0x0f18 TBS - ok
16:43:04.0642 0x0f18 [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:43:04.0711 0x0f18 Tcpip - ok
16:43:04.0802 0x0f18 [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:43:04.0827 0x0f18 TCPIP6 - ok
16:43:04.0839 0x0f18 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:43:04.0840 0x0f18 tcpipreg - ok
16:43:04.0866 0x0f18 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:43:04.0867 0x0f18 TDPIPE - ok
16:43:04.0870 0x0f18 [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:43:04.0872 0x0f18 TDTCP - ok
16:43:04.0876 0x0f18 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:43:04.0878 0x0f18 tdx - ok
16:43:04.0898 0x0f18 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:43:04.0899 0x0f18 TermDD - ok
16:43:04.0915 0x0f18 [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt C:\Windows\system32\drivers\terminpt.sys
16:43:04.0919 0x0f18 terminpt - ok
16:43:04.0975 0x0f18 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
16:43:05.0012 0x0f18 TermService - ok
16:43:05.0025 0x0f18 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:43:05.0028 0x0f18 Themes - ok
16:43:05.0041 0x0f18 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:43:05.0042 0x0f18 THREADORDER - ok
16:43:05.0054 0x0f18 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:43:05.0057 0x0f18 TrkWks - ok
16:43:05.0116 0x0f18 [ F7920CAD85B55E61CE3641922E9E41C4, E2F47979D04B40CE8E7E526EE362933857AB3295A71666FD038805C059D27D3D ] Trufos C:\Windows\system32\DRIVERS\TRUFOS.sys
16:43:05.0147 0x0f18 Trufos - ok
16:43:05.0201 0x0f18 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:43:05.0211 0x0f18 TrustedInstaller - ok
16:43:05.0226 0x0f18 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:43:05.0229 0x0f18 tssecsrv - ok
16:43:05.0244 0x0f18 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:43:05.0247 0x0f18 TsUsbFlt - ok
16:43:05.0259 0x0f18 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:43:05.0261 0x0f18 TsUsbGD - ok
16:43:05.0282 0x0f18 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
16:43:05.0286 0x0f18 tsusbhub - ok
16:43:05.0313 0x0f18 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:43:05.0317 0x0f18 tunnel - ok
16:43:05.0323 0x0f18 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:43:05.0327 0x0f18 uagp35 - ok
16:43:05.0355 0x0f18 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:43:05.0385 0x0f18 udfs - ok
16:43:05.0415 0x0f18 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:43:05.0419 0x0f18 UI0Detect - ok
16:43:05.0453 0x0f18 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:43:05.0457 0x0f18 uliagpkx - ok
16:43:05.0476 0x0f18 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:43:05.0478 0x0f18 umbus - ok
16:43:05.0489 0x0f18 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:43:05.0491 0x0f18 UmPass - ok
16:43:05.0519 0x0f18 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:43:05.0539 0x0f18 UmRdpService - ok
16:43:05.0569 0x0f18 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:43:05.0581 0x0f18 upnphost - ok
16:43:05.0594 0x0f18 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:43:05.0598 0x0f18 usbccgp - ok
16:43:05.0622 0x0f18 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:43:05.0626 0x0f18 usbcir - ok
16:43:05.0644 0x0f18 [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:43:05.0646 0x0f18 usbehci - ok
16:43:05.0670 0x0f18 [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:43:05.0681 0x0f18 usbhub - ok
16:43:05.0692 0x0f18 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:43:05.0694 0x0f18 usbohci - ok
16:43:05.0699 0x0f18 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:43:05.0701 0x0f18 usbprint - ok
16:43:05.0712 0x0f18 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:43:05.0716 0x0f18 USBSTOR - ok
16:43:05.0719 0x0f18 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:43:05.0720 0x0f18 usbuhci - ok
16:43:05.0739 0x0f18 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:43:05.0741 0x0f18 UxSms - ok
16:43:05.0746 0x0f18 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
16:43:05.0748 0x0f18 VaultSvc - ok
16:43:05.0770 0x0f18 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:43:05.0772 0x0f18 vdrvroot - ok
16:43:05.0808 0x0f18 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:43:05.0859 0x0f18 vds - ok
16:43:05.0895 0x0f18 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:43:05.0896 0x0f18 vga - ok
16:43:05.0920 0x0f18 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:43:05.0921 0x0f18 VgaSave - ok
16:43:05.0923 0x0f18 VGPU - ok
16:43:05.0957 0x0f18 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:43:05.0966 0x0f18 vhdmp - ok
16:43:05.0981 0x0f18 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:43:05.0984 0x0f18 viaide - ok
16:43:05.0999 0x0f18 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:43:06.0008 0x0f18 vmbus - ok
16:43:06.0038 0x0f18 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:43:06.0054 0x0f18 VMBusHID - ok
16:43:06.0094 0x0f18 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:43:06.0100 0x0f18 volmgr - ok
16:43:06.0175 0x0f18 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:43:06.0203 0x0f18 volmgrx - ok
16:43:06.0218 0x0f18 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:43:06.0230 0x0f18 volsnap - ok
16:43:06.0237 0x0f18 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:43:06.0242 0x0f18 vsmraid - ok
16:43:06.0298 0x0f18 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:43:06.0349 0x0f18 VSS - ok
16:43:06.0360 0x0f18 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:43:06.0361 0x0f18 vwifibus - ok
16:43:06.0365 0x0f18 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:43:06.0366 0x0f18 vwififlt - ok
16:43:06.0389 0x0f18 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:43:06.0390 0x0f18 vwifimp - ok
16:43:06.0414 0x0f18 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:43:06.0432 0x0f18 W32Time - ok
16:43:06.0449 0x0f18 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:43:06.0451 0x0f18 WacomPen - ok
16:43:06.0475 0x0f18 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:43:06.0478 0x0f18 WANARP - ok
16:43:06.0490 0x0f18 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:43:06.0493 0x0f18 Wanarpv6 - ok
16:43:06.0566 0x0f18 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:43:06.0616 0x0f18 WatAdminSvc - ok
16:43:06.0708 0x0f18 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:43:06.0777 0x0f18 wbengine - ok
16:43:06.0785 0x0f18 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:43:06.0791 0x0f18 WbioSrvc - ok
16:43:06.0816 0x0f18 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:43:06.0825 0x0f18 wcncsvc - ok
16:43:06.0840 0x0f18 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:43:06.0843 0x0f18 WcsPlugInService - ok
16:43:06.0866 0x0f18 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:43:06.0869 0x0f18 Wd - ok
16:43:06.0926 0x0f18 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:43:06.0974 0x0f18 Wdf01000 - ok
16:43:07.0004 0x0f18 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:43:07.0006 0x0f18 WdiServiceHost - ok
16:43:07.0015 0x0f18 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:43:07.0019 0x0f18 WdiSystemHost - ok
16:43:07.0066 0x0f18 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
16:43:07.0079 0x0f18 WebClient - ok
16:43:07.0102 0x0f18 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:43:07.0121 0x0f18 Wecsvc - ok
16:43:07.0138 0x0f18 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:43:07.0144 0x0f18 wercplsupport - ok
16:43:07.0152 0x0f18 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:43:07.0157 0x0f18 WerSvc - ok
16:43:07.0177 0x0f18 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:43:07.0178 0x0f18 WfpLwf - ok
16:43:07.0196 0x0f18 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:43:07.0206 0x0f18 WIMMount - ok
16:43:07.0224 0x0f18 WinDefend - ok
16:43:07.0236 0x0f18 WinHttpAutoProxySvc - ok
16:43:07.0318 0x0f18 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:43:07.0329 0x0f18 Winmgmt - ok
16:43:07.0445 0x0f18 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:43:07.0530 0x0f18 WinRM - ok
16:43:07.0583 0x0f18 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:43:07.0596 0x0f18 Wlansvc - ok
16:43:07.0630 0x0f18 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:43:07.0631 0x0f18 WmiAcpi - ok
16:43:07.0678 0x0f18 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:43:07.0686 0x0f18 wmiApSrv - ok
16:43:07.0698 0x0f18 WMPNetworkSvc - ok
16:43:07.0719 0x0f18 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:43:07.0723 0x0f18 WPCSvc - ok
16:43:07.0736 0x0f18 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:43:07.0741 0x0f18 WPDBusEnum - ok
16:43:07.0756 0x0f18 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:43:07.0776 0x0f18 ws2ifsl - ok
16:43:07.0793 0x0f18 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:43:07.0800 0x0f18 wscsvc - ok
16:43:07.0803 0x0f18 WSearch - ok
16:43:07.0897 0x0f18 [ 9DF12EDBC698B0BC353B3EF84861E430, 5777972DC6242096EE2D4DAEEFC822DE9077560322DED7B9696BB23B7C240403 ] wuauserv C:\Windows\system32\wuaueng.dll
16:43:08.0012 0x0f18 wuauserv - ok
16:43:08.0019 0x0f18 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:43:08.0021 0x0f18 WudfPf - ok
16:43:08.0082 0x0f18 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:43:08.0089 0x0f18 WUDFRd - ok
16:43:08.0113 0x0f18 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:43:08.0117 0x0f18 wudfsvc - ok
16:43:08.0160 0x0f18 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:43:08.0191 0x0f18 WwanSvc - ok
16:43:08.0193 0x0f18 xhunter1 - ok
16:43:08.0541 0x0f18 [ 3C68ADDE2437FB45CFE71FD8C33C4919, 7F19F51F3664BE5FDD79BCF216DF8D1D1BC3015D522E989DD592BFA1AB3DFE8B ] YSDrv C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
16:43:08.0629 0x0f18 YSDrv - ok
16:43:08.0636 0x0f18 ================ Scan global ===============================
16:43:08.0665 0x0f18 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:43:08.0689 0x0f18 [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
16:43:08.0729 0x0f18 [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
16:43:08.0778 0x0f18 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:43:08.0843 0x0f18 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:43:08.0855 0x0f18 [ Global ] - ok
16:43:08.0855 0x0f18 ================ Scan MBR ==================================
16:43:08.0857 0x0f18 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:43:08.0869 0x0f18 \Device\Harddisk0\DR0 - ok
16:43:08.0888 0x0f18 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:43:09.0471 0x0f18 \Device\Harddisk1\DR1 - ok
16:43:09.0471 0x0f18 ================ Scan VBR ==================================
16:43:09.0473 0x0f18 [ 8F32038A23A527574E7BAB336D4F3935 ] \Device\Harddisk0\DR0\Partition1
16:43:09.0475 0x0f18 \Device\Harddisk0\DR0\Partition1 - ok
16:43:09.0490 0x0f18 [ 7DD178FC0E1AB2697CA667095E5689FB ] \Device\Harddisk1\DR1\Partition1
16:43:09.0522 0x0f18 \Device\Harddisk1\DR1\Partition1 - ok
16:43:09.0537 0x0f18 [ BA8BAE47EAACC58AB58A6A118BF31FE4 ] \Device\Harddisk1\DR1\Partition2
16:43:09.0553 0x0f18 \Device\Harddisk1\DR1\Partition2 - ok
16:43:09.0575 0x0f18 [ 18169DB56AF0BBC8A231212B891C0BAE ] \Device\Harddisk1\DR1\Partition3
16:43:09.0603 0x0f18 \Device\Harddisk1\DR1\Partition3 - ok
16:43:09.0603 0x0f18 ================ Scan active images ========================
16:43:09.0605 0x0f18 [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
16:43:09.0605 0x0f18 C:\Windows\System32\drivers\crashdmp.sys - ok
16:43:09.0609 0x0f18 [ 839B5FE3D48E9F35B22C21A3D5103F6C, A9CEA695E43092B72B0E988063E00A7C0BCE90095344E9A2F380218482BCE77F ] C:\Windows\System32\drivers\Dumpata.sys
16:43:09.0609 0x0f18 C:\Windows\System32\drivers\Dumpata.sys - ok
16:43:09.0613 0x0f18 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] C:\Windows\System32\drivers\atapi.sys
16:43:09.0613 0x0f18 C:\Windows\System32\drivers\atapi.sys - ok
16:43:09.0616 0x0f18 [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
16:43:09.0616 0x0f18 C:\Windows\System32\drivers\dumpfve.sys - ok
16:43:09.0620 0x0f18 [ 5697EA0244BA083A00E0D50B864B1F15, D176FD67F9E736CD4A36DDE3E8D278ECA80A0668B21433CD3D0BD04D50AB3660 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFMBRProtect.sys
16:43:09.0620 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFMBRProtect.sys - ok
16:43:09.0624 0x0f18 [ C2689A3972DEACF8278F6C1FA48A7D43, 2549B9B68BD5A1FC74658C38F0960FD5DB9B97A62341B0F5A4588AB90775073B ] C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFSafeBox.sys
16:43:09.0624 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFSafeBox.sys - ok
16:43:09.0628 0x0f18 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
16:43:09.0628 0x0f18 C:\Windows\System32\drivers\cdrom.sys - ok
16:43:09.0632 0x0f18 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
16:43:09.0632 0x0f18 C:\Windows\System32\drivers\beep.sys - ok
16:43:09.0635 0x0f18 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
16:43:09.0635 0x0f18 C:\Windows\System32\drivers\null.sys - ok
16:43:09.0639 0x0f18 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
16:43:09.0639 0x0f18 C:\Windows\System32\drivers\vga.sys - ok
16:43:09.0643 0x0f18 [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
16:43:09.0643 0x0f18 C:\Windows\System32\drivers\videoprt.sys - ok
16:43:09.0646 0x0f18 [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
16:43:09.0647 0x0f18 C:\Windows\System32\drivers\watchdog.sys - ok
16:43:09.0649 0x0f18 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
16:43:09.0649 0x0f18 C:\Windows\System32\drivers\msfs.sys - ok
16:43:09.0651 0x0f18 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
16:43:09.0651 0x0f18 C:\Windows\System32\drivers\npfs.sys - ok
16:43:09.0653 0x0f18 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
16:43:09.0653 0x0f18 C:\Windows\System32\drivers\RDPCDD.sys - ok
16:43:09.0654 0x0f18 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
16:43:09.0654 0x0f18 C:\Windows\System32\drivers\RDPENCDD.sys - ok
16:43:09.0656 0x0f18 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
16:43:09.0656 0x0f18 C:\Windows\System32\drivers\RDPREFMP.sys - ok
16:43:09.0658 0x0f18 [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
16:43:09.0658 0x0f18 C:\Windows\System32\drivers\tdi.sys - ok
16:43:09.0660 0x0f18 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
16:43:09.0660 0x0f18 C:\Windows\System32\drivers\tdx.sys - ok
16:43:09.0662 0x0f18 [ D31DC7A16DEA4A9BAF179F3D6FBDB38C, 532678D86E3E667F2E789C4873565E0B92C549A93F10802BB6D5B505CA3238CE ] C:\Windows\System32\drivers\afd.sys
16:43:09.0662 0x0f18 C:\Windows\System32\drivers\afd.sys - ok
16:43:09.0664 0x0f18 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
16:43:09.0664 0x0f18 C:\Windows\System32\drivers\netbt.sys - ok
16:43:09.0666 0x0f18 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
16:43:09.0666 0x0f18 C:\Windows\System32\drivers\pacer.sys - ok
16:43:09.0667 0x0f18 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
16:43:09.0667 0x0f18 C:\Windows\System32\drivers\wfplwf.sys - ok
16:43:09.0669 0x0f18 [ DE7A0EC26C6992954667FF7FD8EFC277, DD0443739F4526E0620CAF669F76D321981C974413BF22BC2FFB4A72EE262E15 ] C:\Windows\System32\drivers\ndiskhaz.sys
16:43:09.0669 0x0f18 C:\Windows\System32\drivers\ndiskhaz.sys - ok
16:43:09.0671 0x0f18 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
16:43:09.0671 0x0f18 C:\Windows\System32\drivers\vwififlt.sys - ok
16:43:09.0673 0x0f18 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
16:43:09.0673 0x0f18 C:\Windows\System32\drivers\netbios.sys - ok
16:43:09.0675 0x0f18 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] C:\Windows\System32\drivers\serial.sys
16:43:09.0675 0x0f18 C:\Windows\System32\drivers\serial.sys - ok
16:43:09.0677 0x0f18 [ 3C68ADDE2437FB45CFE71FD8C33C4919, 7F19F51F3664BE5FDD79BCF216DF8D1D1BC3015D522E989DD592BFA1AB3DFE8B ] C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys
16:43:09.0677 0x0f18 C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys - ok
16:43:09.0679 0x0f18 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
16:43:09.0679 0x0f18 C:\Windows\System32\drivers\wanarp.sys - ok
16:43:09.0681 0x0f18 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
16:43:09.0681 0x0f18 C:\Windows\System32\drivers\nsiproxy.sys - ok
16:43:09.0682 0x0f18 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
16:43:09.0682 0x0f18 C:\Windows\System32\drivers\rdbss.sys - ok
16:43:09.0684 0x0f18 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
16:43:09.0684 0x0f18 C:\Windows\System32\drivers\termdd.sys - ok
16:43:09.0686 0x0f18 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
16:43:09.0686 0x0f18 C:\Windows\System32\drivers\mssmbios.sys - ok
16:43:09.0687 0x0f18 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
16:43:09.0688 0x0f18 C:\Windows\System32\drivers\discache.sys - ok
16:43:09.0689 0x0f18 [ D9CF8609CF87E28629F2072FFF5611C6, C4CFFBC82F69DD0E8D8A65100848F7E4A2F065EC37B7FB7906567688F0EC7ED1 ] C:\Windows\System32\drivers\IMFCameraProtect.sys
16:43:09.0689 0x0f18 C:\Windows\System32\drivers\IMFCameraProtect.sys - ok
16:43:09.0691 0x0f18 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] C:\Windows\System32\drivers\csc.sys
16:43:09.0691 0x0f18 C:\Windows\System32\drivers\csc.sys - ok
16:43:09.0693 0x0f18 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
16:43:09.0693 0x0f18 C:\Windows\System32\drivers\blbdrive.sys - ok
16:43:09.0694 0x0f18 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
16:43:09.0695 0x0f18 C:\Windows\System32\drivers\dfsc.sys - ok
16:43:09.0696 0x0f18 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
16:43:09.0696 0x0f18 C:\Windows\System32\drivers\tunnel.sys - ok
16:43:09.0698 0x0f18 [ 0BD67C5B7B2A6A6ADA81DC9EFBD9EF63, 1B0AA9C241EABA0A0D6A9C70566893034F08292133BACB662586876B5D39B780 ] C:\Windows\System32\drivers\atikmpag.sys
16:43:09.0698 0x0f18 C:\Windows\System32\drivers\atikmpag.sys - ok
16:43:09.0700 0x0f18 [ 3556D5A8BF2CC508BDAB51DEC38D7C61, 91E3D98AD3119E8ADDF8D2AA1DD6795162842FFF7101E4C70C5137E847B4FF50 ] C:\Windows\System32\ntdll.dll
16:43:09.0700 0x0f18 C:\Windows\System32\ntdll.dll - ok
16:43:09.0701 0x0f18 [ 1911A3356FA3F77CCC825CCBAC038C2A, 6ED135B792C81D78B33A57F0F4770DB6105C9ED3E2193629CB3EC38BFD5B7E1B ] C:\Windows\System32\smss.exe
16:43:09.0701 0x0f18 C:\Windows\System32\smss.exe - ok
16:43:09.0703 0x0f18 [ B731548D89A3DB08753BD36D5CBD5396, 88631860DC73A152305C400CA68F5216E972427912E1D60D0265426E5C3D33D1 ] C:\Windows\System32\drivers\atikmdag.sys
16:43:09.0703 0x0f18 C:\Windows\System32\drivers\atikmdag.sys - ok
16:43:09.0705 0x0f18 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] C:\Windows\System32\drivers\dxgkrnl.sys
16:43:09.0705 0x0f18 C:\Windows\System32\drivers\dxgkrnl.sys - ok
16:43:09.0706 0x0f18 [ 9CD68BDDF322535C02ADC8331013D13D, B887338E0C1033C93C9F157C69D5C47B05C7B27A91C9481CA8B72BDD514E9651 ] C:\Windows\System32\drivers\dxgmms1.sys
16:43:09.0706 0x0f18 C:\Windows\System32\drivers\dxgmms1.sys - ok
16:43:09.0708 0x0f18 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
16:43:09.0708 0x0f18 C:\Windows\System32\drivers\hdaudbus.sys - ok
16:43:09.0711 0x0f18 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] C:\Windows\System32\drivers\TeeDriverx64.sys
16:43:09.0711 0x0f18 C:\Windows\System32\drivers\TeeDriverx64.sys - ok
16:43:09.0713 0x0f18 [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] C:\Windows\System32\drivers\usbehci.sys
16:43:09.0713 0x0f18 C:\Windows\System32\drivers\usbehci.sys - ok
16:43:09.0715 0x0f18 [ B6D64EE607637301FF8C33139B4950DE, E7FE3EC3DA3CABDBBE2C23BAA5FE3CD64DA01FF73B4B4C2F077224A607E688DD ] C:\Windows\System32\drivers\usbport.sys
16:43:09.0715 0x0f18 C:\Windows\System32\drivers\usbport.sys - ok
16:43:09.0717 0x0f18 [ EF91E0806C01806C3CF62AF006901127, 1F49D57B6598EF0923DF70FD31B755B29D5ED4D38840D7619D3399B759FD579F ] C:\Windows\System32\drivers\Rt64win7.sys
16:43:09.0717 0x0f18 C:\Windows\System32\drivers\Rt64win7.sys - ok
16:43:09.0718 0x0f18 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] C:\Windows\System32\drivers\serenum.sys
16:43:09.0718 0x0f18 C:\Windows\System32\drivers\serenum.sys - ok
16:43:09.0720 0x0f18 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
16:43:09.0720 0x0f18 C:\Windows\System32\drivers\CompositeBus.sys - ok
16:43:09.0722 0x0f18 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
16:43:09.0722 0x0f18 C:\Windows\System32\drivers\intelppm.sys - ok
16:43:09.0724 0x0f18 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
16:43:09.0724 0x0f18 C:\Windows\System32\drivers\wmiacpi.sys - ok
16:43:09.0726 0x0f18 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
16:43:09.0726 0x0f18 C:\Windows\System32\drivers\agilevpn.sys - ok
16:43:09.0728 0x0f18 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
16:43:09.0728 0x0f18 C:\Windows\System32\drivers\ndistapi.sys - ok
16:43:09.0730 0x0f18 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
16:43:09.0730 0x0f18 C:\Windows\System32\drivers\rasl2tp.sys - ok
16:43:09.0732 0x0f18 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
16:43:09.0732 0x0f18 C:\Windows\System32\drivers\ndiswan.sys - ok
16:43:09.0733 0x0f18 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
16:43:09.0734 0x0f18 C:\Windows\System32\drivers\raspppoe.sys - ok
16:43:09.0735 0x0f18 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
16:43:09.0735 0x0f18 C:\Windows\System32\drivers\raspptp.sys - ok
16:43:09.0737 0x0f18 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
16:43:09.0737 0x0f18 C:\Windows\System32\drivers\rassstp.sys - ok
16:43:09.0739 0x0f18 [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] C:\Windows\System32\drivers\tap0901.sys
16:43:09.0739 0x0f18 C:\Windows\System32\drivers\tap0901.sys - ok
16:43:09.0740 0x0f18 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] C:\Windows\System32\drivers\rdpbus.sys
16:43:09.0740 0x0f18 C:\Windows\System32\drivers\rdpbus.sys - ok
16:43:09.0742 0x0f18 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
16:43:09.0742 0x0f18 C:\Windows\System32\drivers\kbdclass.sys - ok
16:43:09.0744 0x0f18 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
16:43:09.0744 0x0f18 C:\Windows\System32\drivers\mouclass.sys - ok
16:43:09.0746 0x0f18 [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
16:43:09.0746 0x0f18 C:\Windows\System32\drivers\ks.sys - ok
16:43:09.0748 0x0f18 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
16:43:09.0748 0x0f18 C:\Windows\System32\drivers\swenum.sys - ok
16:43:09.0750 0x0f18 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
16:43:09.0750 0x0f18 C:\Windows\System32\drivers\umbus.sys - ok
16:43:09.0751 0x0f18 [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] C:\Windows\System32\drivers\usbhub.sys
16:43:09.0751 0x0f18 C:\Windows\System32\drivers\usbhub.sys - ok
16:43:09.0753 0x0f18 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
16:43:09.0753 0x0f18 C:\Windows\System32\drivers\ndproxy.sys - ok
16:43:09.0755 0x0f18 [ 21D26064AEDB4988F785BB4A3A2C051E, F6FA2CA351B24DA19645EB542596C82F9A68D84CC7CCFE6F9FC15CE2CE4D1961 ] C:\Windows\System32\drivers\drmk.sys
16:43:09.0755 0x0f18 C:\Windows\System32\drivers\drmk.sys - ok
16:43:09.0757 0x0f18 [ 32E11315B5126921FFD9074840EF13D3, FC7C0E1CC447FDD89C0FA5EBFD04CCEABFB27751AB57A7176F12BD0D35306E1C ] C:\Windows\System32\drivers\portcls.sys
16:43:09.0757 0x0f18 C:\Windows\System32\drivers\portcls.sys - ok
16:43:09.0758 0x0f18 [ 4E5C72F003BFCB75701480DDCA5F0F09, 00B5943AF9C3C0EF57BF0FDCC94EBBEE354082EB5E187CC067F6E735B304D45E ] C:\Windows\System32\drivers\AtihdW76.sys
16:43:09.0758 0x0f18 C:\Windows\System32\drivers\AtihdW76.sys - ok
16:43:09.0760 0x0f18 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
16:43:09.0760 0x0f18 C:\Windows\System32\drivers\ksthunk.sys - ok
16:43:09.0762 0x0f18 [ 517869DB2BC6058D250A2963AE32B2D4, 155452DCBA19ABDF8ED72286E9AC43947A06F08C1BD044F88A870F3465981B79 ] C:\Windows\System32\drivers\RTKVHD64.sys
16:43:09.0762 0x0f18 C:\Windows\System32\drivers\RTKVHD64.sys - ok
16:43:09.0764 0x0f18 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
16:43:09.0764 0x0f18 C:\Windows\System32\autochk.exe - ok
16:43:09.0766 0x0f18 [ 86B56851FD68ADD6DC224EA36F8EFE92, 1842701DF25069A105F511BE9D12D23F7617E49A18C5F3828D8C30F62BB99ADC ] C:\Windows\System32\drivers\netr28ux.sys
16:43:09.0766 0x0f18 C:\Windows\System32\drivers\netr28ux.sys - ok
16:43:09.0768 0x0f18 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
16:43:09.0768 0x0f18 C:\Windows\System32\drivers\vwifibus.sys - ok
16:43:09.0770 0x0f18 [ B8509DCFCFD577F568BE4026BFD982C0, E3608E6DE15C400FA437349E7295FEF10A1A0213CA3B532A58964B8C89749110 ] C:\Windows\System32\imagehlp.dll
16:43:09.0770 0x0f18 C:\Windows\System32\imagehlp.dll - ok
16:43:09.0772 0x0f18 [ 5180380D353277D395D3B36D790AA93E, 89B894ECCF65704D00D30EA3BD45B184BFAB8345B779F9AE2BE66B9FC7226F72 ] C:\Windows\System32\iertutil.dll
16:43:09.0772 0x0f18 C:\Windows\System32\iertutil.dll - ok
16:43:09.0774 0x0f18 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65, 2A3EC01F3BAFE7D7D656886437F7FFECCE440C0D3F3467804769AB4BF1FF7A99 ] C:\Windows\System32\usp10.dll
16:43:09.0774 0x0f18 C:\Windows\System32\usp10.dll - ok
16:43:09.0775 0x0f18 [ 2C353B6CE0C8D03225CAA2AF33B68D79, 64B9CA5EFCC278941F9CCF2AB4CDD79866358D8C0CF1CC5F956E5EEA21ACCADE ] C:\Windows\System32\user32.dll
16:43:09.0775 0x0f18 C:\Windows\System32\user32.dll - ok
16:43:09.0777 0x0f18 [ D202223587518B13D72D68937B7E3F70, 9DB971B866D058ADBB518DD99B87C5DB8DD1E7C9073755B989AE7E9FB62901E8 ] C:\Windows\System32\lpk.dll
16:43:09.0777 0x0f18 C:\Windows\System32\lpk.dll - ok
16:43:09.0779 0x0f18 [ 42F05F980F164E084DB65B2E8CD8430F, 0813749847B08F6577791D18AD9ECA6DFF5B41C2F727AB5EE9E5BF9602ED50CB ] C:\Windows\System32\oleaut32.dll
16:43:09.0779 0x0f18 C:\Windows\System32\oleaut32.dll - ok
16:43:09.0781 0x0f18 [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
16:43:09.0781 0x0f18 C:\Windows\System32\sechost.dll - ok
16:43:09.0782 0x0f18 [ 5FADA8B707318E1BD63A7E2B81E6C8CB, 2590E88CAB52FCC1B24CB262D293131C6280A5F234E0C130E77AA8697EFA3B5F ] C:\Windows\System32\urlmon.dll
16:43:09.0782 0x0f18 C:\Windows\System32\urlmon.dll - ok
16:43:09.0784 0x0f18 [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
16:43:09.0784 0x0f18 C:\Windows\System32\ole32.dll - ok
16:43:09.0786 0x0f18 [ 6DF46D2BD74E3DA1B45F08F10D172732, 2DC945F6F2C4A82189BC7DA2FCBB7D9A0E2588A909539249E55BA82468E0C677 ] C:\Windows\System32\advapi32.dll
16:43:09.0786 0x0f18 C:\Windows\System32\advapi32.dll - ok
16:43:09.0787 0x0f18 [ F6C5302E1F4813D552F41A0AC82455E5, E3EBF44621EFC6381BAAE0F0EFC13C356DCB6EE31BB258137EDB3CC3E18549B5 ] C:\Windows\System32\wininet.dll
16:43:09.0787 0x0f18 C:\Windows\System32\wininet.dll - ok
16:43:09.0789 0x0f18 [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
16:43:09.0789 0x0f18 C:\Windows\System32\comdlg32.dll - ok
16:43:09.0791 0x0f18 [ 26E716ED95DC48CF6E5AC046089366AF, F686D557B7AC1688EFC7CB48311290D713D3DB2E9E61E947098A7C80E3A1B9E9 ] C:\Windows\System32\shell32.dll
16:43:09.0791 0x0f18 C:\Windows\System32\shell32.dll - ok
16:43:09.0793 0x0f18 [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
16:43:09.0793 0x0f18 C:\Windows\System32\imm32.dll - ok
16:43:09.0795 0x0f18 [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
16:43:09.0795 0x0f18 C:\Windows\System32\difxapi.dll - ok
16:43:09.0796 0x0f18 [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
16:43:09.0796 0x0f18 C:\Windows\System32\nsi.dll - ok
16:43:09.0798 0x0f18 [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
16:43:09.0798 0x0f18 C:\Windows\System32\msctf.dll - ok
16:43:09.0800 0x0f18 [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
16:43:09.0800 0x0f18 C:\Windows\System32\shlwapi.dll - ok
16:43:09.0802 0x0f18 [ 0611473C1AD9E2D991CD9482068417F7, 90AFCC2A60350ECE27E75E76459132EF0FA28EF283CE88FCED4B82735A93ECDA ] C:\Windows\System32\rpcrt4.dll
16:43:09.0802 0x0f18 C:\Windows\System32\rpcrt4.dll - ok
16:43:09.0803 0x0f18 [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
16:43:09.0803 0x0f18 C:\Windows\System32\ws2_32.dll - ok
16:43:09.0805 0x0f18 [ 7319BB10FA1F86E49E3DCF4136F6C957, 60DE43AB267FD41C9804369B569139ADD30ED4E295C425F44FC04D3FCC95FCA2 ] C:\Windows\System32\msvcrt.dll
16:43:09.0805 0x0f18 C:\Windows\System32\msvcrt.dll - ok
16:43:09.0807 0x0f18 [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
16:43:09.0807 0x0f18 C:\Windows\System32\psapi.dll - ok
16:43:09.0809 0x0f18 [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
16:43:09.0809 0x0f18 C:\Windows\System32\clbcatq.dll - ok
16:43:09.0810 0x0f18 [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
16:43:09.0810 0x0f18 C:\Windows\System32\Wldap32.dll - ok
16:43:09.0812 0x0f18 [ 1084AA52CCC324EA54C7121FA24C2221, 6E972CF624F7C0DE8190434B3B30279A01C551713109F97B9EBB77FAC9364754 ] C:\Windows\System32\gdi32.dll
16:43:09.0812 0x0f18 C:\Windows\System32\gdi32.dll - ok
16:43:09.0814 0x0f18 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
16:43:09.0814 0x0f18 C:\Windows\System32\setupapi.dll - ok
16:43:09.0815 0x0f18 [ 7A6326D96D53048FDEC542DF23D875A0, 182351570856CD6EEDD9DF7E2FB8AB76BD4D8FC70BE11AD5DE6484CFD70C21C6 ] C:\Windows\System32\kernel32.dll
16:43:09.0815 0x0f18 C:\Windows\System32\kernel32.dll - ok
16:43:09.0817 0x0f18 [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
16:43:09.0817 0x0f18 C:\Windows\System32\normaliz.dll - ok
16:43:09.0819 0x0f18 [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
16:43:09.0819 0x0f18 C:\Windows\System32\cfgmgr32.dll - ok
16:43:09.0820 0x0f18 [ EB3F9C2DE1236B5D46B2291D82970E43, 8A43D335F3D573BED98AF54BB51E82546C2ACC025DA8A48D801213EB14E9D5D4 ] C:\Windows\System32\wintrust.dll
16:43:09.0821 0x0f18 C:\Windows\System32\wintrust.dll - ok
16:43:09.0822 0x0f18 [ DA68C291B4EF2DEC9C5963266BCAE454, 21AA4779FC21E762178517268C95467238C92851AD9160BFFC36B2379C58337F ] C:\Windows\System32\KernelBase.dll
16:43:09.0822 0x0f18 C:\Windows\System32\KernelBase.dll - ok
16:43:09.0824 0x0f18 [ 3F9F2AFA135F0663946A006DD5FFD897, 276D1C9C78C529625C2EF3D77079324628686EA184767971901A1DE93681C133 ] C:\Windows\System32\crypt32.dll
16:43:09.0824 0x0f18 C:\Windows\System32\crypt32.dll - ok
16:43:09.0826 0x0f18 [ 14DFDEAF4E589ED3F1FF187A86B9408C, 86D383D5B90A86556521C62C50F7BE0306FCD24FD86A8A37E8320FAE948531EB ] C:\Windows\System32\comctl32.dll
16:43:09.0826 0x0f18 C:\Windows\System32\comctl32.dll - ok
16:43:09.0828 0x0f18 [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
16:43:09.0828 0x0f18 C:\Windows\System32\devobj.dll - ok
16:43:09.0829 0x0f18 [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
16:43:09.0829 0x0f18 C:\Windows\System32\msasn1.dll - ok
16:43:09.0831 0x0f18 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
16:43:09.0831 0x0f18 C:\Windows\SysWOW64\normaliz.dll - ok
16:43:09.0833 0x0f18 [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
16:43:09.0833 0x0f18 C:\Windows\System32\drivers\dxapi.sys - ok
16:43:09.0835 0x0f18 [ A89392A32BA98468710FD7E38318934B, 20ADA396709E694B47976A269FE0C1C640192EED9E39EC288157AEFFA8E9AD4B ] C:\Windows\System32\win32k.sys
16:43:09.0835 0x0f18 C:\Windows\System32\win32k.sys - ok
16:43:09.0837 0x0f18 [ 0D7598360DF6C8637E6D678C20B5C47C, 0EC86D578C0B1703B89C24AE0FEE2CD91DD869BD4A97949A4B29AE57D490F890 ] C:\Windows\System32\csrsrv.dll
16:43:09.0837 0x0f18 C:\Windows\System32\csrsrv.dll - ok
16:43:09.0838 0x0f18 [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
16:43:09.0838 0x0f18 C:\Windows\System32\csrss.exe - ok
16:43:09.0840 0x0f18 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
16:43:09.0840 0x0f18 C:\Windows\System32\basesrv.dll - ok
16:43:09.0842 0x0f18 [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\System32\winsrv.dll
16:43:09.0842 0x0f18 C:\Windows\System32\winsrv.dll - ok
16:43:09.0843 0x0f18 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
16:43:09.0843 0x0f18 C:\Windows\System32\drivers\monitor.sys - ok
16:43:09.0845 0x0f18 [ 63C8D74BED9F80F4DD0AA7A3101EB639, EA2CE29025259E9DE945CE52C80A41C33024D7C2907AA1928480EC11FC852B08 ] C:\Windows\System32\drivers\usbd.sys
16:43:09.0845 0x0f18 C:\Windows\System32\drivers\usbd.sys - ok
16:43:09.0847 0x0f18 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] C:\Windows\System32\drivers\usbccgp.sys
16:43:09.0847 0x0f18 C:\Windows\System32\drivers\usbccgp.sys - ok
16:43:09.0848 0x0f18 [ 49EE2E52E6CD03947DAD72F65367BE06, 933097B903B13767DD49192E7BF8EAABC5BADFDAF8B31B806AA65C533F24B686 ] C:\Windows\System32\drivers\hidparse.sys
16:43:09.0848 0x0f18 C:\Windows\System32\drivers\hidparse.sys - ok
16:43:09.0850 0x0f18 [ 8B0E40E7E8BBF5ACF390465609D89FF1, 856E12DB9F0CAEC575DDF04B2651B6EC484E98EAB3832FC18D342CF774A75231 ] C:\Windows\System32\drivers\hidclass.sys
16:43:09.0850 0x0f18 C:\Windows\System32\drivers\hidclass.sys - ok
16:43:09.0852 0x0f18 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] C:\Windows\System32\drivers\hidusb.sys
16:43:09.0852 0x0f18 C:\Windows\System32\drivers\hidusb.sys - ok
16:43:09.0854 0x0f18 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] C:\Windows\System32\drivers\kbdhid.sys
16:43:09.0854 0x0f18 C:\Windows\System32\drivers\kbdhid.sys - ok
16:43:09.0855 0x0f18 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys
16:43:09.0855 0x0f18 C:\Windows\System32\drivers\mouhid.sys - ok
16:43:09.0857 0x0f18 [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
16:43:09.0857 0x0f18 C:\Windows\System32\tsddd.dll - ok
16:43:09.0859 0x0f18 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
16:43:09.0859 0x0f18 C:\Windows\System32\sxssrv.dll - ok
16:43:09.0861 0x0f18 [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
16:43:09.0861 0x0f18 C:\Windows\System32\wininit.exe - ok
16:43:09.0863 0x0f18 [ 05569A79BF4693670B709144382D02D4, 3B13C569EE4FBC63C6989A7A12A50DCCC945FAB26C6E659DEB0614640E8F40C3 ] C:\Windows\System32\cdd.dll
16:43:09.0863 0x0f18 C:\Windows\System32\cdd.dll - ok
16:43:09.0864 0x0f18 [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
16:43:09.0864 0x0f18 C:\Windows\System32\KBDUS.DLL - ok
16:43:09.0866 0x0f18 [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
16:43:09.0866 0x0f18 C:\Windows\System32\profapi.dll - ok
16:43:09.0868 0x0f18 [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
16:43:09.0868 0x0f18 C:\Windows\System32\RpcRtRemote.dll - ok
16:43:09.0869 0x0f18 [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
16:43:09.0869 0x0f18 C:\Windows\System32\sxs.dll - ok
16:43:09.0871 0x0f18 [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
16:43:09.0871 0x0f18 C:\Windows\System32\WlS0WndH.dll - ok
16:43:09.0873 0x0f18 [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
16:43:09.0873 0x0f18 C:\Windows\System32\cryptbase.dll - ok
16:43:09.0875 0x0f18 [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
16:43:09.0875 0x0f18 C:\Windows\System32\apphelp.dll - ok
16:43:09.0876 0x0f18 [ 9F84806B3991D338FFDFC4ECF86A6923, 642FF3B8EE8BD6597AABE74E106A65F0C5551786CEB18BC69946F9608B5CAF64 ] C:\Windows\System32\lsasrv.dll
16:43:09.0876 0x0f18 C:\Windows\System32\lsasrv.dll - ok
16:43:09.0878 0x0f18 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] C:\Windows\System32\lsass.exe
16:43:09.0878 0x0f18 C:\Windows\System32\lsass.exe - ok
16:43:09.0880 0x0f18 [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
16:43:09.0880 0x0f18 C:\Windows\System32\lsm.exe - ok
16:43:09.0882 0x0f18 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
16:43:09.0882 0x0f18 C:\Windows\System32\services.exe - ok
16:43:09.0884 0x0f18 [ D8A79180614C14F87DA1038FFEB56F71, 60142DC3795FC7C7F24D1742A9475F67416695CA7EB1A64C57E42367AC0998E3 ] C:\Windows\System32\sspisrv.dll
16:43:09.0884 0x0f18 C:\Windows\System32\sspisrv.dll - ok
16:43:09.0885 0x0f18 [ 2A86E54B441AD41557F75DC5609B9793, 8FEDE6909413C0FA5B63D58D39AFFD0F6C3BEEAF19B7B2F8674913ABFD79A912 ] C:\Windows\System32\sspicli.dll
16:43:09.0885 0x0f18 C:\Windows\System32\sspicli.dll - ok
16:43:09.0887 0x0f18 [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
16:43:09.0887 0x0f18 C:\Windows\System32\scesrv.dll - ok
16:43:09.0889 0x0f18 [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
16:43:09.0889 0x0f18 C:\Windows\System32\scext.dll - ok
16:43:09.0890 0x0f18 [ 858DF0795CB5B4BACE0F33708925A414, A9063AF8D5C73A722BD269D144D8A65C98DB4CFDD9F626E3A8283754E22C8C9C ] C:\Windows\System32\secur32.dll
16:43:09.0890 0x0f18 C:\Windows\System32\secur32.dll - ok
16:43:09.0892 0x0f18 [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
16:43:09.0892 0x0f18 C:\Windows\System32\samsrv.dll - ok
16:43:09.0894 0x0f18 [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
16:43:09.0894 0x0f18 C:\Windows\System32\srvcli.dll - ok
16:43:09.0896 0x0f18 [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
16:43:09.0896 0x0f18 C:\Windows\System32\sysntfy.dll - ok
16:43:09.0897 0x0f18 [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
16:43:09.0897 0x0f18 C:\Windows\System32\wmsgapi.dll - ok
16:43:09.0899 0x0f18 [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
16:43:09.0899 0x0f18 C:\Windows\System32\cryptdll.dll - ok
16:43:09.0901 0x0f18 [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
16:43:09.0901 0x0f18 C:\Windows\System32\wevtapi.dll - ok
16:43:09.0903 0x0f18 [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
16:43:09.0903 0x0f18 C:\Windows\System32\authz.dll - ok
16:43:09.0905 0x0f18 [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
16:43:09.0905 0x0f18 C:\Windows\System32\cngaudit.dll - ok
16:43:09.0907 0x0f18 [ 2E8C52A0EC788D90FA35D9507D828771, DD5AAA10E075F209D9827C7A192AD5645D1156C149DB9B5AC1EF7B5E0B5F11DE ] C:\Windows\System32\ncrypt.dll
16:43:09.0907 0x0f18 C:\Windows\System32\ncrypt.dll - ok
16:43:09.0908 0x0f18 [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
16:43:09.0909 0x0f18 C:\Windows\System32\bcrypt.dll - ok
16:43:09.0910 0x0f18 [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
16:43:09.0910 0x0f18 C:\Windows\System32\msprivs.dll - ok
16:43:09.0912 0x0f18 [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
16:43:09.0912 0x0f18 C:\Windows\System32\negoexts.dll - ok
16:43:09.0914 0x0f18 [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
16:43:09.0914 0x0f18 C:\Windows\System32\netjoin.dll - ok
16:43:09.0915 0x0f18 [ 65D57212965A93FE78E41E3998BB97AD, A44EAED256EA8F39C28D7019AF2C1FB20C0A63EFE03C9A069CFA730E787FB179 ] C:\Windows\System32\kerberos.dll
16:43:09.0915 0x0f18 C:\Windows\System32\kerberos.dll - ok
16:43:09.0917 0x0f18 [ DA92473D08DFCE8D355684D636ECAE5A, 393F72470784F9596D7AAD1E13AF9119A69645525D89248DACEAAB5A3A58368B ] C:\Windows\System32\atmfd.dll
16:43:09.0917 0x0f18 C:\Windows\System32\atmfd.dll - ok
16:43:09.0919 0x0f18 [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
16:43:09.0919 0x0f18 C:\Windows\System32\cryptsp.dll - ok
16:43:09.0920 0x0f18 [ 1D5185A4C7E6695431AE4B55C3D7D333, 16F3906C54F1D71559836FDFCF4E83E7C9F454463D78FD577AD2D7022E0BCB51 ] C:\Windows\System32\mswsock.dll
16:43:09.0920 0x0f18 C:\Windows\System32\mswsock.dll - ok
16:43:09.0922 0x0f18 [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
16:43:09.0922 0x0f18 C:\Windows\System32\wship6.dll - ok
16:43:09.0924 0x0f18 [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
16:43:09.0924 0x0f18 C:\Windows\System32\msv1_0.dll - ok
16:43:09.0925 0x0f18 [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
16:43:09.0925 0x0f18 C:\Windows\System32\netlogon.dll - ok
16:43:09.0927 0x0f18 [ A52B6CC24063CC83C78C0E6F24DEEC01, 77E0D2B2356E71F9BE52FA479C9DDE17C453C198BB49CD4A97F2309628D82E3B ] C:\Windows\System32\dnsapi.dll
16:43:09.0927 0x0f18 C:\Windows\System32\dnsapi.dll - ok
16:43:09.0929 0x0f18 [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
16:43:09.0929 0x0f18 C:\Windows\System32\winlogon.exe - ok
16:43:09.0931 0x0f18 [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
16:43:09.0931 0x0f18 C:\Windows\System32\logoncli.dll - ok
16:43:09.0932 0x0f18 [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
16:43:09.0932 0x0f18 C:\Windows\System32\winsta.dll - ok
16:43:09.0934 0x0f18 [ A199DE544BF5C61C134B22C7592226FC, AF0CC2DA847036F5FE6DD9FBEDA7C3D05AF291873D4EAE121676DC6E8841A78F ] C:\Windows\System32\schannel.dll
16:43:09.0934 0x0f18 C:\Windows\System32\schannel.dll - ok
16:43:09.0936 0x0f18 [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
16:43:09.0936 0x0f18 C:\Windows\System32\wdigest.dll - ok
16:43:09.0938 0x0f18 [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
16:43:09.0938 0x0f18 C:\Windows\System32\rsaenh.dll - ok
16:43:09.0940 0x0f18 [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
16:43:09.0940 0x0f18 C:\Windows\System32\TSpkg.dll - ok
16:43:09.0942 0x0f18 [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
16:43:09.0942 0x0f18 C:\Windows\System32\pku2u.dll - ok
16:43:09.0943 0x0f18 [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
16:43:09.0943 0x0f18 C:\Windows\System32\bcryptprimitives.dll - ok
16:43:09.0945 0x0f18 [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
16:43:09.0945 0x0f18 C:\Windows\System32\credssp.dll - ok
16:43:09.0947 0x0f18 [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
16:43:09.0947 0x0f18 C:\Windows\System32\efslsaext.dll - ok
16:43:09.0949 0x0f18 [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
16:43:09.0949 0x0f18 C:\Windows\System32\scecli.dll - ok
16:43:09.0950 0x0f18 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] C:\Windows\System32\drivers\tsusbhub.sys
16:43:09.0950 0x0f18 C:\Windows\System32\drivers\tsusbhub.sys - ok
16:43:09.0952 0x0f18 [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
16:43:09.0952 0x0f18 C:\Windows\System32\ubpm.dll - ok
16:43:09.0954 0x0f18 [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
16:43:09.0954 0x0f18 C:\Windows\System32\svchost.exe - ok
16:43:09.0956 0x0f18 [ B806E50427511BCF4AD8E8239C3E25FA, AB89B48ECCF90F701B314D18BE531CDA5ABE1636C17B994A5E4BE5AAC136B4E3 ] C:\Windows\System32\umpnpmgr.dll
16:43:09.0956 0x0f18 C:\Windows\System32\umpnpmgr.dll - ok
16:43:09.0958 0x0f18 [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
16:43:09.0958 0x0f18 C:\Windows\System32\SPInf.dll - ok
16:43:09.0960 0x0f18 [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
16:43:09.0960 0x0f18 C:\Windows\System32\devrtl.dll - ok
16:43:09.0962 0x0f18 [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
16:43:09.0962 0x0f18 C:\Windows\System32\gpapi.dll - ok
16:43:09.0963 0x0f18 [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
16:43:09.0963 0x0f18 C:\Windows\System32\userenv.dll - ok
16:43:09.0965 0x0f18 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
16:43:09.0965 0x0f18 C:\Windows\System32\umpo.dll - ok
16:43:09.0966 0x0f18 [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
16:43:09.0967 0x0f18 C:\Windows\System32\pcwum.dll - ok
16:43:09.0968 0x0f18 [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
16:43:09.0968 0x0f18 C:\Windows\System32\powrprof.dll - ok
16:43:09.0970 0x0f18 [ DCF9DAD20AEB64979CA7C6484C6E9915, BEE03DB86241431873A75316D3471671D625DB8C0E93F1160D43EADCB580AC05 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
16:43:09.0970 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe - ok
16:43:09.0972 0x0f18 [ D124F55B9393C976963407DFF51FFA79, EA1E16247C848C8C171C4CD1FA17BC5A018A1FCB0C0DAC25009066B6667B8EEF ] C:\Windows\SysWOW64\ntdll.dll
16:43:09.0972 0x0f18 C:\Windows\SysWOW64\ntdll.dll - ok
16:43:09.0974 0x0f18 [ 098EF40B77F88148349AAEBFE38E87C7, 4E3CDF9FEDBC2C2C031B5B52C20B0DDD7FAF0672D0B35469E239D93F1BD4BC1F ] C:\Windows\System32\wow64.dll
16:43:09.0974 0x0f18 C:\Windows\System32\wow64.dll - ok
16:43:09.0975 0x0f18 [ 99F5AEDBA338CE63F047D86E07DA36F6, B21DDAC8568058E02743FFBDB76557BF76F133D3981298E0634D1D2620AFCE2D ] C:\Windows\System32\wow64cpu.dll
16:43:09.0975 0x0f18 C:\Windows\System32\wow64cpu.dll - ok
16:43:09.0977 0x0f18 [ C742077774E78A388F11EC943AD717FC, 1D062803F758D7093608441EDFF72625E5333D2C47B4FC101463148B9A8F685C ] C:\Windows\System32\wow64win.dll
16:43:09.0977 0x0f18 C:\Windows\System32\wow64win.dll - ok
16:43:09.0979 0x0f18 [ E80758CF485DB142FCA1EE03A34EAD05, 3F94F8630C7603F9DA79BF021CB56AC5357502BADF6CB12F6CE11E5B2B244153 ] C:\Windows\SysWOW64\kernel32.dll
16:43:09.0979 0x0f18 C:\Windows\SysWOW64\kernel32.dll - ok
16:43:09.0980 0x0f18 [ 61EABC3358D869519D851B08C8FA512D, 00F4AEB2C0FBEDFBAFAC5E7DA17A5B7328E96216597153D3E7FAC219A284282B ] C:\Windows\SysWOW64\KernelBase.dll
16:43:09.0980 0x0f18 C:\Windows\SysWOW64\KernelBase.dll - ok
16:43:09.0982 0x0f18 [ 028D74F61952756C9DFFF7969162BB39, 045887F7424A0FAE471BD285ED7A3507EFDCEF986313651E462323ACE3312173 ] C:\Windows\SysWOW64\oleaut32.dll
16:43:09.0982 0x0f18 C:\Windows\SysWOW64\oleaut32.dll - ok
16:43:09.0984 0x0f18 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
16:43:09.0984 0x0f18 C:\Windows\SysWOW64\ole32.dll - ok
16:43:09.0985 0x0f18 [ E46D48A7FE961401F1CBF85531CDF05D, 24CA38641020FF9E07E16CE3992212E2BFD2759E902D12744D4989ADF11995BF ] C:\Windows\SysWOW64\msvcrt.dll
16:43:09.0985 0x0f18 C:\Windows\SysWOW64\msvcrt.dll - ok
16:43:09.0987 0x0f18 [ D6D3AD7BF1D6F6CE9547613ED5E170A2, EA3BD7FEC193A8CFE1D5736301ACADC476FB6AAC5475A45776D0A638E9845445 ] C:\Windows\SysWOW64\gdi32.dll
16:43:09.0987 0x0f18 C:\Windows\SysWOW64\gdi32.dll - ok
16:43:09.0989 0x0f18 [ 861C4346F9281DC0380DE72C8D55D6BE, FDC6B8E08AE234FA4302B6552A3935714755FE51D11B8DD3E3C24415E1ED8731 ] C:\Windows\SysWOW64\user32.dll
16:43:09.0989 0x0f18 C:\Windows\SysWOW64\user32.dll - ok
16:43:09.0991 0x0f18 [ 95E2376B3323F062EB562B8586D0F14A, BD3FA8750123D00AA0967FBA44372C46EA002681DA9C9B77A4F9261553E26017 ] C:\Windows\SysWOW64\advapi32.dll
16:43:09.0991 0x0f18 C:\Windows\SysWOW64\advapi32.dll - ok
16:43:09.0993 0x0f18 [ C5AD8083CF94201F1F8084ECC696A8B7, 9F9A23DC2587E88C1BF671E9E147F134242002288E22E1C57881F3ED721F4296 ] C:\Windows\SysWOW64\rpcrt4.dll
16:43:09.0993 0x0f18 C:\Windows\SysWOW64\rpcrt4.dll - ok
16:43:09.0995 0x0f18 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
16:43:09.0995 0x0f18 C:\Windows\SysWOW64\sechost.dll - ok
16:43:09.0996 0x0f18 [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
16:43:09.0996 0x0f18 C:\Windows\SysWOW64\cryptbase.dll - ok
16:43:09.0998 0x0f18 [ 384721EF4024890092625E20CADFAF85, 32FB012437C271CA4408EC60E6858485C2F9489107BBDB7011F728A0D2A26D2C ] C:\Windows\SysWOW64\lpk.dll
16:43:09.0998 0x0f18 C:\Windows\SysWOW64\lpk.dll - ok
16:43:10.0000 0x0f18 [ 7224D964A6D657374C551C878EB2C386, C6F56D05CFBC06ECEF8CF44DCDE939AB25C3D3C01CA43323F827EE3086836CD9 ] C:\Windows\SysWOW64\sspicli.dll
16:43:10.0002 0x0f18 C:\Windows\SysWOW64\sspicli.dll - ok
16:43:10.0003 0x0f18 [ 804AAAFEBB3AD5F49334DD906BCB1DE5, EB5DA86810D405555C84F4D452A604665250AB5D01714E0FBECF81CC8E791AC5 ] C:\Windows\SysWOW64\usp10.dll
16:43:10.0003 0x0f18 C:\Windows\SysWOW64\usp10.dll - ok
16:43:10.0005 0x0f18 [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
16:43:10.0005 0x0f18 C:\Windows\SysWOW64\mpr.dll - ok
16:43:10.0007 0x0f18 [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
16:43:10.0007 0x0f18 C:\Windows\SysWOW64\msimg32.dll - ok
16:43:10.0008 0x0f18 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
16:43:10.0008 0x0f18 C:\Windows\SysWOW64\nsi.dll - ok
16:43:10.0010 0x0f18 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
16:43:10.0010 0x0f18 C:\Windows\SysWOW64\version.dll - ok
16:43:10.0012 0x0f18 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
16:43:10.0012 0x0f18 C:\Windows\SysWOW64\ws2_32.dll - ok
16:43:10.0013 0x0f18 [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
16:43:10.0013 0x0f18 C:\Windows\SysWOW64\wsock32.dll - ok
16:43:10.0015 0x0f18 [ 16AB4BD2ACC52109F43739BF0E89E18F, 8BF53004F8A413598B46C2ECFBA1EA581836E0E0839047471622F31A4A065DD7 ] C:\Windows\SysWOW64\shell32.dll
16:43:10.0015 0x0f18 C:\Windows\SysWOW64\shell32.dll - ok
16:43:10.0017 0x0f18 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
16:43:10.0017 0x0f18 C:\Windows\SysWOW64\shlwapi.dll - ok
16:43:10.0019 0x0f18 [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
16:43:10.0019 0x0f18 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
16:43:10.0021 0x0f18 [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
16:43:10.0021 0x0f18 C:\Windows\SysWOW64\comdlg32.dll - ok
16:43:10.0023 0x0f18 [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
16:43:10.0023 0x0f18 C:\Windows\SysWOW64\userenv.dll - ok
16:43:10.0024 0x0f18 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
16:43:10.0024 0x0f18 C:\Windows\SysWOW64\profapi.dll - ok
16:43:10.0026 0x0f18 [ 2D0D2DA87BEA7144F2A17F19D0D17E4C, F47B1A6B2284E9B1B664F835D9498C8D11FD411C524877F29783CDA71FB15BB9 ] C:\Windows\SysWOW64\wintrust.dll
16:43:10.0026 0x0f18 C:\Windows\SysWOW64\wintrust.dll - ok
16:43:10.0028 0x0f18 [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
16:43:10.0028 0x0f18 C:\Windows\SysWOW64\wtsapi32.dll - ok
16:43:10.0029 0x0f18 [ 454E292861A4EF1D72F43F42BBAF6917, 9179657AA2928627D73608D7EBA5A9A8D7507F9F67DD8EC1011C76AEE4914043 ] C:\Windows\SysWOW64\crypt32.dll
16:43:10.0029 0x0f18 C:\Windows\SysWOW64\crypt32.dll - ok
16:43:10.0031 0x0f18 [ 7C2EE2EEF3D7E0AA4624A8E63C6583F6, 2009CC9BA4C4874E08FDA5356972FF42A9D78B1EA6199B3FE13F008574CD06A2 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\datastate.dll
16:43:10.0031 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\datastate.dll - ok
16:43:10.0033 0x0f18 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
16:43:10.0033 0x0f18 C:\Windows\SysWOW64\msasn1.dll - ok
16:43:10.0035 0x0f18 [ C78F03E7CDE30C32CE521C9251B4D220, 27C6A0F482058A7A6DCE96B0C8E2D5C8A0B9BFB8027AE332DF24F61314F3664B ] C:\Program Files (x86)\IObit\IObit Malware Fighter\sboxctl.dll
16:43:10.0035 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\sboxctl.dll - ok
16:43:10.0036 0x0f18 [ 74CFFF12703E80E1BAFDC9B68AE91543, 8EAE00BB6655754AE7C3E880621D9C4E6E85BE864F085EE6819D833B69B6E799 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\sboxfilectl.dll
16:43:10.0037 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\sboxfilectl.dll - ok
16:43:10.0039 0x0f18 [ 13C031725D196DEAA6102FAF2032688C, 2129127B1EAAA54BE54AE432D4EACB28535410DFD798BDF96B0F6D644403AE67 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\cameractl.dll
16:43:10.0039 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\cameractl.dll - ok
16:43:10.0041 0x0f18 [ 78DA3D9C2C75DD09765DC19997182876, AC91D4D58C0F92E59AF619B523433E188A105C3F71ECA8119BDC9990A06445C4 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\fdptctl.dll
16:43:10.0041 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\fdptctl.dll - ok
16:43:10.0042 0x0f18 [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
16:43:10.0042 0x0f18 C:\Windows\SysWOW64\imm32.dll - ok
16:43:10.0044 0x0f18 [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
16:43:10.0044 0x0f18 C:\Windows\SysWOW64\psapi.dll - ok
16:43:10.0046 0x0f18 [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
16:43:10.0046 0x0f18 C:\Windows\SysWOW64\shfolder.dll - ok
16:43:10.0048 0x0f18 [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
16:43:10.0048 0x0f18 C:\Windows\SysWOW64\msctf.dll - ok
16:43:10.0049 0x0f18 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769251FD17C02BA4A ] C:\Windows\SysWOW64\fltLib.dll
16:43:10.0050 0x0f18 C:\Windows\SysWOW64\fltLib.dll - ok
16:43:10.0051 0x0f18 [ 1E8D06AAE74FED674C1156B3FEA911C2, C1999BA9E436F9E0B9302DC82DF8B214E66372899FD4C0C60C56EE5340BADB9F ] C:\Windows\SysWOW64\Faultrep.dll
16:43:10.0051 0x0f18 C:\Windows\SysWOW64\Faultrep.dll - ok
16:43:10.0053 0x0f18 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
16:43:10.0053 0x0f18 C:\Windows\SysWOW64\ntmarta.dll - ok
16:43:10.0054 0x0f18 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
16:43:10.0055 0x0f18 C:\Windows\SysWOW64\Wldap32.dll - ok
16:43:10.0056 0x0f18 [ A798C417C6FD2100373D67C7D39E1E7B, 2478634D79DA4F0E2F39C97BAFC061477297428DC9D99CF92CD3BE4AD66312F9 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
16:43:10.0056 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe - ok
16:43:10.0058 0x0f18 [ B8D295E795C679CE045D022EE0F7B080, DCD19AFCDF54B1A1E4E210D97D1642A797288C4F4A31F90DA232A8E5E4348465 ] C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe
16:43:10.0058 0x0f18 C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe - ok
16:43:10.0060 0x0f18 [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
16:43:10.0060 0x0f18 C:\Windows\SysWOW64\winsta.dll - ok
16:43:10.0062 0x0f18 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
16:43:10.0062 0x0f18 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
16:43:10.0063 0x0f18 [ 8CE1A6D16B9077E91E192499EB611C5F, 68BB66B40383F7CA04F314FECC12A346914139A64F72CAE791B882B6CB8DC314 ] C:\Windows\SysWOW64\netapi32.dll
16:43:10.0063 0x0f18 C:\Windows\SysWOW64\netapi32.dll - ok
16:43:10.0066 0x0f18 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
16:43:10.0066 0x0f18 C:\Windows\SysWOW64\netutils.dll - ok
16:43:10.0068 0x0f18 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
16:43:10.0068 0x0f18 C:\Windows\SysWOW64\winnsi.dll - ok
16:43:10.0069 0x0f18 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
16:43:10.0069 0x0f18 C:\Windows\SysWOW64\samcli.dll - ok
16:43:10.0071 0x0f18 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
16:43:10.0071 0x0f18 C:\Windows\SysWOW64\srvcli.dll - ok
16:43:10.0073 0x0f18 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
16:43:10.0073 0x0f18 C:\Windows\SysWOW64\wkscli.dll - ok
16:43:10.0074 0x0f18 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
16:43:10.0074 0x0f18 C:\Windows\System32\drivers\luafv.sys - ok
16:43:10.0076 0x0f18 [ B401271BD21D10D9C71F4516C802A49C, 454990BB4D71AF46C0186BFA55D7DD648ACCB0EA7D8AE864BE47E99E4F0C72C8 ] C:\Windows\System32\drivers\gzflt.sys
16:43:10.0076 0x0f18 C:\Windows\System32\drivers\gzflt.sys - ok
16:43:10.0078 0x0f18 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] C:\Windows\System32\drivers\WUDFPf.sys
16:43:10.0078 0x0f18 C:\Windows\System32\drivers\WUDFPf.sys - ok
16:43:10.0080 0x0f18 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
16:43:10.0080 0x0f18 C:\Windows\System32\rpcss.dll - ok
16:43:10.0082 0x0f18 [ E39ED1EA1A5039C86FB94B0CBC619D2B, 31F0DB46E6D00416C25CAA4AF1682F34F0093C4B6DB001AF1349796B3D241F72 ] D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
16:43:10.0082 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe - ok
16:43:10.0084 0x0f18 [ A84A8A708751E2CB1F2BB117E9B7F390, F656F0F98CF2510F4E0FE5D5666643028A6B8BAC50BF553C0A464456C0E82934 ] D:\Program Files\TxGameAssistant\AppMarket\msvcp140.dll
16:43:10.0084 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\msvcp140.dll - ok
16:43:10.0086 0x0f18 [ B7EBC19A5B23D0D32FF014E30BE26061, 5695560A50ED9746696C0D647E55D77459F5981907C177D086DF36656A978B19 ] D:\Program Files\TxGameAssistant\AppMarket\vcruntime140.dll
16:43:10.0086 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\vcruntime140.dll - ok
16:43:10.0088 0x0f18 [ AE3FA6BF777B0429B825FB6B028F8A48, 66B86ED0867FE22E80B9B737F3EE428BE71F5E98D36F774ABBF92E3AACA71BFB ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-runtime-l1-1-0.dll
16:43:10.0088 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-runtime-l1-1-0.dll - ok
16:43:10.0089 0x0f18 [ 3E0303F978818E5C944F5485792696FD, 7041885B2A8300BF12A46510228CE8D103D74E83B1BAF696B84FF3E5AB785DD1 ] D:\Program Files\TxGameAssistant\AppMarket\ucrtbase.dll
16:43:10.0089 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\ucrtbase.dll - ok
16:43:10.0091 0x0f18 [ A20084F41B3F1C549D6625C790B72268, 0FA42237FD1140FD125C6EDB728D4C70AD0276C72FA96C2FAABF7F429FA7E8F1 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-timezone-l1-1-0.dll
16:43:10.0091 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-timezone-l1-1-0.dll - ok
16:43:10.0093 0x0f18 [ BFB08FB09E8D68673F2F0213C59E2B97, 6D5881719E9599BF10A4193C8E2DED2A38C10DE0BA8904F48C67F2DA6E84ED3E ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-file-l2-1-0.dll
16:43:10.0093 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-file-l2-1-0.dll - ok
16:43:10.0095 0x0f18 [ 3B9D034CA8A0345BC8F248927A86BF22, A7AC7ECE5E626C0B4E32C13299E9A44C8C380C8981CE4965CBE4C83759D2F52D ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-localization-l1-2-0.dll
16:43:10.0095 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-localization-l1-2-0.dll - ok
16:43:10.0097 0x0f18 [ F6B4D8D403D22EB87A60BF6E4A3E7041, 25687E95B65D0521F8C737DF301BF90DB8940E1C0758BB6EA5C217CF7D2F2270 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-synch-l1-2-0.dll
16:43:10.0097 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-synch-l1-2-0.dll - ok
16:43:10.0099 0x0f18 [ F6D1216E974FB76585FD350EBDC30648, 348B70E57AE0329AC40AC3D866B8E896B0B8FEF7E8809A09566F33AF55D33271 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-file-l1-2-0.dll
16:43:10.0099 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-file-l1-2-0.dll - ok
16:43:10.0101 0x0f18 [ C2EAD5FCCE95A04D31810768A3D44D57, 42A9A3D8A4A7C82CB6EC42C62D3A522DAA95BEB01ECB776AAC2BFD4AA1E58D62 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-processthreads-l1-1-1.dll
16:43:10.0101 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-core-processthreads-l1-1-1.dll - ok
16:43:10.0103 0x0f18 [ 5E72659B38A2977984BBC23ED274F007, 44A4DB6080F6BDAE6151F60AE5DC420FAA3BE50902E88F8F14AD457DEC3FE4EA ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-string-l1-1-0.dll
16:43:10.0103 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-string-l1-1-0.dll - ok
16:43:10.0105 0x0f18 [ 5245F303E96166B8E625DD0A97E2D66A, 90A63611D9169A8CD7D030CD2B107B6E290E50E2BEBA6FA640A7497A8599AFF5 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-convert-l1-1-0.dll
16:43:10.0105 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-convert-l1-1-0.dll - ok
16:43:10.0106 0x0f18 [ 39D81596A7308E978D67AD6FDCCDD331, 3D109FD01F6684414D8A1D0D2F5E6C5B4E24DE952A0695884744A6CBD44A8EC7 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-heap-l1-1-0.dll
16:43:10.0106 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-heap-l1-1-0.dll - ok
16:43:10.0108 0x0f18 [ E70D8FE9D21841202B4FD1CF55D37AC5, E087F611B3659151DFB674728202944A7C0FE71710F280840E00A5C4B640632D ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-locale-l1-1-0.dll
16:43:10.0108 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-locale-l1-1-0.dll - ok
16:43:10.0110 0x0f18 [ 32D7B95B1BCE23DB9FBD0578053BA87F, 104A76B41CBD9A945DBA43A6FFA8C6DE99DB2105D4CE93A717729A9BD020F728 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-stdio-l1-1-0.dll
16:43:10.0110 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-stdio-l1-1-0.dll - ok
16:43:10.0113 0x0f18 [ D0D380AF839124368A96D6AA82C7C8AE, 06985D00BF4985024E95442702BBDB53C2127E99F16440424F3380A88883F1A5 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-math-l1-1-0.dll
16:43:10.0113 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-math-l1-1-0.dll - ok
16:43:10.0115 0x0f18 [ 45C54A21261180410091CEFB23F6A5AE, 2B0FEA07DB507B7266346EAB3CA7EDE3821876AADC519DAF059B130B85640918 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-environment-l1-1-0.dll
16:43:10.0115 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-environment-l1-1-0.dll - ok
16:43:10.0117 0x0f18 [ AB8734C2328A46E7E9583BEFEB7085A2, 921B7CF74744C4336F976DB6750921B2A0960E8AA11268457F5ED27C0E13B2C8 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-filesystem-l1-1-0.dll
16:43:10.0117 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-filesystem-l1-1-0.dll - ok
16:43:10.0119 0x0f18 [ 809BC1010EAF714CD095189AF236CE2F, B52F2B9DE19D12B0E727E13E3DDE93009E487BFB2DD97FD23952C7080949D97E ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-multibyte-l1-1-0.dll
16:43:10.0119 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-multibyte-l1-1-0.dll - ok
16:43:10.0121 0x0f18 [ 1FA7C2B81CDFD7ACE42A2A9A0781C946, CAFDB772A1D7ACF0807478FDBA1E00FD101FC29C136547B37131F80D21DACFFD ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-time-l1-1-0.dll
16:43:10.0121 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-time-l1-1-0.dll - ok
16:43:10.0123 0x0f18 [ D6ABF5C056D80592F8E2439E195D61AC, 8858D883D180CEA63E3BF4A3F5BC9E0F9FA16C9A35A84C4EFE65308CEA13A364 ] D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-utility-l1-1-0.dll
16:43:10.0123 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\api-ms-win-crt-utility-l1-1-0.dll - ok
16:43:10.0124 0x0f18 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
16:43:10.0124 0x0f18 C:\Windows\System32\RpcEpMap.dll - ok
16:43:10.0126 0x0f18 [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
16:43:10.0126 0x0f18 C:\Windows\System32\wshqos.dll - ok
16:43:10.0128 0x0f18 [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
16:43:10.0128 0x0f18 C:\Windows\System32\WSHTCPIP.DLL - ok
16:43:10.0130 0x0f18 [ 1D6A37865851009CF88F527E560F51DD, 3F4A35A1A7ABC19F28098465F1799AF090C3F342B190063CA846DB2F1C84EE5D ] D:\Program Files\TxGameAssistant\AppMarket\dr.dll
16:43:10.0130 0x0f18 D:\Program Files\TxGameAssistant\AppMarket\dr.dll - ok
16:43:10.0132 0x0f18 [ 39B61BE1172C6EA24E20268F36D85B78, 36A21DE3415E783B16E42C55EFF07823DF5509AF43A0634C401F191E1298AC87 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFSrvWsc.exe
16:43:10.0132 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFSrvWsc.exe - ok
16:43:10.0134 0x0f18 [ 840281F034189612E19DF5DA51F1441E, EDC7C65223A8FA13C4AAB05A589F8B8758FF7C632C89AEA4F23A35E80F79CD38 ] C:\Windows\System32\atiesrxx.exe
16:43:10.0134 0x0f18 C:\Windows\System32\atiesrxx.exe - ok
16:43:10.0136 0x0f18 [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
16:43:10.0136 0x0f18 C:\Windows\System32\FirewallAPI.dll - ok
16:43:10.0137 0x0f18 [ 0BEE002C68E28CE6DA161DCF1376D7D7, 1D4EE0B9CE22D139478008D5591B8C9F027C235CBA601F95A96547CF98159D4B ] C:\Windows\System32\authui.dll
16:43:10.0137 0x0f18 C:\Windows\System32\authui.dll - ok
16:43:10.0139 0x0f18 [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
16:43:10.0139 0x0f18 C:\Windows\System32\LogonUI.exe - ok
16:43:10.0141 0x0f18 [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
16:43:10.0141 0x0f18 C:\Windows\System32\wtsapi32.dll - ok
16:43:10.0143 0x0f18 [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
16:43:10.0143 0x0f18 C:\Windows\SysWOW64\apphelp.dll - ok
16:43:10.0145 0x0f18 [ BDAC1AA64495D0F7E1FF810EBBF1F018, 7920E2381307574C5C4562CF1FF8F79F91204102051FCD708FA4E6A941422084 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
16:43:10.0145 0x0f18 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
16:43:10.0146 0x0f18 [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
16:43:10.0146 0x0f18 C:\Windows\System32\version.dll - ok
16:43:10.0148 0x0f18 [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
16:43:10.0148 0x0f18 C:\Windows\System32\wevtsvc.dll - ok
16:43:10.0150 0x0f18 [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
16:43:10.0150 0x0f18 C:\Windows\SysWOW64\setupapi.dll - ok
16:43:10.0151 0x0f18 [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
16:43:10.0151 0x0f18 C:\Windows\System32\cryptui.dll - ok
16:43:10.0153 0x0f18 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
16:43:10.0153 0x0f18 C:\Windows\System32\audiosrv.dll - ok
16:43:10.0155 0x0f18 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
16:43:10.0155 0x0f18 C:\Windows\System32\mmcss.dll - ok
16:43:10.0157 0x0f18 [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
16:43:10.0157 0x0f18 C:\Windows\System32\ntmarta.dll - ok
16:43:10.0158 0x0f18 [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
16:43:10.0158 0x0f18 C:\Windows\System32\avrt.dll - ok
16:43:10.0160 0x0f18 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
16:43:10.0160 0x0f18 C:\Windows\System32\adtschema.dll - ok
16:43:10.0162 0x0f18 [ 3FFAEA12666E565FF51BF2FCA674F543, 95BA8DBDA495C170E075F48627D7DD89C6B29BE0CE0D0D8316B0236692675060 ] C:\Windows\SysWOW64\cfgmgr32.dll
16:43:10.0162 0x0f18 C:\Windows\SysWOW64\cfgmgr32.dll - ok
16:43:10.0164 0x0f18 [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
16:43:10.0164 0x0f18 C:\Windows\System32\MMDevAPI.dll - ok
16:43:10.0166 0x0f18 [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
16:43:10.0166 0x0f18 C:\Windows\System32\propsys.dll - ok
16:43:10.0167 0x0f18 [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
16:43:10.0168 0x0f18 C:\Windows\SysWOW64\clbcatq.dll - ok
16:43:10.0169 0x0f18 [ CC4ED8BEA78B0DCA6F217E014C3291A7, 01104182E4E6FB3CF6397936D30B2CE3486967586D1B94187B59A8232DAE39FF ] C:\Windows\SysWOW64\devobj.dll
16:43:10.0169 0x0f18 C:\Windows\SysWOW64\devobj.dll - ok
16:43:10.0171 0x0f18 [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
16:43:10.0171 0x0f18 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
16:43:10.0173 0x0f18 [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
16:43:10.0173 0x0f18 C:\Windows\System32\diagperf.dll - ok
16:43:10.0175 0x0f18 [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
16:43:10.0175 0x0f18 C:\Windows\SysWOW64\propsys.dll - ok
16:43:10.0176 0x0f18 [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
16:43:10.0176 0x0f18 C:\Windows\System32\samlib.dll - ok
16:43:10.0179 0x0f18 [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
16:43:10.0179 0x0f18 C:\Windows\System32\shacct.dll - ok
16:43:10.0180 0x0f18 [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
16:43:10.0180 0x0f18 C:\Windows\System32\uxtheme.dll - ok
16:43:10.0182 0x0f18 [ 497BFEDDAF3950DD909C3B0C5558A25D, 980EA189929D95EB36E35980FFF0C81F7B78DE9422771FDE8F4AC7A779F5BD89 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll
16:43:10.0182 0x0f18 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll - ok
16:43:10.0184 0x0f18 [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
16:43:10.0184 0x0f18 C:\Windows\System32\audiodg.exe - ok
16:43:10.0186 0x0f18 [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
16:43:10.0186 0x0f18 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
16:43:10.0188 0x0f18 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
16:43:10.0188 0x0f18 C:\Windows\System32\drivers\fltMgr.sys - ok
16:43:10.0190 0x0f18 [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
16:43:10.0190 0x0f18 C:\Windows\System32\PSHED.DLL - ok
16:43:10.0191 0x0f18 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] C:\Windows\System32\cscsvc.dll
16:43:10.0191 0x0f18 C:\Windows\System32\cscsvc.dll - ok
16:43:10.0193 0x0f18 [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
16:43:10.0193 0x0f18 C:\Windows\System32\dui70.dll - ok
16:43:10.0195 0x0f18 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
16:43:10.0195 0x0f18 C:\Windows\System32\gpsvc.dll - ok
16:43:10.0197 0x0f18 [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
16:43:10.0197 0x0f18 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
16:43:10.0199 0x0f18 [ 2DF36F15B2BC1571A6A542A3C2107920, A918F1EE95269DF973421AF2F5713DEEAF15EF0F77BAA7E8C515FFB69896FB7A ] C:\Windows\System32\nlaapi.dll
16:43:10.0199 0x0f18 C:\Windows\System32\nlaapi.dll - ok
16:43:10.0201 0x0f18 [ 29910D50542B1AA0F162EF3339C61B6D, 018F0922384A5757390652865BB2DF876E9DA08B0858BC619B41D2CD14533ED4 ] C:\Windows\System32\PeerDist.dll
16:43:10.0201 0x0f18 C:\Windows\System32\PeerDist.dll - ok
16:43:10.0202 0x0f18 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
16:43:10.0202 0x0f18 C:\Windows\System32\themeservice.dll - ok
16:43:10.0204 0x0f18 [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
16:43:10.0204 0x0f18 C:\Windows\System32\duser.dll - ok
16:43:10.0206 0x0f18 [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] C:\Windows\System32\profsvc.dll
16:43:10.0206 0x0f18 C:\Windows\System32\profsvc.dll - ok
16:43:10.0208 0x0f18 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
16:43:10.0208 0x0f18 C:\Windows\System32\taskschd.dll - ok
16:43:10.0210 0x0f18 [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
16:43:10.0210 0x0f18 C:\Windows\System32\atl.dll - ok
16:43:10.0212 0x0f18 [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
16:43:10.0212 0x0f18 C:\Windows\System32\dsrole.dll - ok
16:43:10.0213 0x0f18 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
16:43:10.0213 0x0f18 C:\Windows\System32\es.dll - ok
16:43:10.0215 0x0f18 [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
16:43:10.0215 0x0f18 C:\Windows\System32\slc.dll - ok
16:43:10.0217 0x0f18 [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
16:43:10.0217 0x0f18 C:\Windows\System32\SndVolSSO.dll - ok
16:43:10.0219 0x0f18 [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
16:43:10.0219 0x0f18 C:\Windows\System32\comres.dll - ok
16:43:10.0221 0x0f18 [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
16:43:10.0221 0x0f18 C:\Windows\System32\dwmapi.dll - ok
16:43:10.0223 0x0f18 [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
16:43:10.0223 0x0f18 C:\Windows\System32\hid.dll - ok
16:43:10.0224 0x0f18 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
16:43:10.0224 0x0f18 C:\Windows\System32\Sens.dll - ok
16:43:10.0226 0x0f18 [ D6F630C1FD7F436316093AE500363B19, 73A94B4938430396EA4240B1A6676B4E6C19CFAF8C52EFB9A69B4B2175A86307 ] C:\Windows\System32\xmllite.dll
16:43:10.0226 0x0f18 C:\Windows\System32\xmllite.dll - ok
16:43:10.0228 0x0f18 [ 862596399AAFD2A21DB2AF9270CD4F70, 24CAA19EE791FB3440CE742C9064FCE0CB755EF0789D3CE62058A2CFEF0FF6D2 ] C:\Windows\System32\mstask.dll
16:43:10.0228 0x0f18 C:\Windows\System32\mstask.dll - ok
16:43:10.0230 0x0f18 [ 26B73A85855681500BCC25C7CD9FF5B1, 94D134A6AF53AD629A4505B8B0EA37F61BB43AF4DB71874E7E87853163A9282A ] C:\Windows\System32\WindowsCodecs.dll
16:43:10.0230 0x0f18 C:\Windows\System32\WindowsCodecs.dll - ok
16:43:10.0232 0x0f18 [ 538E59BB39E6303412A6973DD58F4B73, F41FBFCFD2B912C3052DECA53CCA98045CF161326D786F52C6C8D59586245BE5 ] C:\Program Files\Sandboxie\SbieSvc.exe
16:43:10.0232 0x0f18 C:\Program Files\Sandboxie\SbieSvc.exe - ok
16:43:10.0234 0x0f18 [ 5FA65E22D8D6E5B21125F2A650F0C1C9, EE2B90FCF61A79F01A0688028F3B196298973C25609E3B1227F3361506DB8FBA ] C:\Program Files\Sandboxie\SbieDll.dll
16:43:10.0234 0x0f18 C:\Program Files\Sandboxie\SbieDll.dll - ok
16:43:10.0236 0x0f18 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
16:43:10.0236 0x0f18 C:\Windows\System32\winbrand.dll - ok
16:43:10.0238 0x0f18 [ 764908FE1FA96F93C95B1B67A0FCED29, 26EF25AB307903C5E806A8CC3B750A491049E5D1225CEDDFCE64DD51AA6F592B ] C:\Windows\System32\netapi32.dll
16:43:10.0238 0x0f18 C:\Windows\System32\netapi32.dll - ok
16:43:10.0240 0x0f18 [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
16:43:10.0240 0x0f18 C:\Windows\System32\VaultCredProvider.dll - ok
16:43:10.0242 0x0f18 [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
16:43:10.0242 0x0f18 C:\Windows\System32\netutils.dll - ok
16:43:10.0244 0x0f18 [ CA2985996BB49924B677113DF95CFEA7, 91F63863B1B597AE421CD2C3D8A3E00578B17876E5F5B828D25C2C9B349ECCCD ] C:\Windows\System32\SmartcardCredentialProvider.dll
16:43:10.0244 0x0f18 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
16:43:10.0246 0x0f18 [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
16:43:10.0246 0x0f18 C:\Windows\System32\wkscli.dll - ok
16:43:10.0247 0x0f18 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
16:43:10.0247 0x0f18 C:\Windows\System32\uxsms.dll - ok
16:43:10.0249 0x0f18 [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
16:43:10.0249 0x0f18 C:\Windows\System32\BioCredProv.dll - ok
16:43:10.0251 0x0f18 [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
16:43:10.0251 0x0f18 C:\Windows\System32\IPHLPAPI.DLL - ok
16:43:10.0253 0x0f18 [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
16:43:10.0253 0x0f18 C:\Windows\System32\winnsi.dll - ok
16:43:10.0254 0x0f18 [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
16:43:10.0254 0x0f18 C:\Windows\System32\winbio.dll - ok
16:43:10.0256 0x0f18 [ 80E69670BDA10F32A941BA7358E33012, AFEC6DB90B06381074B23DC91BEF34E7EA4C87F4B6D836F6BF6BB05CDDBF7605 ] C:\Windows\System32\WUDFPlatform.dll
16:43:10.0256 0x0f18 C:\Windows\System32\WUDFPlatform.dll - ok
16:43:10.0258 0x0f18 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] C:\Windows\System32\WUDFSvc.dll
16:43:10.0258 0x0f18 C:\Windows\System32\WUDFSvc.dll - ok
16:43:10.0260 0x0f18 [ CC0AB40F02D2C2A12209715A3C1B07B8, 90EB303A4E151340DB382248361FEFC5346C31394791DF83663086C8219C2B20 ] C:\Windows\System32\credui.dll
16:43:10.0260 0x0f18 C:\Windows\System32\credui.dll - ok
16:43:10.0261 0x0f18 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
16:43:10.0261 0x0f18 C:\Windows\System32\drivers\lltdio.sys - ok
16:43:10.0263 0x0f18 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
16:43:10.0263 0x0f18 C:\Windows\System32\drivers\nwifi.sys - ok
16:43:10.0265 0x0f18 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
16:43:10.0265 0x0f18 C:\Windows\System32\drivers\ndisuio.sys - ok
16:43:10.0267 0x0f18 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
16:43:10.0267 0x0f18 C:\Windows\System32\drivers\rspndr.sys - ok
16:43:10.0269 0x0f18 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
16:43:10.0269 0x0f18 C:\Windows\System32\lmhsvc.dll - ok
16:43:10.0270 0x0f18 [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
16:43:10.0270 0x0f18 C:\Windows\System32\nrpsrv.dll - ok
16:43:10.0272 0x0f18 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
16:43:10.0272 0x0f18 C:\Windows\System32\nsisvc.dll - ok
16:43:10.0274 0x0f18 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
16:43:10.0274 0x0f18 C:\Windows\System32\dhcpcore.dll - ok
16:43:10.0276 0x0f18 [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] C:\Windows\System32\dnsrslvr.dll
16:43:10.0276 0x0f18 C:\Windows\System32\dnsrslvr.dll - ok
16:43:10.0277 0x0f18 [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
16:43:10.0277 0x0f18 C:\Windows\System32\eapphost.dll - ok
16:43:10.0279 0x0f18 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
16:43:10.0279 0x0f18 C:\Windows\System32\eapsvc.dll - ok
16:43:10.0281 0x0f18 [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
16:43:10.0281 0x0f18 C:\Windows\System32\keyiso.dll - ok
16:43:10.0283 0x0f18 [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
16:43:10.0283 0x0f18 C:\Windows\System32\samcli.dll - ok
16:43:10.0284 0x0f18 [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
16:43:10.0284 0x0f18 C:\Windows\System32\vaultcli.dll - ok
16:43:10.0286 0x0f18 [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
16:43:10.0286 0x0f18 C:\Windows\System32\certCredProvider.dll - ok
16:43:10.0288 0x0f18 [ 0040C486584A8E582C861CFB57AB5387, 5EE17B55CB702D14AE75B19226DE21CD2498BDA6C6EF5872FDB8A718F401FED1 ] C:\Windows\System32\FWPUCLNT.DLL
16:43:10.0288 0x0f18 C:\Windows\System32\FWPUCLNT.DLL - ok
16:43:10.0290 0x0f18 [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
16:43:10.0290 0x0f18 C:\Windows\System32\umb.dll - ok
16:43:10.0291 0x0f18 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
16:43:10.0291 0x0f18 C:\Windows\System32\wlansvc.dll - ok
16:43:10.0293 0x0f18 [ 71C7B65B6557B75B99907E76956AE4B8, 38AD0E96D6AD36C0643761D5F5DB7A2802E059008C0984ABF61F4D8703DE4B3B ] C:\Windows\System32\dhcpcore6.dll
16:43:10.0293 0x0f18 C:\Windows\System32\dhcpcore6.dll - ok
16:43:10.0295 0x0f18 [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
16:43:10.0295 0x0f18 C:\Windows\System32\rasplap.dll - ok
16:43:10.0297 0x0f18 [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
16:43:10.0297 0x0f18 C:\Windows\System32\wlanmsm.dll - ok
16:43:10.0298 0x0f18 [ 4CBCC37856EA2039C27A2FB661DDA0E5, 74CBFAB3092A9564BDDFCB84DB3E3F8BCFD1492938ADF187423D3355D73D21C6 ] C:\Windows\System32\dhcpcsvc6.dll
16:43:10.0299 0x0f18 C:\Windows\System32\dhcpcsvc6.dll - ok
16:43:10.0300 0x0f18 [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
16:43:10.0300 0x0f18 C:\Windows\System32\wlansec.dll - ok
16:43:10.0302 0x0f18 [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
16:43:10.0302 0x0f18 C:\Windows\System32\dhcpcsvc.dll - ok
16:43:10.0304 0x0f18 [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
16:43:10.0304 0x0f18 C:\Windows\System32\dnsext.dll - ok
16:43:10.0306 0x0f18 [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
16:43:10.0306 0x0f18 C:\Windows\System32\onex.dll - ok
16:43:10.0308 0x0f18 [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
16:43:10.0308 0x0f18 C:\Windows\System32\rasapi32.dll - ok
16:43:10.0310 0x0f18 [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
16:43:10.0310 0x0f18 C:\Windows\System32\eappcfg.dll - ok
16:43:10.0312 0x0f18 [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
16:43:10.0312 0x0f18 C:\Windows\System32\eappprxy.dll - ok
16:43:10.0314 0x0f18 [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
16:43:10.0314 0x0f18 C:\Windows\System32\l2gpstore.dll - ok
16:43:10.0315 0x0f18 [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
16:43:10.0315 0x0f18 C:\Windows\System32\rasman.dll - ok
16:43:10.0317 0x0f18 [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
16:43:10.0317 0x0f18 C:\Windows\System32\rtutils.dll - ok
16:43:10.0319 0x0f18 [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
16:43:10.0319 0x0f18 C:\Windows\System32\WinSCard.dll - ok
16:43:10.0321 0x0f18 [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
16:43:10.0321 0x0f18 C:\Windows\System32\wlanutil.dll - ok
16:43:10.0323 0x0f18 [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
16:43:10.0323 0x0f18 C:\Windows\System32\wlgpclnt.dll - ok
16:43:10.0325 0x0f18 [ 1C9F62A4EE71AAFF52D9781C621264C0, 2580631B83F9C58AD0F2D3B8C3C31D3E5544D7BEAF2175B76D5D43B18F9724C6 ] C:\Windows\System32\atieclxx.exe
16:43:10.0325 0x0f18 C:\Windows\System32\atieclxx.exe - ok
16:43:10.0326 0x0f18 [ 9869A4A10B90546DBD56947839FB4B87, 66C84DCF39D9F6896D55B1623184A028891A0A98ABE6044DE1D4BAD60C3C8D72 ] C:\Windows\System32\oleacc.dll
16:43:10.0326 0x0f18 C:\Windows\System32\oleacc.dll - ok
16:43:10.0328 0x0f18 [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
16:43:10.0328 0x0f18 C:\Windows\System32\UXInit.dll - ok
16:43:10.0330 0x0f18 [ 5C29199C9F0EDE64F17F268084EC4392, EA9FD588A8C89399DD287399A912B356A4234CFE418239B227D255749F5DDDE2 ] C:\Windows\System32\msxml6.dll
16:43:10.0330 0x0f18 C:\Windows\System32\msxml6.dll - ok
16:43:10.0332 0x0f18 [ 9C214977EA72606F261DE0445974BDEE, CE814E299D0B3A3B3A9AE0B4CC2FED128460CB9ED2823EEF7B6C04E9376161FB ] C:\Windows\System32\atiadlxx.dll
16:43:10.0332 0x0f18 C:\Windows\System32\atiadlxx.dll - ok
16:43:10.0334 0x0f18 [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll
16:43:10.0334 0x0f18 C:\Windows\System32\UIAutomationCore.dll - ok
16:43:10.0335 0x0f18 [ C72ABC6B7B90A61364B6DD889B5435F3, 0CBBD9691F08434DA3617874F99C6DD87538CBD65B5D8BC39FCE378D4ED29EED ] C:\Windows\System32\msvcr110.dll
16:43:10.0335 0x0f18 C:\Windows\System32\msvcr110.dll - ok
16:43:10.0337 0x0f18 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
16:43:10.0337 0x0f18 C:\Windows\System32\shsvcs.dll - ok
16:43:10.0339 0x0f18 [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
16:43:10.0339 0x0f18 C:\Windows\System32\imageres.dll - ok
16:43:10.0341 0x0f18 [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
16:43:10.0341 0x0f18 C:\Windows\System32\netcfgx.dll - ok
16:43:10.0343 0x0f18 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] C:\Windows\System32\drivers\vwifimp.sys
16:43:10.0343 0x0f18 C:\Windows\System32\drivers\vwifimp.sys - ok
16:43:10.0344 0x0f18 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
16:43:10.0344 0x0f18 C:\Windows\System32\schedsvc.dll - ok
16:43:10.0346 0x0f18 [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
16:43:10.0346 0x0f18 C:\Windows\System32\ktmw32.dll - ok
16:43:10.0348 0x0f18 [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
16:43:10.0348 0x0f18 C:\Windows\System32\fveapi.dll - ok
16:43:10.0350 0x0f18 [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
16:43:10.0350 0x0f18 C:\Windows\System32\fvecerts.dll - ok
16:43:10.0351 0x0f18 [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
16:43:10.0351 0x0f18 C:\Windows\System32\tbs.dll - ok
16:43:10.0353 0x0f18 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
16:43:10.0353 0x0f18 C:\Windows\System32\taskcomp.dll - ok
16:43:10.0355 0x0f18 [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
16:43:10.0355 0x0f18 C:\Windows\System32\wiarpc.dll - ok
16:43:10.0357 0x0f18 [ 11338E0557B07BC32CDB980B6EDB35AA, E0B012FDDF40D280068C33BBC41CBF14E88E49FD237D61C455C6E69772ECFDAF ] C:\Windows\System32\ci.dll
16:43:10.0357 0x0f18 C:\Windows\System32\ci.dll - ok
16:43:10.0359 0x0f18 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
16:43:10.0359 0x0f18 C:\Windows\System32\drivers\http.sys - ok
16:43:10.0360 0x0f18 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] C:\Windows\System32\spoolsv.exe
16:43:10.0360 0x0f18 C:\Windows\System32\spoolsv.exe - ok
16:43:10.0362 0x0f18 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
16:43:10.0362 0x0f18 C:\Windows\System32\BFE.DLL - ok
16:43:10.0364 0x0f18 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] C:\Windows\System32\drivers\bowser.sys
16:43:10.0364 0x0f18 C:\Windows\System32\drivers\bowser.sys - ok
16:43:10.0366 0x0f18 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
16:43:10.0366 0x0f18 C:\Windows\System32\drivers\mpsdrv.sys - ok
16:43:10.0367 0x0f18 [ FAF015B07E3A2874A790A39B7D2C579F, C614B0E80B38EBF7C670EEB833F5E476B33042097DA07206D6C5EE3E52B9A427 ] C:\Windows\System32\drivers\mrxsmb.sys
16:43:10.0367 0x0f18 C:\Windows\System32\drivers\mrxsmb.sys - ok
16:43:10.0369 0x0f18 [ 08E2345DF129082BCDFFDC1440F9C00D, 2ADF69F49DF8C43D4440B6C8A62085C51518CA895A88D37264C60A0B4B1EC55F ] C:\Windows\System32\drivers\mrxsmb10.sys
16:43:10.0369 0x0f18 C:\Windows\System32\drivers\mrxsmb10.sys - ok
16:43:10.0371 0x0f18 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
16:43:10.0371 0x0f18 C:\Windows\System32\MPSSVC.dll - ok
16:43:10.0373 0x0f18 [ 108D87409C5812EF47D81E22843E8C9D, CAE9B91B6BD1DF1552463BD63A06288F5D3E0B81B040BC1C7EC0C2A0119CCECA ] C:\Windows\System32\drivers\mrxsmb20.sys
16:43:10.0373 0x0f18 C:\Windows\System32\drivers\mrxsmb20.sys - ok
16:43:10.0375 0x0f18 [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
16:43:10.0375 0x0f18 C:\Windows\System32\wfapigp.dll - ok
16:43:10.0376 0x0f18 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
16:43:10.0376 0x0f18 C:\Windows\System32\wkssvc.dll - ok
16:43:10.0378 0x0f18 [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
16:43:10.0378 0x0f18 C:\Windows\System32\mscms.dll - ok
16:43:10.0380 0x0f18 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
16:43:10.0380 0x0f18 C:\Windows\System32\pcasvc.dll - ok
16:43:10.0382 0x0f18 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
16:43:10.0382 0x0f18 C:\Windows\System32\snmptrap.exe - ok
16:43:10.0385 0x0f18 [ B23A016180FC5B0BC2686F2C2D7B706C, 1268FC4755DC504D27F3D63F4C358817F8AFFB339BE0B318307E018BFBA70346 ] D:\Program Files\TxGameAssistant\UI\AOW_DRV_X64.SYS
16:43:10.0385 0x0f18 D:\Program Files\TxGameAssistant\UI\AOW_DRV_X64.SYS - ok
16:43:10.0387 0x0f18 [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
16:43:10.0387 0x0f18 C:\Windows\System32\hnetcfg.dll - ok
16:43:10.0389 0x0f18 [ 7C00C608FE4C8EDE9E30940837B9AC8B, 3F85DE6487722960E8ED71B23EE0535FA2C07B2FA7ABFE4DEB1B35DCE5E44642 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
16:43:10.0389 0x0f18 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
16:43:10.0391 0x0f18 [ 91A8E32B00BF7899EDAB6783287DDDA6, 49451722317AB42B3DE407EFCB9CC560C1455217AC3E2F11F74D08C1708473C5 ] C:\Windows\System32\PeerDistSh.dll
16:43:10.0391 0x0f18 C:\Windows\System32\PeerDistSh.dll - ok
16:43:10.0393 0x0f18 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
16:43:10.0393 0x0f18 C:\Windows\System32\provsvc.dll - ok
16:43:10.0395 0x0f18 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
16:43:10.0395 0x0f18 C:\Windows\System32\sstpsvc.dll - ok
16:43:10.0397 0x0f18 [ FB1F7C3E1C0D47D129AFE30B8C5626A7, FAEEDDA23DD38323CD9B6B37431DCEA213CEC6FE7539A9591B776DB06647DA76 ] C:\Program Files\4G LTE Wingle\4G_Server.exe
16:43:10.0397 0x0f18 C:\Program Files\4G LTE Wingle\4G_Server.exe - ok
16:43:10.0398 0x0f18 [ 243C088A5C060EC1348D817108C2CBC1, 96D7AC8214D7E82C96794FB91D3D1ACEA00F7369124D2040A7AFC5C234725DFC ] C:\Program Files\4G LTE Wingle\InitHW.dll
16:43:10.0398 0x0f18 C:\Program Files\4G LTE Wingle\InitHW.dll - ok
16:43:10.0400 0x0f18 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
16:43:10.0400 0x0f18 C:\Windows\SysWOW64\winspool.drv - ok
16:43:10.0402 0x0f18 [ D2EC0C59CAB7A29F5C5269591911A3B1, 0790D0268BAF540009CC1E4E6E3241D8D7B1C343C53EE27967EBB6ECE88E1930 ] C:\Program Files\4G LTE Wingle\ATManager.dll
16:43:10.0402 0x0f18 C:\Program Files\4G LTE Wingle\ATManager.dll - ok
16:43:10.0403 0x0f18 [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] C:\Windows\System32\cryptsvc.dll
16:43:10.0403 0x0f18 C:\Windows\System32\cryptsvc.dll - ok
16:43:10.0405 0x0f18 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
16:43:10.0405 0x0f18 C:\Windows\System32\dps.dll - ok
16:43:10.0407 0x0f18 [ BF02D8EF91CEF81DEB20260FE796B0F7, D0CD3A7568D9F08B5F40B1DE0F1CC41182727F686488E10040034ED2EEE83C66 ] C:\Windows\System32\drivers\idmwfp.sys
16:43:10.0407 0x0f18 C:\Windows\System32\drivers\idmwfp.sys - ok
16:43:10.0408 0x0f18 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] C:\Windows\System32\IKEEXT.DLL
16:43:10.0408 0x0f18 C:\Windows\System32\IKEEXT.DLL - ok
16:43:10.0410 0x0f18 [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
16:43:10.0410 0x0f18 C:\Windows\System32\vpnikeapi.dll - ok
16:43:10.0412 0x0f18 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
16:43:10.0412 0x0f18 C:\Windows\System32\vssapi.dll - ok
16:43:10.0414 0x0f18 [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
16:43:10.0414 0x0f18 C:\Windows\System32\vsstrace.dll - ok
16:43:10.0416 0x0f18 [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
16:43:10.0416 0x0f18 C:\Windows\System32\dllhost.exe - ok
16:43:10.0417 0x0f18 [ 14DFDEAF4E589ED3F1FF187A86B9408C, 86D383D5B90A86556521C62C50F7BE0306FCD24FD86A8A37E8320FAE948531EB ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
16:43:10.0417 0x0f18 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
16:43:10.0419 0x0f18 [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
16:43:10.0419 0x0f18 C:\Windows\System32\IDStore.dll - ok
16:43:10.0421 0x0f18 [ 6D707786D7163383C64F07263BB9478E, 2A97D0F3EE6E100C8942ED55C86B64882E7524F3BA8990AD8EBFFB6FE9958A66 ] C:\Windows\System32\KBDJPN.DLL
16:43:10.0421 0x0f18 C:\Windows\System32\KBDJPN.DLL - ok
16:43:10.0423 0x0f18 [ 001D7099C3DB8E53A955FF4D66E25AA2, 70B857DB1B8B03D317722D5868C5012947C0C791632C878D60BF16D0EF889A78 ] C:\Windows\System32\kbd101.dll
16:43:10.0423 0x0f18 C:\Windows\System32\kbd101.dll - ok
16:43:10.0425 0x0f18 [ A1D990022654CFE37E2561E540F0253B, 3966DF44B840F7C2ECB760472AC8397B78CBFC2E72FEA3C1BA7649103B39CF28 ] C:\Windows\System32\kbd106.dll
16:43:10.0425 0x0f18 C:\Windows\System32\kbd106.dll - ok
16:43:10.0427 0x0f18 [ 117865AD39587EB4DA218AAF2E559B8C, F645D1A3FFDBD16D06942E9B80A1AF6FE14ACA1D5041731B5C5BCA74E20C02F5 ] C:\Windows\System32\kbdnec.dll
16:43:10.0427 0x0f18 C:\Windows\System32\kbdnec.dll - ok
16:43:10.0428 0x0f18 [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
16:43:10.0428 0x0f18 C:\Windows\System32\rasadhlp.dll - ok
16:43:10.0430 0x0f18 [ 89B89AE23491F5D4E338499A3D568269, 8E8230EA733075EB8700E92F07DAB29CC5729D67CEEF75197BC91515EE4C0A8F ] C:\Windows\System32\localspl.dll
16:43:10.0430 0x0f18 C:\Windows\System32\localspl.dll - ok
16:43:10.0432 0x0f18 [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
16:43:10.0432 0x0f18 C:\Windows\System32\AtBroker.exe - ok
16:43:10.0434 0x0f18 [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
16:43:10.0434 0x0f18 C:\Windows\System32\mpr.dll - ok
16:43:10.0436 0x0f18 [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
16:43:10.0436 0x0f18 C:\Windows\System32\userinit.exe - ok
16:43:10.0438 0x0f18 [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
16:43:10.0438 0x0f18 C:\Windows\System32\dwm.exe - ok
16:43:10.0440 0x0f18 [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
16:43:10.0440 0x0f18 C:\Windows\System32\dwmredir.dll - ok
16:43:10.0442 0x0f18 [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
16:43:10.0442 0x0f18 C:\Windows\System32\dwmcore.dll - ok
16:43:10.0443 0x0f18 [ AC4C51EB24AA95B77F705AB159189E24, 6A671B92A69755DE6FD063FCBE4BA926D83B49F78C42DBAEED8CDB6BBC57576A ] C:\Windows\explorer.exe
16:43:10.0444 0x0f18 C:\Windows\explorer.exe - ok
16:43:10.0445 0x0f18 [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
16:43:10.0445 0x0f18 C:\Windows\System32\spoolss.dll - ok
16:43:10.0447 0x0f18 [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
16:43:10.0447 0x0f18 C:\Windows\System32\winspool.drv - ok
16:43:10.0450 0x0f18 [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
16:43:10.0450 0x0f18 C:\Windows\System32\PrintIsolationProxy.dll - ok
16:43:10.0451 0x0f18 [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
16:43:10.0451 0x0f18 C:\Windows\System32\FXSMON.dll - ok
16:43:10.0453 0x0f18 [ D63BEE2A8B22482F7080A8D3F2E1A733, 20E2CC793E55548CA8F6EB7F02D51EEA7632E16302C9213705F3A9684AD9F41F ] C:\Windows\System32\d3d10_1.dll
16:43:10.0453 0x0f18 C:\Windows\System32\d3d10_1.dll - ok
16:43:10.0455 0x0f18 [ 426BA4E737A7988FD1202AF2F2B2F4A6, 3E84B1EF044C157B7B228AE86A4466BC7E24B2D85F07636D0119041E3D630A2F ] C:\Windows\System32\d3d10_1core.dll
16:43:10.0455 0x0f18 C:\Windows\System32\d3d10_1core.dll - ok
16:43:10.0457 0x0f18 [ F404E59DB6A0F122AB26BF4F3E2FD0FA, 47F30401D86006821475F911A3D5E9B23571F6A8B4A9942891298E33D070D5D5 ] C:\Windows\System32\dxgi.dll
16:43:10.0457 0x0f18 C:\Windows\System32\dxgi.dll - ok
16:43:10.0458 0x0f18 [ 517110BD83835338C037269E603DB55D, 499A803DE14905F2FF7BCA56D81CC983E16A8D9CEA93EC4B84A06A366E7CB939 ] C:\Windows\System32\taskhost.exe
16:43:10.0458 0x0f18 C:\Windows\System32\taskhost.exe - ok
16:43:10.0460 0x0f18 [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
16:43:10.0460 0x0f18 C:\Windows\System32\PlaySndSrv.dll - ok
16:43:10.0462 0x0f18 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
16:43:10.0462 0x0f18 C:\Windows\System32\MsCtfMonitor.dll - ok
16:43:10.0464 0x0f18 [ 5374E317C1CC52EA8BE1B06A22412203, 7E0FE453A6C9F8B3EFDDEE0C2948DF5DA876BDCC40EFE4E44A81C1F7B96B6922 ] C:\Windows\System32\aticfx64.dll
16:43:10.0464 0x0f18 C:\Windows\System32\aticfx64.dll - ok
16:43:10.0466 0x0f18 [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
16:43:10.0466 0x0f18 C:\Windows\System32\ExplorerFrame.dll - ok
16:43:10.0467 0x0f18 [ 45C1A5AD5EA1FE01F1A1D53980546A76, DAB9EBB8DBE2B104F7D53E5E44CF6901495D3A5380EC5F9CF231D0402E82D8CF ] C:\Windows\System32\atiuxp64.dll
16:43:10.0467 0x0f18 C:\Windows\System32\atiuxp64.dll - ok
16:43:10.0469 0x0f18 [ 1A1EBA07FB140D30508AC2A3559147D9, 2EF13EB900B5BB0C98ACF54917A6AE19B90B5EDBD6BC1D87D4E05218AED8A1BE ] C:\Windows\System32\atidxx64.dll
16:43:10.0469 0x0f18 C:\Windows\System32\atidxx64.dll - ok
16:43:10.0471 0x0f18 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:43:10.0471 0x0f18 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
16:43:10.0472 0x0f18 [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
16:43:10.0472 0x0f18 C:\Windows\System32\tcpmon.dll - ok
16:43:10.0474 0x0f18 [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
16:43:10.0474 0x0f18 C:\Windows\System32\snmpapi.dll - ok
16:43:10.0476 0x0f18 [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
16:43:10.0476 0x0f18 C:\Windows\System32\wsnmp32.dll - ok
16:43:10.0478 0x0f18 [ AE02C57D1DCD2BD914A333EF5E05EEEB, 2DF35E2C1D613B55AF041B0B283E5F47493E542E88E5B334C23C077242B9416D ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll
16:43:10.0478 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll - ok
16:43:10.0479 0x0f18 [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
16:43:10.0480 0x0f18 C:\Windows\System32\msutb.dll - ok
16:43:10.0481 0x0f18 [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
16:43:10.0481 0x0f18 C:\Windows\System32\uDWM.dll - ok
16:43:10.0483 0x0f18 [ 225126E6277282BA7141383B87ECDCE4, B6DBB23CDB3C7A473D7AEA9BC9519D41242ADE586097900A8EDD9E4BED207FC1 ] C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
16:43:10.0483 0x0f18 C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll - ok
16:43:10.0485 0x0f18 [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
16:43:10.0485 0x0f18 C:\Windows\System32\usbmon.dll - ok
16:43:10.0487 0x0f18 [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
16:43:10.0487 0x0f18 C:\Windows\System32\winmm.dll - ok
16:43:10.0489 0x0f18 [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
16:43:10.0489 0x0f18 C:\Windows\System32\HotStartUserAgent.dll - ok
16:43:10.0491 0x0f18 [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
16:43:10.0491 0x0f18 C:\Windows\System32\WSDMon.dll - ok
16:43:10.0492 0x0f18 [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
16:43:10.0492 0x0f18 C:\Windows\System32\taskeng.exe - ok
16:43:10.0494 0x0f18 [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
16:43:10.0494 0x0f18 C:\Windows\System32\TSChannel.dll - ok
16:43:10.0496 0x0f18 [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
16:43:10.0496 0x0f18 C:\Windows\System32\WSDApi.dll - ok
16:43:10.0498 0x0f18 [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
16:43:10.0498 0x0f18 C:\Windows\System32\webservices.dll - ok
16:43:10.0500 0x0f18 [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
16:43:10.0500 0x0f18 C:\Windows\System32\fundisc.dll - ok
16:43:10.0502 0x0f18 [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
16:43:10.0502 0x0f18 C:\Windows\System32\fdPnp.dll - ok
16:43:10.0504 0x0f18 [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
16:43:10.0504 0x0f18 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
16:43:10.0506 0x0f18 [ 2AC11BE0F5D9A01433732AAB8BA21774, 523B2D6516CB4BC86F2D9C7129D0F2C976F2EC93A1382E3FA043B0B54E7B7F09 ] C:\Windows\System32\win32spl.dll
16:43:10.0506 0x0f18 C:\Windows\System32\win32spl.dll - ok
16:43:10.0508 0x0f18 [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
16:43:10.0508 0x0f18 C:\Windows\System32\inetpp.dll - ok
16:43:10.0510 0x0f18 [ A70C4A02AF97EB5C42910262FE8AA37B, 65681F9EAD2D0483E528F69E32446213269506E6EF546E30AD2041F624DE1620 ] C:\Program Files (x86)\Internet Download Manager\IDMNetMon64.dll
16:43:10.0510 0x0f18 C:\Program Files (x86)\Internet Download Manager\IDMNetMon64.dll - ok
16:43:10.0512 0x0f18 [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
16:43:10.0512 0x0f18 C:\Windows\System32\EhStorShell.dll - ok
16:43:10.0513 0x0f18 [ 97BB37731F04CEBC15C4FD09C8CE5176, 432951DB264A1765BDFBE070DF25F6568842BFD2DBF0073644D1019FE9FFE66F ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
16:43:10.0513 0x0f18 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
16:43:10.0515 0x0f18 [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
16:43:10.0515 0x0f18 C:\Windows\System32\cscapi.dll - ok
16:43:10.0517 0x0f18 [ 8750687E825637A0CA3A4A12CA928F17, 9194E3C1C4F1BFCA56C0BC80A7127FF3326E6022983E22814ECD2D2150128C7F ] C:\Program Files (x86)\SMADAV\SMΔRTP.exe
16:43:10.0517 0x0f18 C:\Program Files (x86)\SMADAV\SMΔRTP.exe - ok
16:43:10.0520 0x0f18 [ CD180A9701D5259E4A30CE25CFF56181, DC34B347D0E15CC95E502B3F5E1A2B9E970B465EA0E317220850A27B5EBB60FF ] C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe
16:43:10.0520 0x0f18 C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe - ok
16:43:10.0521 0x0f18 [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
16:43:10.0522 0x0f18 C:\Windows\SysWOW64\rasapi32.dll - ok
16:43:10.0523 0x0f18 [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
16:43:10.0523 0x0f18 C:\Windows\SysWOW64\rasman.dll - ok
16:43:10.0525 0x0f18 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
16:43:10.0525 0x0f18 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
16:43:10.0527 0x0f18 [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
16:43:10.0527 0x0f18 C:\Windows\SysWOW64\wlanapi.dll - ok
16:43:10.0529 0x0f18 [ 0D7BE936A44E6B70F822D272A5CEBC22, 280E44BF707AD46DB480287975BFDC58C416E05193171836610FBFA2FFBA8AF3 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
16:43:10.0529 0x0f18 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
16:43:10.0531 0x0f18 [ BE165318E0052A91F7EA36F515B5F2B1, 6FFADF9F6A2DC6097DD036FDFC718C856A67E64544019D029A4E767D3F84538D ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll
16:43:10.0531 0x0f18 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok
16:43:10.0533 0x0f18 [ 18E756E0FE2FFCD5DE35F6B9F91244A6, 2B508EEA1F59BE0E627BB87921F88D6C7277609DCCEFCD3618F83503CF871761 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll
16:43:10.0533 0x0f18 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll - ok
16:43:10.0535 0x0f18 [ 2189278AB7A6FA4428188606D93D202B, 3B5DB50D3BC4573597B14A9FDE66B5C7B884BECF5F9C7242B77EF6B9FC4AB8D6 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
16:43:10.0535 0x0f18 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
16:43:10.0537 0x0f18 [ 53FE14BD8160EBE29EF29B0A5366F34A, B3C76B38ED40610FDFCFE197BD92EACBCDFAA9F6CC27479C2E38B70570E02F85 ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
16:43:10.0537 0x0f18 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
16:43:10.0539 0x0f18 [ 32802C0F6FC7C8F561B9D91F52A46421, EE02CF54FC3626D85849EF14D9B7B57419F12D1DD0735C25ECBD987EE53F634B ] C:\Windows\System32\cscui.dll
16:43:10.0539 0x0f18 C:\Windows\System32\cscui.dll - ok
16:43:10.0540 0x0f18 [ 7EE5F17A21D9A9101207DF4BC37B085D, C07A56D52449B9F126B617FB4EFDC22EFE043C9B257B01967EA2FCCCA6216763 ] C:\Windows\System32\cscdll.dll
16:43:10.0541 0x0f18 C:\Windows\System32\cscdll.dll - ok
16:43:10.0542 0x0f18 [ 7BBF670114373CE6A203FA155A9E0D0A, 36EF0A36C679E53B1B169289BD3C05D7C2839DC20C8C87BF520B633911FDE198 ] C:\Windows\System32\ntshrui.dll
16:43:10.0542 0x0f18 C:\Windows\System32\ntshrui.dll - ok
16:43:10.0544 0x0f18 [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
16:43:10.0544 0x0f18 C:\Windows\System32\IconCodecService.dll - ok
16:43:10.0546 0x0f18 [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
16:43:10.0546 0x0f18 C:\Windows\System32\runonce.exe - ok
16:43:10.0548 0x0f18 [ 703FFD301AB900B047337C5D40FD6F96, C09909B89183B89BA87CAC8C5BEBD0E995C5CB08CC9B9D1E88352103EE958857 ] C:\Windows\SysWOW64\olepro32.dll
16:43:10.0548 0x0f18 C:\Windows\SysWOW64\olepro32.dll - ok
16:43:10.0549 0x0f18 [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
16:43:10.0549 0x0f18 C:\Windows\SysWOW64\wlanutil.dll - ok
16:43:10.0551 0x0f18 [ E9010F10E0038A22BAEB69C28F71E2BF, 9092300A7CCAF00A28AF57E458DB831B1B7BE7A760D68B3497066621DFC3C452 ] C:\Program Files (x86)\MyPublicWiFi\ndisapi.dll
16:43:10.0551 0x0f18 C:\Program Files (x86)\MyPublicWiFi\ndisapi.dll - ok
16:43:10.0554 0x0f18 [ 5343A19C618BC515CEB1695586C6C137, 2246B4FEAE199408EA66D4A90C1589026F4A5800CE5A28E583B94506A8A73DCE ] C:\Windows\SysWOW64\msvbvm60.dll
16:43:10.0554 0x0f18 C:\Windows\SysWOW64\msvbvm60.dll - ok
16:43:10.0556 0x0f18 [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
16:43:10.0556 0x0f18 C:\Windows\SysWOW64\runonce.exe - ok
16:43:10.0558 0x0f18 [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
16:43:10.0558 0x0f18 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe - ok
16:43:10.0560 0x0f18 [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
16:43:10.0560 0x0f18 C:\Windows\SysWOW64\uxtheme.dll - ok
16:43:10.0562 0x0f18 [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
16:43:10.0562 0x0f18 C:\Windows\SysWOW64\sxs.dll - ok
16:43:10.0564 0x0f18 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
16:43:10.0564 0x0f18 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
16:43:10.0566 0x0f18 [ 433A50F4D1BAAE13F3BCA0A23A20259A, 2E60ED45BF64C223BB36AF2C15064330779873F0C352360E462F78469DB2ACE4 ] C:\Program Files (x86)\SMADAV\SmadEngine.dll
16:43:10.0566 0x0f18 C:\Program Files (x86)\SMADAV\SmadEngine.dll - ok
16:43:10.0568 0x0f18 [ 86D177F43030F61A8610259A2E8F07FE, 7D20D5E1A4108476106D2644A97F9D4D238EC17B9A2FA4CF379B0DE044BC0452 ] C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
16:43:10.0568 0x0f18 C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL - ok
16:43:10.0570 0x0f18 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
16:43:10.0570 0x0f18 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
16:43:10.0572 0x0f18 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
16:43:10.0572 0x0f18 C:\Windows\SysWOW64\dbghelp.dll - ok
16:43:10.0574 0x0f18 [ 088CF5B6380FB9002F2A4246F812225D, 3E7205FEBC5B2432EE3655CD71D630A5D5EA609995F43053B1B5EB8917C46453 ] C:\Windows\SysWOW64\asycfilt.dll
16:43:10.0574 0x0f18 C:\Windows\SysWOW64\asycfilt.dll - ok
16:43:10.0576 0x0f18 [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
16:43:10.0576 0x0f18 C:\Windows\SysWOW64\dwmapi.dll - ok
16:43:10.0577 0x0f18 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
16:43:10.0577 0x0f18 C:\Windows\SysWOW64\winmm.dll - ok
16:43:10.0579 0x0f18 [ 813331FDB5375C4AC9A1DB2BC64AE6EE, 44E0F5A8C9AB0B70C9C728DCC335E07031EAE97D3E4C4894E4B50CB9A8303259 ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NB.dll
16:43:10.0579 0x0f18 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NB.dll - ok
16:43:10.0581 0x0f18 [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
16:43:10.0581 0x0f18 C:\Windows\SysWOW64\winhttp.dll - ok
16:43:10.0583 0x0f18 [ 02C61D8AD469417F5508225C75DE3236, 579555AB92DA532D69E14B62064B7D415338A963099BB84B599E1FF55D933787 ] C:\Windows\SysWOW64\webio.dll
16:43:10.0583 0x0f18 C:\Windows\SysWOW64\webio.dll - ok
16:43:10.0584 0x0f18 [ 813101AE7E85BC1EF2E014DCCF588984, 73AC48BD177A0F010B9AA50216A3A7B9ADC78B76B7DEB8C84F98F2406CF229F2 ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\LBFC.dll
16:43:10.0584 0x0f18 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\LBFC.dll - ok
16:43:10.0586 0x0f18 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
16:43:10.0586 0x0f18 C:\Windows\System32\netman.dll - ok
16:43:10.0588 0x0f18 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] C:\Windows\System32\nlasvc.dll
16:43:10.0588 0x0f18 C:\Windows\System32\nlasvc.dll - ok
16:43:10.0590 0x0f18 [ 35BA1F08E93D79BE1127A435A2FD38C2, 5ACB3F284E83579AE6B5EBA087BA2E13F89A848E018638E2F642518078FFBBFE ] C:\Program Files\OpenVPN\bin\openvpnserv.exe
16:43:10.0590 0x0f18 C:\Program Files\OpenVPN\bin\openvpnserv.exe - ok
16:43:10.0591 0x0f18 [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
16:43:10.0591 0x0f18 C:\Windows\SysWOW64\cryptsp.dll - ok
16:43:10.0593 0x0f18 [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
16:43:10.0593 0x0f18 C:\Windows\SysWOW64\rsaenh.dll - ok
16:43:10.0595 0x0f18 [ 4A435F95B940E93A88FEC144BD409789, 12775F6F54AD9BCBCD4F91F371D8911772CA7B14316DAFFDC28B971D1FDCC182 ] C:\Windows\System32\ncsi.dll
16:43:10.0595 0x0f18 C:\Windows\System32\ncsi.dll - ok
16:43:10.0597 0x0f18 [ FBC75FB68EE2513EEA358C04449BAA23, 51B2DFE7725EEEF147E5DDCDC1D0B90477EF7A253E194A2FB71DC0C8652964BA ] C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
16:43:10.0597 0x0f18 C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe - ok
16:43:10.0599 0x0f18 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5, AE163388201EF2F119E11265586E7DA32C6E5B348E0CC32E3F72E21EBFD0843B ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
16:43:10.0599 0x0f18 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
16:43:10.0600 0x0f18 [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
16:43:10.0600 0x0f18 C:\Windows\System32\winhttp.dll - ok
16:43:10.0602 0x0f18 [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
16:43:10.0602 0x0f18 C:\Windows\System32\aepic.dll - ok
16:43:10.0604 0x0f18 [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
16:43:10.0604 0x0f18 C:\Windows\System32\sfc.dll - ok
16:43:10.0606 0x0f18 [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
16:43:10.0606 0x0f18 C:\Windows\System32\sfc_os.dll - ok
16:43:10.0607 0x0f18 [ 8999B8631C7FD9F7F9EC3CAFD953BA24, 4E96D3EACCB1EF7DC429CAF433C2D4A0A129333B9AB10A05C32CA33C67DC26FA ] C:\Windows\SysWOW64\mswsock.dll
16:43:10.0607 0x0f18 C:\Windows\SysWOW64\mswsock.dll - ok
16:43:10.0609 0x0f18 [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
16:43:10.0609 0x0f18 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
16:43:10.0611 0x0f18 [ 104A1070E90F1C530328E69B49718841, C5EBDD404F92E185467C390CC30DB4BD7BE0193536DD5708277662D4B0EA38D1 ] C:\Windows\SysWOW64\nlaapi.dll
16:43:10.0611 0x0f18 C:\Windows\SysWOW64\nlaapi.dll - ok
16:43:10.0613 0x0f18 [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
16:43:10.0613 0x0f18 C:\Windows\SysWOW64\NapiNSP.dll - ok
16:43:10.0614 0x0f18 [ BC9489DF517C426D4044D99F14449134, CABD014BA29A548252BB8D5BD46D047DBFC445489492D9DF75B29CEDE0AC9F8B ] C:\Windows\System32\webio.dll
16:43:10.0614 0x0f18 C:\Windows\System32\webio.dll - ok
16:43:10.0616 0x0f18 [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
16:43:10.0616 0x0f18 C:\Windows\SysWOW64\pnrpnsp.dll - ok
16:43:10.0618 0x0f18 [ 59DF156711A76BCB993253EC6C9BBF41, F8BCA0D764CD78A6B455268B9C5BA655D8A95B3E0939CC0AB5A493610C0058B9 ] C:\Windows\SysWOW64\dnsapi.dll
16:43:10.0618 0x0f18 C:\Windows\SysWOW64\dnsapi.dll - ok
16:43:10.0620 0x0f18 [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
16:43:10.0620 0x0f18 C:\Windows\SysWOW64\winrnr.dll - ok
16:43:10.0621 0x0f18 [ 03A03A453F1AAAE0C73AAAF895321C7A, BB46C581347EDA9CAF287E24163A593F07BD723E1C250ADD8E5C46BB349B668C ] C:\Windows\SysWOW64\FWPUCLNT.DLL
16:43:10.0621 0x0f18 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
16:43:10.0623 0x0f18 [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
16:43:10.0623 0x0f18 C:\Windows\SysWOW64\rasadhlp.dll - ok
16:43:10.0625 0x0f18 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
16:43:10.0625 0x0f18 C:\Windows\System32\ssdpapi.dll - ok
16:43:10.0627 0x0f18 [ DB001FAEA818AE2E14A74E0ADC530FC0, 45CB405589C92BF74C47B7C90E299A5732A99403C51F301A5B60579CAF3116E7 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
16:43:10.0627 0x0f18 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
16:43:10.0628 0x0f18 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
16:43:10.0628 0x0f18 C:\Windows\System32\drivers\PEAuth.sys - ok
16:43:10.0630 0x0f18 [ 78B62E4C13378F737603136975A07E1A, 7CC6C299A20B2DE62B3844417F085FCE7FEA32CC006A10658B3E4815B536329F ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll
16:43:10.0630 0x0f18 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll - ok
16:43:10.0632 0x0f18 [ FFC54FA19FD67DDE232CFC0A87B0B1A7, 67955838D7DB7C817C261C0603020CF3293B6EB2DBC78450E0479255BF6B8CF4 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
16:43:10.0632 0x0f18 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
16:43:10.0634 0x0f18 [ EBB431C6332107651CD2E2715A707994, 669BED2F3A2CFFB5E25FE6CF6956E61036FA1D9127AE59F05B22CFD57CEA3E2A ] C:\Windows\SysWOW64\urlmon.dll
16:43:10.0634 0x0f18 C:\Windows\SysWOW64\urlmon.dll - ok
16:43:10.0636 0x0f18 [ 44214C94911C7CFB1D52CB64D5E8368D, 4B01872788057ECF5A1AC6647512F5671213F76651FF8E808F1310A1240F35A2 ] C:\Windows\SysWOW64\wininet.dll
16:43:10.0636 0x0f18 C:\Windows\SysWOW64\wininet.dll - ok
16:43:10.0638 0x0f18 [ 683E0C9DA9E1EB9E4691DFAE0EC83E36, F5CD7DE4B315F318D495C4E28292FA47B96640D044502131934190EC58F3D1D5 ] C:\Windows\SysWOW64\iertutil.dll
16:43:10.0638 0x0f18 C:\Windows\SysWOW64\iertutil.dll - ok
16:43:10.0639 0x0f18 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
16:43:10.0639 0x0f18 C:\Windows\SysWOW64\cmd.exe - ok
16:43:10.0641 0x0f18 [ BD51024FB014064BC9FE8C715C18392F, 23F7AB98268F88E6CA9EE96B3DDBC6AA745BFFACD2E5F80A211CE48D976EB9A4 ] C:\Windows\System32\conhost.exe
16:43:10.0641 0x0f18 C:\Windows\System32\conhost.exe - ok
16:43:10.0643 0x0f18 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
16:43:10.0643 0x0f18 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
16:43:10.0645 0x0f18 [ C5A99A4C0DC9F0F5A95BA0C83D30A549, F99CCCE303F0FC07D82D3BBA223E8CCE41FB7FA8FB5C2A9214C161826537C7C9 ] C:\Windows\SysWOW64\mstask.dll
16:43:10.0645 0x0f18 C:\Windows\SysWOW64\mstask.dll - ok
16:43:10.0647 0x0f18 [ 2EDDAC53FFBB0A440B1AB9A278853295, 8FBF2750E160A0815F57C588EDB4232760CDF842D56B005F2ECA4D0CA7CB7936 ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBBurn.dll
16:43:10.0647 0x0f18 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBBurn.dll - ok
16:43:10.0648 0x0f18 [ C1E64261CE370717259904F5D3FDFC2C, 3D3E43C416270D884340B1BF3E3BA75F55C90757D8188BBB7D27CC46E1B4C288 ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll
16:43:10.0648 0x0f18 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll - ok
16:43:10.0650 0x0f18 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A, 52D1A8AA992AF2F727DA4B16522D604648D700997B1620CCB67D05838C127674 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
16:43:10.0650 0x0f18 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
16:43:10.0652 0x0f18 [ 28A09777D2D952122567A8A82F1A2C7B, 772260DF36AE85A0619C51402DE416E0C329976B724C8E9C4F8C013CBB7C7289 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
16:43:10.0652 0x0f18 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
16:43:10.0654 0x0f18 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5, ADD7B965D6D4F1FB4DABF8E40E0322E1FDC4652CA8FD670F487D1E875B770759 ] C:\Windows\SysWOW64\WindowsCodecs.dll
16:43:10.0654 0x0f18 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
16:43:10.0656 0x0f18 [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
16:43:10.0656 0x0f18 C:\Windows\System32\aeevts.dll - ok
16:43:10.0657 0x0f18 [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
16:43:10.0657 0x0f18 C:\Windows\SysWOW64\winbrand.dll - ok
16:43:10.0659 0x0f18 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
16:43:10.0659 0x0f18 C:\Windows\System32\drivers\secdrv.sys - ok
16:43:10.0661 0x0f18 [ 2BA8F3250828CCDB4204ECF2C6F40B6A, 22C4FBF9A87C46E69C48B681FF733D68D9CB7B7D73FB14C8C2A06E9009F9860E ] C:\Windows\System32\drivers\srvnet.sys
16:43:10.0661 0x0f18 C:\Windows\System32\drivers\srvnet.sys - ok
16:43:10.0663 0x0f18 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
16:43:10.0663 0x0f18 C:\Windows\System32\sysmain.dll - ok
16:43:10.0664 0x0f18 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll
16:43:10.0664 0x0f18 C:\Windows\System32\tapisrv.dll - ok
16:43:10.0666 0x0f18 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] C:\Windows\System32\drivers\tcpipreg.sys
16:43:10.0666 0x0f18 C:\Windows\System32\drivers\tcpipreg.sys - ok
16:43:10.0668 0x0f18 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
16:43:10.0668 0x0f18 C:\Windows\System32\httpapi.dll - ok
16:43:10.0670 0x0f18 [ D0F73A42040F21F92FD314B42AC5C9E7, A021C4318C9CFA594305458B2643BB0C22DDE1F3D51C93C9F3E7F7AB75B31278 ] C:\Windows\System32\drivers\srv2.sys
16:43:10.0670 0x0f18 C:\Windows\System32\drivers\srv2.sys - ok
16:43:10.0672 0x0f18 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
16:43:10.0672 0x0f18 C:\Windows\System32\trkwks.dll - ok
16:43:10.0673 0x0f18 [ 2098B8556D1CEC2ACA9A29CD479E3692, D5826407C64F18C16EB36E6F00787CFAFCD9B24B5BD8AD126AD01E6E4134966F ] C:\Windows\System32\drivers\srv.sys
16:43:10.0673 0x0f18 C:\Windows\System32\drivers\srv.sys - ok
16:43:10.0675 0x0f18 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
16:43:10.0675 0x0f18 C:\Windows\System32\wbem\WMIsvc.dll - ok
16:43:10.0677 0x0f18 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
16:43:10.0677 0x0f18 C:\Windows\System32\wbemcomn.dll - ok
16:43:10.0679 0x0f18 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll
16:43:10.0679 0x0f18 C:\Windows\System32\rasmans.dll - ok
16:43:10.0681 0x0f18 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] C:\Windows\System32\iphlpsvc.dll
16:43:10.0681 0x0f18 C:\Windows\System32\iphlpsvc.dll - ok
16:43:10.0683 0x0f18 [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
16:43:10.0683 0x0f18 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
16:43:10.0685 0x0f18 [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
16:43:10.0685 0x0f18 C:\Windows\System32\wbem\fastprox.dll - ok
16:43:10.0687 0x0f18 [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
16:43:10.0687 0x0f18 C:\Windows\System32\sqmapi.dll - ok
16:43:10.0689 0x0f18 [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
16:43:10.0689 0x0f18 C:\Windows\System32\wdscore.dll - ok
16:43:10.0691 0x0f18 [ 44C96B48112EB24AE7764EBF1C527000, 6691D008C834686906B4841EF27604B0F0E70E668C09CEE19369426BF168AF44 ] C:\Windows\System32\rastapi.dll
16:43:10.0691 0x0f18 C:\Windows\System32\rastapi.dll - ok
16:43:10.0693 0x0f18 [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
16:43:10.0693 0x0f18 C:\Windows\System32\ntdsapi.dll - ok
16:43:10.0695 0x0f18 [ FAFAE01E889DC9C05A6CA2138CFC220B, 192CFDE3593ED0A9B397461D912074C0F062015C23E6F6658571C7C2864D9A51 ] C:\Windows\System32\tapi32.dll
16:43:10.0695 0x0f18 C:\Windows\System32\tapi32.dll - ok
16:43:10.0697 0x0f18 [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
16:43:10.0697 0x0f18 C:\Windows\System32\wbem\wbemprox.dll - ok
16:43:10.0698 0x0f18 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
16:43:10.0698 0x0f18 C:\Windows\System32\srvsvc.dll - ok
16:43:10.0700 0x0f18 [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] C:\Windows\System32\browser.dll
16:43:10.0700 0x0f18 C:\Windows\System32\browser.dll - ok
16:43:10.0702 0x0f18 [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
16:43:10.0702 0x0f18 C:\Windows\System32\netmsg.dll - ok
16:43:10.0704 0x0f18 [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
16:43:10.0704 0x0f18 C:\Windows\System32\wbem\WinMgmtR.dll - ok
16:43:10.0706 0x0f18 [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
16:43:10.0706 0x0f18 C:\Windows\System32\sscore.dll - ok
16:43:10.0708 0x0f18 [ D2A0FFA75AB181B19B5EB93BB29C7686, AC282D5EFFB191492F14638EB80F18E53C4A3D26C94A00A949366B3564D6C3E2 ] C:\Windows\System32\unimdm.tsp
16:43:10.0708 0x0f18 C:\Windows\System32\unimdm.tsp - ok
16:43:10.0709 0x0f18 [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
16:43:10.0709 0x0f18 C:\Windows\System32\clusapi.dll - ok
16:43:10.0711 0x0f18 [ 94B7DF336815B47236724019FAB24B7C, 43549F1FB89D0585A0E0333BB8E1DDED2EBD0F3C0EC3EA93B238EA037188AA41 ] C:\Windows\System32\uniplat.dll
16:43:10.0711 0x0f18 C:\Windows\System32\uniplat.dll - ok
16:43:10.0713 0x0f18 [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
16:43:10.0713 0x0f18 C:\Windows\System32\resutils.dll - ok
16:43:10.0715 0x0f18 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
16:43:10.0715 0x0f18 C:\Windows\System32\netprofm.dll - ok
16:43:10.0716 0x0f18 [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
16:43:10.0716 0x0f18 C:\Windows\System32\nci.dll - ok
16:43:10.0718 0x0f18 [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
16:43:10.0718 0x0f18 C:\Windows\System32\wbem\wbemcore.dll - ok
16:43:10.0720 0x0f18 [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
16:43:10.0720 0x0f18 C:\Windows\System32\wbem\esscli.dll - ok
16:43:10.0721 0x0f18 [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
16:43:10.0721 0x0f18 C:\Windows\System32\wbem\wbemsvc.dll - ok
16:43:10.0723 0x0f18 [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
16:43:10.0723 0x0f18 C:\Windows\System32\wbem\wmiutils.dll - ok
16:43:10.0725 0x0f18 [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
16:43:10.0725 0x0f18 C:\Windows\System32\wbem\repdrvfs.dll - ok
16:43:10.0727 0x0f18 [ F53A4C061B5F629884696331AC638B78, 74BAA6DF2C848D193F0902C671BBAC00D3ED06549538C2777159D541C557091E ] C:\Program Files (x86)\SMADAV\SmadavProtect64.exe
16:43:10.0727 0x0f18 C:\Program Files (x86)\SMADAV\SmadavProtect64.exe - ok
16:43:10.0729 0x0f18 [ 6C84519BFAB8D8E1FA58C215C1E51F87, B0D297E959799CA233B60F56ACBBACA88B0A7E7C03960BD45CC9837D4D804BE7 ] C:\Program Files (x86)\SMADAV\SmadHook64.dll
16:43:10.0729 0x0f18 C:\Program Files (x86)\SMADAV\SmadHook64.dll - ok
16:43:10.0730 0x0f18 [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
16:43:10.0730 0x0f18 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
16:43:10.0732 0x0f18 [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
16:43:10.0732 0x0f18 C:\Windows\System32\ncobjapi.dll - ok
16:43:10.0734 0x0f18 [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
16:43:10.0734 0x0f18 C:\Windows\System32\wbem\wbemess.dll - ok
16:43:10.0736 0x0f18 [ 4619E14B2DF4137907CD988ACA4B30A5, B8D451CC8B23108931D657FA7895CD97734567135F40F061D1F34F9C613B004C ] C:\Windows\SysWOW64\ieframe.dll
16:43:10.0736 0x0f18 C:\Windows\SysWOW64\ieframe.dll - ok
16:43:10.0737 0x0f18 [ CBD010BFBED9657C3813400AAD03CF8A, 2DD60A291D8F4A44D7D638C83A46CFA618525A72B9D975FB81F8F403699B9AE6 ] C:\Windows\SysWOW64\oleacc.dll
16:43:10.0737 0x0f18 C:\Windows\SysWOW64\oleacc.dll - ok
16:43:10.0739 0x0f18 [ BE247AE996A9FDE007A27B51413A6C79, A4280BE9BDCB51E50A0E302F59ACDF866EFAC8035D766172D06C15019CC57476 ] C:\Windows\SysWOW64\shdocvw.dll
16:43:10.0739 0x0f18 C:\Windows\SysWOW64\shdocvw.dll - ok
16:43:10.0741 0x0f18 [ 5431C67855D1CEEED8F42CF63E3F9632, 281186D6534972348D21AA019A83F96A59E0D74EE1EB5C27E37AD30E806A4801 ] C:\Users\Yoizuki\AppData\Local\Temp\{641018BC-9213-4591-A4F2-53CE9100A58D}\{6BF7EE6A-7360-4A6D-AEE3-ABD767703889}.exe
16:43:10.0741 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{641018BC-9213-4591-A4F2-53CE9100A58D}\{6BF7EE6A-7360-4A6D-AEE3-ABD767703889}.exe - ok
16:43:10.0743 0x0f18 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
16:43:10.0743 0x0f18 C:\Windows\SysWOW64\sfc.dll - ok
16:43:10.0745 0x0f18 [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
16:43:10.0745 0x0f18 C:\Windows\SysWOW64\sfc_os.dll - ok
16:43:10.0746 0x0f18 [ FD07F21E0A19C27ED4E1EEC2B07452B3, DF54C00B021AF64BB04EDEBCA6F41CCF48F1959DD53ADE545FAFC565F1243392 ] C:\Windows\SysWOW64\devrtl.dll
16:43:10.0746 0x0f18 C:\Windows\SysWOW64\devrtl.dll - ok
16:43:10.0748 0x0f18 [ D56C13F26ADCB3BC0455DB42883F6E7D, D4FED452DB714614EC362DCC56EFA66777FBCFB49037D9B3C1FFE09A91ADA2D0 ] C:\Windows\System32\iedkcs32.dll
16:43:10.0748 0x0f18 C:\Windows\System32\iedkcs32.dll - ok
16:43:10.0750 0x0f18 [ 6D220604AA4240303DD8DEAEAB428377, 0AC013CFA8F8040017969B3110BBD3B9A4827E0DFC4BE65F334F607248DF9550 ] C:\Windows\System32\ie4uinit.exe
16:43:10.0750 0x0f18 C:\Windows\System32\ie4uinit.exe - ok
16:43:10.0752 0x0f18 [ 1FCB1A72BF5C784F7358E6BEF38E4571, 12DA4240F8C964EDA6223257BD9723FD9372E63AE86F00509163B1DE12A5F6C5 ] C:\Windows\System32\timedate.cpl
16:43:10.0752 0x0f18 C:\Windows\System32\timedate.cpl - ok
16:43:10.0754 0x0f18 [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
16:43:10.0754 0x0f18 C:\Windows\System32\actxprxy.dll - ok
16:43:10.0756 0x0f18 [ C4F40F6CACD796A8E16671D0E9A2F319, 44853C645915D910ED0CC6D38F68B6C222528EC5FCBE990E238010F41204E682 ] C:\Windows\System32\shdocvw.dll
16:43:10.0756 0x0f18 C:\Windows\System32\shdocvw.dll - ok
16:43:10.0758 0x0f18 [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
16:43:10.0758 0x0f18 C:\Windows\System32\linkinfo.dll - ok
16:43:10.0760 0x0f18 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
16:43:10.0760 0x0f18 C:\Windows\System32\msftedit.dll - ok
16:43:10.0761 0x0f18 [ 3504B34CD2DE00BA3CC1A195F1B739BD, C08B5AD0C59FF393658CB08130A138CDBC16C1BF2672611CD2C5C93ED40EBA21 ] C:\Windows\System32\gameux.dll
16:43:10.0761 0x0f18 C:\Windows\System32\gameux.dll - ok
16:43:10.0763 0x0f18 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll
16:43:10.0763 0x0f18 C:\Windows\System32\wer.dll - ok
16:43:10.0765 0x0f18 [ 7CB3ACB163DE051169095DC6507B8977, 45D4DEB0695440D8B5E959945B3F7A773E02E2AB305E316123A1064FC1905402 ] C:\Windows\System32\msls31.dll
16:43:10.0765 0x0f18 C:\Windows\System32\msls31.dll - ok
16:43:10.0767 0x0f18 [ 7DBA84667DC18877AEF693E3543DFAD7, 499306CE72EB8B873C547C600FD1093B7A79122D656407E69879041690AE588F ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
16:43:10.0767 0x0f18 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
16:43:10.0769 0x0f18 [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
16:43:10.0769 0x0f18 C:\Windows\System32\DeviceCenter.dll - ok
16:43:10.0770 0x0f18 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:43:10.0770 0x0f18 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
16:43:10.0772 0x0f18 [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
16:43:10.0772 0x0f18 C:\Windows\SysWOW64\credssp.dll - ok
16:43:10.0774 0x0f18 [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
16:43:10.0774 0x0f18 C:\Windows\SysWOW64\wship6.dll - ok
16:43:10.0776 0x0f18 [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
16:43:10.0776 0x0f18 C:\Windows\System32\msiltcfg.dll - ok
16:43:10.0778 0x0f18 [ 6A16BCE3C09496650BE881C467611653, 4E63CCC81461183863DE467C79452E5A5214DD142E4077C39F542D55BD238C59 ] C:\Windows\System32\msi.dll
16:43:10.0778 0x0f18 C:\Windows\System32\msi.dll - ok
16:43:10.0780 0x0f18 [ E027A6E99EF709AFD195FD6329224C47, B31B85BF369DC36363B0E527AE3B8E95B33699D17D09C6313C43E7373A3E6874 ] C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{E740202D-8D99-4AC9-AAC1-B151B00671DF}.tmp
16:43:10.0780 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{E740202D-8D99-4AC9-AAC1-B151B00671DF}.tmp - ok
16:43:10.0781 0x0f18 [ AB67816718E5C65CC326BE56AC0B9E73, D6F19026CB87C9BB5521D668B13347B68F297FCE34C5F1BFE530574B16ADB2D5 ] C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{3A76C0E7-0F48-477C-8685-526FDDC6C202}.tmp
16:43:10.0781 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{3A76C0E7-0F48-477C-8685-526FDDC6C202}.tmp - ok
16:43:10.0784 0x0f18 [ FA17EC109029B01C1DC956FF3BD6FC77, D657D71001E5ECDA4BBBC4C35B2B17BF7FC87E90C965A115D59670A3EDD5F8CD ] C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{811EFCCF-3EAB-46BE-A05E-A165B6345E94}.tmp
16:43:10.0784 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{811EFCCF-3EAB-46BE-A05E-A165B6345E94}.tmp - ok
16:43:10.0785 0x0f18 [ DC6DB08D85337C9675F94B01043279AE, B09E491113F9E95F4EE00BB51BB21D4967BAC333C0DCD030A10AEA9B9E52032B ] C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{19E86CCC-4687-4C5B-919C-EA445CF4B63D}.tmp
16:43:10.0785 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{19E86CCC-4687-4C5B-919C-EA445CF4B63D}.tmp - ok
16:43:10.0787 0x0f18 [ C74D46C1F542F5FEB9B7E1A8EC04986D, FA83733A81BA8D96EDFD15C1914D5A6056D73C61540C8747E9AE1343DA47A63D ] C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{4C0AB82F-738B-4ACF-BF71-0F2526BC41AB}.tmp
16:43:10.0787 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{4C0AB82F-738B-4ACF-BF71-0F2526BC41AB}.tmp - ok
16:43:10.0789 0x0f18 [ 517ECD823EB9A03368294C6C33A695D0, 7BA4EF2C5E9D15A4EE8ACC169CA233010DF8D1BC7088665E06C9E71BBA0CD40C ] C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{3CD8003E-74C7-4ADE-A6D7-10603C5FBB0C}.tmp
16:43:10.0789 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{3CD8003E-74C7-4ADE-A6D7-10603C5FBB0C}.tmp - ok
16:43:10.0791 0x0f18 [ A8CE0C7F1D37E0B8082608A148B6B976, 29F667E4DEA45C95E15ED54E9C37585E450325370F6011FFB667886F2FF0ABEB ] C:\Windows\SysWOW64\secur32.dll
16:43:10.0791 0x0f18 C:\Windows\SysWOW64\secur32.dll - ok
16:43:10.0793 0x0f18 [ 3428F170E1953B4C4EA10A5F58B55908, B554E04021472C3C2BBDED2B4BBB4F6648932356F8DA409A2A7F6AC02E54B306 ] C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{E9A5B0EA-C55C-4977-B6CD-43B77BBCC6B7}.tmp
16:43:10.0793 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{E9A5B0EA-C55C-4977-B6CD-43B77BBCC6B7}.tmp - ok
16:43:10.0795 0x0f18 [ 96D681B7DE0BA6BFA1DC55915003CD05, 26CDA6A9A67F20A494F0EF3577D14F5DDA1F0D4428891DBD271A757833285939 ] C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{B2129244-40DD-4332-B0F7-C39E4FEE2FE6}.tmp
16:43:10.0795 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{B2129244-40DD-4332-B0F7-C39E4FEE2FE6}.tmp - ok
16:43:10.0797 0x0f18 [ 85D8D497E3CFCD66607DAD332378DE8B, FEB2FF9315B41A7D13C9F3EB4CFDD612C951CA02330BC5A9129881E148769C7F ] C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{FC77EA9D-7F80-484B-91C2-707DB7B92A07}.tmp
16:43:10.0797 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{FC77EA9D-7F80-484B-91C2-707DB7B92A07}.tmp - ok
16:43:10.0799 0x0f18 [ CD0DAF878147B723108C428370FF0355, A5C3D8A516FD0A15DAAB442DA424E996112C355239B985413EAA4DC1FAB76303 ] C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{F50F56E8-CDF3-46F5-B664-9D75AB72FC8D}.tmp
16:43:10.0799 0x0f18 C:\Users\Yoizuki\AppData\Local\Temp\{75E1B53A-BB3F-4E19-A5B4-676D86B6BAF3}\{F50F56E8-CDF3-46F5-B664-9D75AB72FC8D}.tmp - ok
16:43:10.0800 0x0f18 [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
16:43:10.0800 0x0f18 C:\Windows\System32\dsound.dll - ok
16:43:10.0802 0x0f18 [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
16:43:10.0802 0x0f18 C:\Windows\System32\msimg32.dll - ok
16:43:10.0804 0x0f18 [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
16:43:10.0804 0x0f18 C:\Windows\System32\oledlg.dll - ok
16:43:10.0806 0x0f18 [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
16:43:10.0806 0x0f18 C:\Windows\System32\AudioSes.dll - ok
16:43:10.0808 0x0f18 [ C08DE9FE49B8DE126EE7A42C7C80450E, E90A163A1225181D7DFA4DB0CCD6C2D4C628FCDCC8917F3A693C986A603C583A ] C:\Windows\System32\RtkApi64.dll
16:43:10.0808 0x0f18 C:\Windows\System32\RtkApi64.dll - ok
16:43:10.0809 0x0f18 [ 0805289E121F3E3C458C970B08314EB2, D9B448A04C09F525F599D0369CF9A197F471AABDA0A97201760C46D2EB8F3CDE ] C:\Windows\System32\RtkCfg64.dll
16:43:10.0809 0x0f18 C:\Windows\System32\RtkCfg64.dll - ok
16:43:10.0811 0x0f18 [ B88634F6FFAE80168B82E7E1BAEA5458, 78B59A2312300C915CCEFC8F4515B4FF2F21D6A14A00D63CB4B66E73966E010A ] C:\Windows\System32\RtkAPO64.dll
16:43:10.0811 0x0f18 C:\Windows\System32\RtkAPO64.dll - ok
16:43:10.0813 0x0f18 [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
16:43:10.0813 0x0f18 C:\Windows\System32\AudioEng.dll - ok
16:43:10.0815 0x0f18 [ 41326DD08ACC0CDC5F8177AF96C066E8, 9C21BB553EEDD28272E865396C9EF94655EC1CF216290A56581AEF7908B7AFDD ] C:\Windows\System32\kmddsp.tsp
16:43:10.0815 0x0f18 C:\Windows\System32\kmddsp.tsp - ok
16:43:10.0816 0x0f18 [ 1D6BC2769DA66C1145F4DA5A65F52E61, B38EFF16652E751BF3B3BD85DA6EA33AB9B7F4228C59F741074E33085DB66ED0 ] C:\Windows\System32\ndptsp.tsp
16:43:10.0816 0x0f18 C:\Windows\System32\ndptsp.tsp - ok
16:43:10.0818 0x0f18 [ 7C1BAE7D23D4874FEE256A2B9C00E019, 4EE87C2F0CACE557AA159349133474A5857B6667DDB976BA5A18489A3333F798 ] C:\Windows\System32\hidphone.tsp
16:43:10.0818 0x0f18 C:\Windows\System32\hidphone.tsp - ok
16:43:10.0820 0x0f18 [ A717A35120DBAB5AB707AB40662AF9DD, DE117E70D0AC7FC26BBCEAAB45A0270A1065B36CC8B062B4128B561F2AAA9E04 ] C:\Windows\System32\rasppp.dll
16:43:10.0820 0x0f18 C:\Windows\System32\rasppp.dll - ok
16:43:10.0822 0x0f18 [ 0FE5CD5F9C9248F42D1EF56E495B182E, 1EBD40C119A3D3251A19A8D15669D9DCB5D3CFBC3AFCF1CD00101C31320243E1 ] C:\Windows\System32\vpnike.dll
16:43:10.0822 0x0f18 C:\Windows\System32\vpnike.dll - ok
16:43:10.0823 0x0f18 [ 6A84E68B538B8B04608BF2F0D426CE6F, 59CE1C06364D1BBEE853DA4AEC1E8B678D6E181723ACCF6DB9F9776CAD47BBDA ] C:\Windows\System32\raschap.dll
16:43:10.0823 0x0f18 C:\Windows\System32\raschap.dll - ok
16:43:10.0825 0x0f18 [ 0CE4D3BD306DA6D1F6F233C403F5B667, 6428AD0BD3732A2038CD372A06563E84F33DCDAB4E2B203B3F75BE678690DCAD ] C:\Windows\SysWOW64\msi.dll
16:43:10.0825 0x0f18 C:\Windows\SysWOW64\msi.dll - ok
16:43:10.0827 0x0f18 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] C:\Windows\System32\ipnathlp.dll
16:43:10.0827 0x0f18 C:\Windows\System32\ipnathlp.dll - ok
16:43:10.0829 0x0f18 [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
16:43:10.0829 0x0f18 C:\Windows\System32\mprapi.dll - ok
16:43:10.0831 0x0f18 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
16:43:10.0831 0x0f18 C:\Windows\System32\netshell.dll - ok
16:43:10.0833 0x0f18 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
16:43:10.0833 0x0f18 C:\Windows\System32\dot3api.dll - ok
16:43:10.0835 0x0f18 [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
16:43:10.0835 0x0f18 C:\Windows\System32\wlanhlp.dll - ok
16:43:10.0836 0x0f18 [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
16:43:10.0837 0x0f18 C:\Windows\System32\wlanapi.dll - ok
16:43:10.0838 0x0f18 [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
16:43:10.0838 0x0f18 C:\Windows\System32\SyncCenter.dll - ok
16:43:10.0840 0x0f18 [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
16:43:10.0840 0x0f18 C:\Windows\SysWOW64\riched20.dll - ok
16:43:10.0842 0x0f18 [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
16:43:10.0842 0x0f18 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
16:43:10.0843 0x0f18 [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
16:43:10.0843 0x0f18 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
16:43:10.0845 0x0f18 [ 5F9961CB14740208EA8026E88FC5083B, 50CA9DA831B27D57618A1B08805741E8BD7FC3CF9D6B69276B4D86457BC6415D ] C:\Program Files\Sandboxie\SbieCtrl.exe
16:43:10.0845 0x0f18 C:\Program Files\Sandboxie\SbieCtrl.exe - ok
16:43:10.0847 0x0f18 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
16:43:10.0847 0x0f18 C:\Windows\SysWOW64\taskschd.dll - ok
16:43:10.0849 0x0f18 [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
16:43:10.0849 0x0f18 C:\Windows\SysWOW64\duser.dll - ok
16:43:10.0851 0x0f18 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
16:43:10.0851 0x0f18 C:\Windows\System32\ndiscapCfg.dll - ok
16:43:10.0853 0x0f18 [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
16:43:10.0853 0x0f18 C:\Windows\System32\rascfg.dll - ok
16:43:10.0855 0x0f18 [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
16:43:10.0855 0x0f18 C:\Windows\System32\mprmsg.dll - ok
16:43:10.0856 0x0f18 [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
16:43:10.0857 0x0f18 C:\Windows\SysWOW64\dui70.dll - ok
16:43:10.0858 0x0f18 [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
16:43:10.0859 0x0f18 C:\Windows\System32\tcpipcfg.dll - ok
16:43:10.0861 0x0f18 [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
16:43:10.0861 0x0f18 C:\Windows\System32\wdmaud.drv - ok
16:43:10.0863 0x0f18 [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
16:43:10.0863 0x0f18 C:\Windows\System32\ksuser.dll - ok
16:43:10.0864 0x0f18 [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
16:43:10.0865 0x0f18 C:\Windows\System32\thumbcache.dll - ok
16:43:10.0866 0x0f18 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:43:10.0866 0x0f18 C:\Program Files\Windows Sidebar\sidebar.exe - ok
16:43:10.0868 0x0f18 [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
16:43:10.0868 0x0f18 C:\Windows\System32\msacm32.drv - ok
16:43:10.0870 0x0f18 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
16:43:10.0870 0x0f18 C:\Windows\System32\msacm32.dll - ok
16:43:10.0872 0x0f18 [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
16:43:10.0872 0x0f18 C:\Windows\System32\midimap.dll - ok
16:43:10.0874 0x0f18 [ 618BCB8EE7474A4BFE16FDEE001DA32E, 93FD8047B7866FC1E82CAD8D66957A4C99094969E0BA8B2BC662EA20BC2137EF ] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
16:43:10.0874 0x0f18 C:\Program Files\OpenVPN\bin\openvpn-gui.exe - ok
16:43:10.0875 0x0f18 [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
16:43:10.0875 0x0f18 C:\Windows\System32\AUDIOKSE.dll - ok
16:43:10.0877 0x0f18 [ 359D1899260CC4CA1138DC6C8A4AF83A, CC1D8FCDE1CF86A92919980D7D4881B2B6694728B4B91E96B6D93413D1FC0572 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:43:10.0877 0x0f18 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
16:43:10.0879 0x0f18 [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
16:43:10.0879 0x0f18 C:\Windows\System32\WMALFXGFXDSP.dll - ok
16:43:10.0881 0x0f18 [ 452FA961163EF4AEE4815796A13AB2CF, 14DC422082F96F5C21C41A5E5F6E8445547CC4B02B18F0A86A34669CA2CE18A7 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
16:43:10.0881 0x0f18 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
16:43:10.0883 0x0f18 [ 62AACB9BAAB969855711E7E89750963F, 616E44E78D1AEB1F857253EFAE16C28968F269BD4D7C6FE8112C4EB3992DD5FB ] C:\Program Files\OpenVPN\bin\libeay32.dll
16:43:10.0883 0x0f18 C:\Program Files\OpenVPN\bin\libeay32.dll - ok
16:43:10.0885 0x0f18 [ 67BD916F01424DEB8AB8CD9E0096F277, D1E4A7BA332DA229138E89E5C4550A58ADD896B85728DF6BA33F1DE57D586E77 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
16:43:10.0885 0x0f18 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
16:43:10.0886 0x0f18 [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
16:43:10.0886 0x0f18 C:\Windows\SysWOW64\mscoree.dll - ok
16:43:10.0888 0x0f18 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:43:10.0888 0x0f18 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
16:43:10.0890 0x0f18 [ 83BA5E873164A3711B44052F58C8FE9F, 7271ADE7A615E6F33375D23DACC32A8A652AF18CAAF8439F018E32E32E222F5A ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
16:43:10.0890 0x0f18 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
16:43:10.0892 0x0f18 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
16:43:10.0892 0x0f18 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe - ok
16:43:10.0894 0x0f18 [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
16:43:10.0894 0x0f18 C:\Windows\System32\mfplat.dll - ok
16:43:10.0897 0x0f18 [ 2635B1A6B11105AACE0440CEC6830189, 800C74D10450901E23E816F1256867B85546B35A46A66C750693CF5543A1E753 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll
16:43:10.0897 0x0f18 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll - ok
16:43:10.0899 0x0f18 [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Windows\SysWOW64\msvcp100.dll
16:43:10.0899 0x0f18 C:\Windows\SysWOW64\msvcp100.dll - ok
16:43:10.0900 0x0f18 [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
16:43:10.0900 0x0f18 C:\Windows\System32\stobject.dll - ok
16:43:10.0902 0x0f18 [ 022B05CEE68D7826A93AEDB4F1EB369E, 3B864D1471ED0949B02F1FA251B987185ABEADDCBECD44EFDBB6A7B7F03CA8BC ] C:\Windows\System32\msxml3.dll
16:43:10.0902 0x0f18 C:\Windows\System32\msxml3.dll - ok
16:43:10.0904 0x0f18 [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
16:43:10.0904 0x0f18 C:\Windows\System32\batmeter.dll - ok
16:43:10.0906 0x0f18 [ 8953999534296F8BAD5B7787BF2E3D89, D2215D745F49927698738AD30AE19AA643CDC8FFFAA76F720CC2FEE35986BC75 ] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
16:43:10.0906 0x0f18 C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe - ok
16:43:10.0908 0x0f18 [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Windows\SysWOW64\msvcr100.dll
16:43:10.0908 0x0f18 C:\Windows\SysWOW64\msvcr100.dll - ok
16:43:10.0909 0x0f18 [ 850BD2D2D9CB5894935C3B6333CAD6FD, AB1EE5FD5E2F1CC927C3EA92E71C91ACA566E69622D47AE780DA391B7C30DDD6 ] C:\Windows\System32\riched20.dll
16:43:10.0909 0x0f18 C:\Windows\System32\riched20.dll - ok
16:43:10.0911 0x0f18 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
16:43:10.0911 0x0f18 C:\Windows\System32\prnfldr.dll - ok
16:43:10.0913 0x0f18 [ CB2A1C2EA227F0338E7F3A8BC03C3D6E, 268A0463D7CB907D45E1C2AB91703E71734116F08B2C090E34C2D506183F9BCA ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
16:43:10.0913 0x0f18 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
16:43:10.0915 0x0f18 [ 9D143DE584AF0B120766B74AA41D1F28, A6292835ABD188E3D0E0A7377B19460ADDB2A52CFD84E389E43F88735C8321C5 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll
16:43:10.0915 0x0f18 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll - ok
16:43:10.0917 0x0f18 [ 3E0AB1C6506F149CC5ABA66433D35E62, 962DBAE610AF406C9FFD035608B71389AECA576FEB96E762E1C72F8EFACCDC48 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll
16:43:10.0917 0x0f18 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll - ok
16:43:10.0919 0x0f18 [ 83502D796852329CDFC906FEE2B5EDE4, CFDF8B760AFDFE34C0EE943FAF9452B4DE438836E03990F983883C1F51BE5E26 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll
16:43:10.0919 0x0f18 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll - ok
16:43:10.0921 0x0f18 [ C822E12D04B7AAFCFB441C674660077D, 06CF1954B814E34A4A6106FEC54726BD6794D308F8EA204014769AFE2E8ABC76 ] C:\Program Files\OpenVPN\bin\openvpn.exe
16:43:10.0921 0x0f18 C:\Program Files\OpenVPN\bin\openvpn.exe - ok
16:43:10.0923 0x0f18 [ F2C7BB8ACC97F92E987A2D4087D021B1, 142E1D688EF0568370C37187FD9F2351D7DDEDA574F8BFA9B0FA4EF42DB85AA2 ] C:\Windows\System32\notepad.exe
16:43:10.0924 0x0f18 C:\Windows\System32\notepad.exe - ok
16:43:10.0926 0x0f18 [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
16:43:10.0926 0x0f18 C:\Windows\System32\DXP.dll - ok
16:43:10.0928 0x0f18 [ 1C8B787BAA52DEAD1A6FEC1502D652F0, 577374EC937931D727B90BFA3969F66A32C5056198F450CFC92C83B0C95D63BE ] C:\Windows\System32\mshtml.dll
16:43:10.0928 0x0f18 C:\Windows\System32\mshtml.dll - ok
16:43:10.0930 0x0f18 [ D90DAD5EEA33A178BAC56FFF2847D4C2, 104162A59E7784E1FE2EC0B7DB8836E1EB905ABFD1602A05D86DEBE930B40CBF ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
16:43:10.0930 0x0f18 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll - ok
16:43:10.0932 0x0f18 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
16:43:10.0932 0x0f18 C:\Windows\System32\Syncreg.dll - ok
16:43:10.0934 0x0f18 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe
16:43:10.0934 0x0f18 C:\Windows\System32\rundll32.exe - ok
16:43:10.0936 0x0f18 [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
16:43:10.0936 0x0f18 C:\Windows\ehome\ehSSO.dll - ok
16:43:10.0937 0x0f18 [ 4F619AD02EDBB67600340121CC01ACEC, 9F2A941570E659C38464BE544A5271FD39E9EB55974AADDD59BCBA24D9A19B72 ] C:\Program Files\OpenVPN\bin\liblzo2-2.dll
16:43:10.0937 0x0f18 C:\Program Files\OpenVPN\bin\liblzo2-2.dll - ok
16:43:10.0939 0x0f18 [ D1E20C07C21C64A7C106767F8760EC50, B21EB2915BDECBB453411F86D421D6E2A4AA08A1E97D699221CEA180BAFF3FC0 ] C:\Program Files\OpenVPN\bin\libpkcs11-helper-1.dll
16:43:10.0939 0x0f18 C:\Program Files\OpenVPN\bin\libpkcs11-helper-1.dll - ok
16:43:10.0941 0x0f18 [ 8116C7907B56A1DE35D8791293664188, CF0C842B0971D5789D7E554DB6FE6586C96EE12A6ABA1D091678A303D720DBBD ] C:\Program Files\OpenVPN\bin\ssleay32.dll
16:43:10.0941 0x0f18 C:\Program Files\OpenVPN\bin\ssleay32.dll - ok
16:43:10.0943 0x0f18 [ 769DDFF0010A7D5BCA7F914D56E828D8, 9FB1E33B95FDD2557BF59A3C5BAB79A45E411E1AEE845B0FDF6FD8C75311DAE3 ] C:\Windows\SysWOW64\atiadlxy.dll
16:43:10.0943 0x0f18 C:\Windows\SysWOW64\atiadlxy.dll - ok
16:43:10.0945 0x0f18 [ B3CE0951E3C1EA3C733573C472EE85F9, F7D81435BA1B85A6B105480B8BF484255CB74B2E31CEA927D8F3546DB6549293 ] C:\Windows\System32\msimtf.dll
16:43:10.0945 0x0f18 C:\Windows\System32\msimtf.dll - ok
16:43:10.0947 0x0f18 [ F1115299B9F4C983BC4523B33E3A506C, 01A1D8B3E5CF727F92F4A43D5C5F81022127D58A850D29D3F084AD411EFBC9DD ] C:\Windows\System32\ieframe.dll
16:43:10.0947 0x0f18 C:\Windows\System32\ieframe.dll - ok
16:43:10.0949 0x0f18 [ 2D1FFFFB473C60805F53598F77A6E283, 3E3275CF28475902E64462916DAE1955C94CD0C59A1FE02A6FA2EE723BF42B48 ] C:\Windows\System32\jscript.dll
16:43:10.0949 0x0f18 C:\Windows\System32\jscript.dll - ok
16:43:10.0951 0x0f18 [ F60B6FA0D353DD31A59E86D3D3FD8066, 3F05831A227DF1181AADDA434A1F625E05096E466C283BD794F412579D9D3D3F ] C:\Windows\System32\imgutil.dll
16:43:10.0951 0x0f18 C:\Windows\System32\imgutil.dll - ok
16:43:10.0952 0x0f18 [ 0728937194E98613051F4A72C7F1D4BF, 29092E49A4EF0F5C5C2C9637242A03749AA851E567DB0192B3936C4FA8A72496 ] C:\Windows\System32\pngfilt.dll
16:43:10.0952 0x0f18 C:\Windows\System32\pngfilt.dll - ok
16:43:10.0954 0x0f18 [ D07EE60DCD2B0C408E466707D2E285A2, BE225292ABCFB723E19CE115375509E4F60CBCB7CED89C2E07D97FD12D1A2E26 ] C:\Windows\Branding\ShellBrd\shellbrd.dll
16:43:10.0954 0x0f18 C:\Windows\Branding\ShellBrd\shellbrd.dll - ok
16:43:10.0956 0x0f18 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
16:43:10.0956 0x0f18 C:\Windows\System32\AltTab.dll - ok
16:43:10.0958 0x0f18 [ BD4C1D83353BFB80F6BA019F6D0BA95B, D1B59736645DDE0FF52C26C9D27CE704AE1C8E40928193F6CB8495762E94C3D0 ] C:\Windows\ehome\ehshell.exe
16:43:10.0958 0x0f18 C:\Windows\ehome\ehshell.exe - ok
16:43:10.0960 0x0f18 [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
16:43:10.0960 0x0f18 C:\Windows\System32\networkexplorer.dll - ok
16:43:10.0961 0x0f18 [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
16:43:10.0962 0x0f18 C:\Windows\System32\ActionCenter.dll - ok
16:43:10.0963 0x0f18 [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
16:43:10.0963 0x0f18 C:\Windows\System32\pnidui.dll - ok
16:43:10.0965 0x0f18 [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
16:43:10.0965 0x0f18 C:\Windows\System32\QUTIL.DLL - ok
16:43:10.0967 0x0f18 [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
16:43:10.0967 0x0f18 C:\Windows\System32\WPDShServiceObj.dll - ok
16:43:10.0969 0x0f18 [ 10E4A1D2132CCB5C6759F038CDB6F3C9, C6A91CBA00BF87CDB064C49ADAAC82255CBEC6FDD48FD21F9B3B96ABF019916B ] C:\Windows\System32\calc.exe
16:43:10.0969 0x0f18 C:\Windows\System32\calc.exe - ok
16:43:10.0971 0x0f18 [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
16:43:10.0971 0x0f18 C:\Windows\System32\PortableDeviceTypes.dll - ok
16:43:10.0973 0x0f18 [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
16:43:10.0973 0x0f18 C:\Windows\System32\PortableDeviceApi.dll - ok
16:43:10.0975 0x0f18 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
16:43:10.0975 0x0f18 C:\Windows\System32\StikyNot.exe - ok
16:43:10.0977 0x0f18 [ 234AFA322624B3203A2E720F08292B03, 0C0ACDD63FD82EDD34442E9E0763872BA6BF6AC73AB89147EA5FDD1E0229CC0A ] C:\Windows\System32\cscobj.dll
16:43:10.0977 0x0f18 C:\Windows\System32\cscobj.dll - ok
16:43:10.0979 0x0f18 [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
16:43:10.0979 0x0f18 C:\Windows\System32\bthprops.cpl - ok
16:43:10.0980 0x0f18 [ A48A1AF784658A8D85185E7552B6F1A8, 3BE14F5E9B0D6D39C63272533E1793BC60E55247C0347AB74BF379A2B708292F ] D:\networx_portable\64-bit\networx.exe
16:43:10.0980 0x0f18 D:\networx_portable\64-bit\networx.exe - ok
16:43:10.0982 0x0f18 [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
16:43:10.0982 0x0f18 C:\Windows\System32\srchadmin.dll - ok
16:43:10.0984 0x0f18 [ B1DD0D503EF077552B749F5ACA9B2E4E, 0C7B625228AD3F47073321242E99D32D62993B58902FAFD1FCF6B064AF4E51D2 ] C:\Program Files\Sandboxie\Start.exe
16:43:10.0984 0x0f18 C:\Program Files\Sandboxie\Start.exe - ok
16:43:10.0986 0x0f18 [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
16:43:10.0986 0x0f18 C:\Windows\System32\FXSST.dll - ok
16:43:10.0988 0x0f18 [ 4823DFE702BAE876CB31F58573D7EB55, A78A3A612127DEC214B9F3AC860F5B5836B61BE89FFD2BF55CBEA71EAE72B8FF ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll
16:43:10.0988 0x0f18 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll - ok
16:43:10.0990 0x0f18 [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
16:43:10.0990 0x0f18 C:\Windows\System32\FXSAPI.dll - ok
16:43:10.0992 0x0f18 [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
16:43:10.0992 0x0f18 C:\Windows\System32\FXSRESM.dll - ok
16:43:10.0993 0x0f18 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
16:43:10.0993 0x0f18 C:\Windows\System32\FXSSVC.exe - ok
16:43:10.0995 0x0f18 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] C:\Windows\System32\drivers\ipnat.sys
16:43:10.0995 0x0f18 C:\Windows\System32\drivers\ipnat.sys - ok
16:43:10.0997 0x0f18 [ 86166381B52F9E85E09C52CD1CDB4919, 07327C7D3DE82A90D4CE43DF1314536E05F7414C7F5A4F63885B6495872C777B ] C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFForceDelete.sys
16:43:10.0997 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFForceDelete.sys - ok
16:43:10.0999 0x0f18 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
16:43:10.0999 0x0f18 C:\Windows\System32\wdi.dll - ok
16:43:11.0001 0x0f18 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] C:\Windows\System32\hidserv.dll
16:43:11.0001 0x0f18 C:\Windows\System32\hidserv.dll - ok
16:43:11.0003 0x0f18 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
16:43:11.0003 0x0f18 C:\Windows\System32\aelupsvc.dll - ok
16:43:11.0005 0x0f18 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
16:43:11.0005 0x0f18 C:\Windows\System32\wpdbusenum.dll - ok
16:43:11.0007 0x0f18 [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
16:43:11.0007 0x0f18 C:\Windows\System32\npmproxy.dll - ok
16:43:11.0009 0x0f18 [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
16:43:11.0009 0x0f18 C:\Windows\System32\rasdlg.dll - ok
16:43:11.0010 0x0f18 [ AD31942BDF3D594C404874613BC2FE4D, 704F4A48FA91B8A22604FF740B506C3B28766F8DFADB9D11814602FAA00EDFAB ] C:\Windows\System32\SearchIndexer.exe
16:43:11.0010 0x0f18 C:\Windows\System32\SearchIndexer.exe - ok
16:43:11.0012 0x0f18 [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
16:43:11.0012 0x0f18 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
16:43:11.0014 0x0f18 [ 6C597496AB646EB9F31C68241050F771, 4107FC16395C80443B999DB547EA6DA5D511D70B49901F97E29858B35C046E8F ] C:\Windows\System32\tquery.dll
16:43:11.0014 0x0f18 C:\Windows\System32\tquery.dll - ok
16:43:11.0016 0x0f18 [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
16:43:11.0016 0x0f18 C:\Windows\System32\dimsjob.dll - ok
16:43:11.0018 0x0f18 [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
16:43:11.0018 0x0f18 C:\Windows\System32\pautoenr.dll - ok
16:43:11.0020 0x0f18 [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
16:43:11.0020 0x0f18 C:\Windows\System32\certcli.dll - ok
16:43:11.0022 0x0f18 [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
16:43:11.0022 0x0f18 C:\Windows\System32\WWanAPI.dll - ok
16:43:11.0023 0x0f18 [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
16:43:11.0023 0x0f18 C:\Windows\System32\CertEnroll.dll - ok
16:43:11.0025 0x0f18 [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
16:43:11.0025 0x0f18 C:\Windows\System32\wwapi.dll - ok
16:43:11.0027 0x0f18 [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
16:43:11.0027 0x0f18 C:\Windows\System32\QAGENT.DLL - ok
16:43:11.0029 0x0f18 [ 017F5CE9BC2333FE0FB738B0A9C13C2F, AA4F0C8AE81E9FA9FB198D9EDB3BBBF1FC4C0FB03388089C0F7E96D496038218 ] C:\Windows\System32\mssrch.dll
16:43:11.0029 0x0f18 C:\Windows\System32\mssrch.dll - ok
16:43:11.0030 0x0f18 [ D63F0353F632FB1EDE724173BE6DB5B5, 82FC79B99BD5D99231CE6701CBACA94ED6F6EC5B7EC0F00F63FC942B2D06568E ] C:\Windows\System32\esent.dll
16:43:11.0030 0x0f18 C:\Windows\System32\esent.dll - ok
16:43:11.0032 0x0f18 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] C:\Windows\System32\alg.exe
16:43:11.0032 0x0f18 C:\Windows\System32\alg.exe - ok
16:43:11.0034 0x0f18 [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
16:43:11.0034 0x0f18 C:\Windows\System32\msidle.dll - ok
16:43:11.0035 0x0f18 [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
16:43:11.0036 0x0f18 C:\Windows\System32\wsock32.dll - ok
16:43:11.0037 0x0f18 [ C7418DBEDD20064B600FF24111F67A12, 8EA23CEE7C98330EE43364FBC14DDF5C31115093BC0AC93138DDDFADF0DB0AE1 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFDownProtect.sys
16:43:11.0037 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFDownProtect.sys - ok
16:43:11.0039 0x0f18 [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
16:43:11.0039 0x0f18 C:\Windows\System32\perftrack.dll - ok
16:43:11.0041 0x0f18 [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
16:43:11.0041 0x0f18 C:\Windows\System32\Apphlpdm.dll - ok
16:43:11.0043 0x0f18 [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
16:43:11.0043 0x0f18 C:\Windows\System32\pnpts.dll - ok
16:43:11.0045 0x0f18 [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
16:43:11.0045 0x0f18 C:\Windows\System32\radardt.dll - ok
16:43:11.0046 0x0f18 [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
16:43:11.0047 0x0f18 C:\Windows\System32\mssprxy.dll - ok
16:43:11.0048 0x0f18 [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
16:43:11.0049 0x0f18 C:\Windows\System32\wdiasqmmodule.dll - ok
16:43:11.0050 0x0f18 [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
16:43:11.0050 0x0f18 C:\Windows\SysWOW64\oledlg.dll - ok
16:43:11.0052 0x0f18 [ 0029EBA325F2FC9B6BA46BEE33F32A09, C07A936009FB275D56DC451C7D05B5F5A3F4DCD985C7F02DEE57D674034C602B ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
16:43:11.0052 0x0f18 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll - ok
16:43:11.0055 0x0f18 [ 4205CA4CD43E725DB9FF02B0A588A8C6, D49C3B4B2FF0455A434B352DE37070B6E13B5C5557CC688E6E46EEC404840ABE ] C:\Windows\SysWOW64\msxml3.dll
16:43:11.0055 0x0f18 C:\Windows\SysWOW64\msxml3.dll - ok
16:43:11.0057 0x0f18 [ F6733842FED56698E125E5432A633D30, F28770FE210B79B54636EFC81DCBEB584ABCFD8B6CB20CF297BCAAD9ABE6537A ] C:\Program Files (x86)\IObit\IObit Malware Fighter\rgfpctl.dll
16:43:11.0057 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\rgfpctl.dll - ok
16:43:11.0058 0x0f18 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
16:43:11.0058 0x0f18 C:\Windows\System32\ssdpsrv.dll - ok
16:43:11.0060 0x0f18 [ B23FA7CD8D2D61E84D8DFECAB32B970E, E2AC94A81B53C9D86CA557225B0BD8C2EB0FC24522521B11403C398CF385990F ] C:\Program Files (x86)\IObit\IObit Malware Fighter\filectl.dll
16:43:11.0061 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\filectl.dll - ok
16:43:11.0063 0x0f18 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] C:\Windows\System32\upnphost.dll
16:43:11.0063 0x0f18 C:\Windows\System32\upnphost.dll - ok
16:43:11.0065 0x0f18 [ F1D00DE0223B8B8062127FF6FF84757F, 6BC8131E144ACCA93B096599066BA95E694654E634DF79F71801FF0C56A09002 ] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
16:43:11.0065 0x0f18 C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll - ok
16:43:11.0067 0x0f18 [ 16FAAD38FE82BB2AAF9665E3949333DD, C550D4D48530E1A7F04D7B11BDB96D1D8A1D49D19A1A3DC3CBF461552C656ED7 ] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\language\English(United_States)\nicLan.dll
16:43:11.0067 0x0f18 C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\language\English(United_States)\nicLan.dll - ok
16:43:11.0069 0x0f18 [ 1ACCDA195262D7638FEBA5A618D9216D, F4C6E206F29D3B298738F090AE651F6ACC39C59DEA6862CEA26BCE73E7377040 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\HomepageSvc.dll
16:43:11.0069 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\HomepageSvc.dll - ok
16:43:11.0071 0x0f18 [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
16:43:11.0071 0x0f18 C:\Windows\System32\upnp.dll - ok
16:43:11.0073 0x0f18 [ B8625891FF0525BF048850370780137D, 8AFF7AC1400D76B2C2F1EC91307CCD17F08F57E0AC3164DA5462E1B46C6A31C2 ] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRa.dll
16:43:11.0073 0x0f18 C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRa.dll - ok
16:43:11.0075 0x0f18 [ 71E603AD3BE34DE1E638A7B9F8D76DBE, 936F5C1FD460FBCCE466950E46897E9CDAD83E34B8DE8CF740390AECAE3F36E6 ] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RaWLAPI.dll
16:43:11.0075 0x0f18 C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RaWLAPI.dll - ok
16:43:11.0077 0x0f18 [ 2D20E70AAF29452AB081301E16993B30, 0888875F09DF6F3B07C39024D4C9ACA6425431B6138B751C39F6471968EF7D30 ] C:\Windows\SysWOW64\RaCertMgr.dll
16:43:11.0077 0x0f18 C:\Windows\SysWOW64\RaCertMgr.dll - ok
16:43:11.0079 0x0f18 [ B3D2C44CB44F323210DD99C701DAF877, 19F3BFCBAED4D727209DF368909AFDDE92EF1E12587D3EBF3A2C233ECEB93CE2 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
16:43:11.0079 0x0f18 C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll - ok
16:43:11.0081 0x0f18 [ D4F940CCA17ABC400993B473A8B1CBF2, 23A77B02F306739DCD504176A3B1206BFF01FA8CC84A4D52E0D7CA1E19180907 ] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\ICSDHCP.dll
16:43:11.0081 0x0f18 C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\ICSDHCP.dll - ok
16:43:11.0083 0x0f18 [ 80E987DBE08677E2EC09615CD4358607, 8A06500612CE1BB0AECF052DCCCCE619C85BE7732CBAEAC4D6B26B6AE2CC7F7B ] C:\Windows\SysWOW64\msvcr110.dll
16:43:11.0083 0x0f18 C:\Windows\SysWOW64\msvcr110.dll - ok
16:43:11.0085 0x0f18 [ 1E09DFA4048196C9D3CC40C485A39422, BD27CF59078BD01CECE12CF14D9E10DAB902D50B0A9E61ABF0A9C045A8FE8845 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
16:43:11.0085 0x0f18 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
16:43:11.0087 0x0f18 [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
16:43:11.0087 0x0f18 C:\Windows\System32\mscoree.dll - ok
16:43:11.0089 0x0f18 [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
16:43:11.0089 0x0f18 C:\Windows\System32\en-US\tquery.dll.mui - ok
16:43:11.0090 0x0f18 [ 667224FF4FD48B182F574AA96E93267C, C57AEB2BBA9088507DE319C65FB2D71ECA346D40A16911742FC10E05133EC583 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
16:43:11.0090 0x0f18 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
16:43:11.0093 0x0f18 [ EF5B2B3E4C0EA504A49C34D826319221, 253999B1ADBADF3D89D0C7BD6868F3E2D6F69B540C112A04CE1F03274E215EE7 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
16:43:11.0093 0x0f18 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
16:43:11.0095 0x0f18 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
16:43:11.0095 0x0f18 C:\Windows\SysWOW64\rtutils.dll - ok
16:43:11.0096 0x0f18 [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
16:43:11.0096 0x0f18 C:\Windows\SysWOW64\SensApi.dll - ok
16:43:11.0098 0x0f18 [ CB21CD39637AC13F3455454B2F648257, 50DC43323D529B48B9BD236A813F2BCDE55455B75EEE7DD6369AA47599B47A49 ] C:\Windows\System32\msvcr100_clr0400.dll
16:43:11.0098 0x0f18 C:\Windows\System32\msvcr100_clr0400.dll - ok
16:43:11.0100 0x0f18 [ 3AA5918E9E489F4846624E946DFD96D2, 9A9ECC8470E17DEA25CBB1340E41121934D3DC733662C76FF42571FFB6D5BE30 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\bc19222db4406c472d9aa1f8b6e0f470\mscorlib.ni.dll
16:43:11.0100 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\bc19222db4406c472d9aa1f8b6e0f470\mscorlib.ni.dll - ok
16:43:11.0102 0x0f18 [ 9D6F3A979A23ECCB3817CF44E65F3AED, 005870524AC3AF8C40E0E56784F7615168090841DFEBF1024F6E60907FC9580B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
16:43:11.0102 0x0f18 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
16:43:11.0104 0x0f18 [ B00FFB4355B1364656FB52CFF88199DE, CBDEA3E52B6648CC9DFD47E1FB48937620BEE97035D2802B7C89FE429D772538 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
16:43:11.0104 0x0f18 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
16:43:11.0106 0x0f18 [ 700445A35050BECCDD68BE25996F7379, 74CB8FFC83C4D62C5FF284AADAAF3A19FC2671EA815E86BFC12E7E55DA9EB226 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\0f8f78b729ce16dd078f5d5f734a1110\System.ni.dll
16:43:11.0106 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\0f8f78b729ce16dd078f5d5f734a1110\System.ni.dll - ok
16:43:11.0108 0x0f18 [ FDA683AFF53ADC593629DA14CA182C2D, 5C372CB99A02085907A50322D57B03AC1A15AB8BCC627291805804E1E5DFEBE3 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1266d26c7b7843d308e2705cb8239d55\System.Drawing.ni.dll
16:43:11.0108 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1266d26c7b7843d308e2705cb8239d55\System.Drawing.ni.dll - ok
16:43:11.0110 0x0f18 [ 41905052445D8481457E824C27DB14A2, 782340F6CBE9328A86F606272438A1434755EDC9181FF2088109FF6E1B74D83A ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
16:43:11.0110 0x0f18 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
16:43:11.0112 0x0f18 [ 2547DCB03E5E495B0FF3B2C730890C73, D4CE05A66039008A846AEE06284A47DAEA917822FA43A4789D1222807F9472D0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\f0acb5c0e7dc2c42c6c61f3aa1278338\System.Windows.Forms.ni.dll
16:43:11.0112 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\f0acb5c0e7dc2c42c6c61f3aa1278338\System.Windows.Forms.ni.dll - ok
16:43:11.0114 0x0f18 [ 42EC9065D9BF266ADE924B066C783A56, 4AC002E90A52CB0998DA78F2995294EE77B89FB2BE709B0E3C8E1627212BCCDC ] C:\Windows\System32\SearchProtocolHost.exe
16:43:11.0114 0x0f18 C:\Windows\System32\SearchProtocolHost.exe - ok
16:43:11.0115 0x0f18 [ 47B8DEBEC68FACCD026F99CAE8698C93, 99EEFC2B43402E59A48BEC326A811B25E25DCDA3ECA12D5C2D9B529DA74564DA ] C:\Windows\System32\webcheck.dll
16:43:11.0116 0x0f18 C:\Windows\System32\webcheck.dll - ok
16:43:11.0117 0x0f18 [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
16:43:11.0117 0x0f18 C:\Windows\System32\mlang.dll - ok
16:43:11.0120 0x0f18 [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
16:43:11.0120 0x0f18 C:\Windows\System32\msshooks.dll - ok
16:43:11.0122 0x0f18 [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
16:43:11.0122 0x0f18 C:\Windows\System32\imapi2.dll - ok
16:43:11.0124 0x0f18 [ 52D56D1013D4F1B99102679314CC5325, F8F6C41FEC774C71A85C91DFEB057076D018E5A64CE1D7B7D9D202CA65B34758 ] C:\Windows\System32\SearchFilterHost.exe
16:43:11.0124 0x0f18 C:\Windows\System32\SearchFilterHost.exe - ok
16:43:11.0125 0x0f18 [ A455A0BB8F206667FECA96B9B905875B, 43D74A9F0AAB2DFD6D9CDF390ABB7D96D84AAF68775FE6F66DB928BCDD27D45F ] C:\Windows\System32\mssvp.dll
16:43:11.0125 0x0f18 C:\Windows\System32\mssvp.dll - ok
16:43:11.0127 0x0f18 [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
16:43:11.0127 0x0f18 C:\Windows\System32\mapi32.dll - ok
16:43:11.0129 0x0f18 [ 01E2855FB06C422E721D890AF201C2D7, 9CAA197D5CE95AABFC8C09EA2137E73C7A0EF37CE0459508C663F7B2D758E57F ] C:\Windows\System32\NaturalLanguage6.dll
16:43:11.0129 0x0f18 C:\Windows\System32\NaturalLanguage6.dll - ok
16:43:11.0131 0x0f18 [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
16:43:11.0131 0x0f18 C:\Windows\System32\hgcpl.dll - ok
16:43:11.0132 0x0f18 [ 701D9F5F3F21580936638D5C5F86B460, 2F187684F61C72AACF8274EA29B48DAAC6C8377F791843914AABF5DAB3760980 ] C:\Windows\System32\NlsData0009.dll
16:43:11.0132 0x0f18 C:\Windows\System32\NlsData0009.dll - ok
16:43:11.0134 0x0f18 [ 148A733B93A2AC104280495DA09D3CC2, 443E46865090C610B84A82DB23DF8D1F22001FEA8B10F5619A10D25D7FEA29CC ] C:\Windows\System32\NlsLexicons0009.dll
16:43:11.0134 0x0f18 C:\Windows\System32\NlsLexicons0009.dll - ok
16:43:11.0136 0x0f18 [ ABDBABE3A7D2222B3A0DB1B8B9CAD16E, C1852121F9ADB5D2B46C73334C6E8B3CF6B7BB431520C6937F1CAFAD19AA194E ] C:\Windows\System32\mssph.dll
16:43:11.0136 0x0f18 C:\Windows\System32\mssph.dll - ok
16:43:11.0138 0x0f18 [ CA99688A209514D8DE6E9F716D43396F, DE7DD514D26AEC5563813F5023AA270A74795BC218254AF06EAE0B79C89EF18D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\fe0ab1bba3dcedd5e2ac47e859be078e\System.Runtime.Remoting.ni.dll
16:43:11.0138 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\fe0ab1bba3dcedd5e2ac47e859be078e\System.Runtime.Remoting.ni.dll - ok
16:43:11.0140 0x0f18 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8, C0B22B8C402EEEAF68F5380BC265C15418934D2F702F0A43674EC93853E26040 ] C:\Windows\System32\shfolder.dll
16:43:11.0140 0x0f18 C:\Windows\System32\shfolder.dll - ok
16:43:11.0141 0x0f18 [ 74CDE657245C114B98816E89B8D4CCD1, E293559EA2E2208AB2A7BDD2F3462933F525F682B55496E5F730915FD543ECD2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
16:43:11.0141 0x0f18 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
16:43:11.0143 0x0f18 [ 29CA5974FAB0E8AE4AA7814FE05CF832, ADE54D406AAB7C364851AAD278A569426C9ADD4F7FB543BB08428CED963BF541 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
16:43:11.0143 0x0f18 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
16:43:11.0145 0x0f18 [ 6D7DD27187744625F84D611E9D37B8AD, 6796A3EDC81C5643B5709AF4E2C8B188BFAEBF687D2AED21101F4727A164804E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\7a93c267da35a5f16b6fa5a10482eb4e\System.Core.ni.dll
16:43:11.0145 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\7a93c267da35a5f16b6fa5a10482eb4e\System.Core.ni.dll - ok
16:43:11.0147 0x0f18 [ C959F54ED7CBADE192AD4C8B552D9455, 32E3F77B55B11187AC518E2DD2F2A9F81CF4AA8AD46A367D4AAE4ED0E23C30A1 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\7e5af1fdbcffeab8daffc7633f9c337a\System.Web.ni.dll
16:43:11.0147 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\7e5af1fdbcffeab8daffc7633f9c337a\System.Web.ni.dll - ok
16:43:11.0149 0x0f18 [ 512EEA669F28A89BE52A34E36F2A30C5, 86FD824C1A762E44770C1529337242538425D7E56D091EC2A78E4D945AA16C1A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\5d9f385419332f14eaf937556199856f\System.Xml.ni.dll
16:43:11.0149 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\5d9f385419332f14eaf937556199856f\System.Xml.ni.dll - ok
16:43:11.0151 0x0f18 [ 78C65897AA142CB977418BDE25CEC54F, 4FDBFB379E4349678DAB5517D0994731F873B9250844C58331B4B50E763288E8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\11581b5eba4b3ff58441c638ab66c742\System.Configuration.ni.dll
16:43:11.0151 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\11581b5eba4b3ff58441c638ab66c742\System.Configuration.ni.dll - ok
16:43:11.0153 0x0f18 [ 220AE4304C2C0BB117EB3AEEC649243F, B384A86C3891773EE0385A3078AB7B7497362BEF5A36D0BE6DF1FF1316375DFA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\7b167f31f23d4aed19dfa65ad3d29480\System.ServiceProcess.ni.dll
16:43:11.0153 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\7b167f31f23d4aed19dfa65ad3d29480\System.ServiceProcess.ni.dll - ok
16:43:11.0155 0x0f18 [ 2D5555824AA8498B9C0000F22CF92915, B1FB3789B4B9533AC41156BA82A6CDADA25A51136167BE3CEC56A465B07276EE ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
16:43:11.0155 0x0f18 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
16:43:11.0157 0x0f18 [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll
16:43:11.0157 0x0f18 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll - ok
16:43:11.0159 0x0f18 [ 509E88FF7B257885775791FAF0965D6A, FECD6785984DBB61C6C0EA8A3D8DAF034346E47C88ECA90564F855C2548E40B2 ] C:\Windows\System32\mobsync.exe
16:43:11.0159 0x0f18 C:\Windows\System32\mobsync.exe - ok
16:43:11.0161 0x0f18 [ 770DCACACBC43878C789A984A638CEC7, 39A4A036DC7842B368A8F3B6268C6F196FF0091CF648BFDE3319619082C07520 ] C:\Windows\System32\SyncInfrastructure.dll
16:43:11.0161 0x0f18 C:\Windows\System32\SyncInfrastructure.dll - ok
16:43:11.0163 0x0f18 [ FB6C776CD64E2521D1C362304AD69AE2, 3B3E7D82897B5212F73CFFC6761A49C9A2835DEB2A4A2DF40E8B8D705E4F91BC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\38d48114cb19778e4bfdc338eb8adde2\WindowsBase.ni.dll
16:43:11.0163 0x0f18 C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\38d48114cb19778e4bfdc338eb8adde2\WindowsBase.ni.dll - ok
16:43:11.0165 0x0f18 [ B4D0D2F098C7A68385560DF4551551CA, FA52A0D0647413DEEEF57C5CB632F73A97A48588C16877FC1CC66404C3C21A2B ] C:\Windows\SysWOW64\quartz.dll
16:43:11.0165 0x0f18 C:\Windows\SysWOW64\quartz.dll - ok
16:43:11.0167 0x0f18 [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
16:43:11.0167 0x0f18 C:\Windows\SysWOW64\d3d9.dll - ok
16:43:11.0168 0x0f18 [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
16:43:11.0168 0x0f18 C:\Windows\SysWOW64\d3d8thk.dll - ok
16:43:11.0170 0x0f18 [ 6CA3074F4E0F3D45EF72E2CF3359D3B7, DFADB9DCE1E146B004C4C902F9CF9BB0573CD5F0B3083D52694E3EB2CDBF17B7 ] C:\Windows\SysWOW64\aticfx32.dll
16:43:11.0170 0x0f18 C:\Windows\SysWOW64\aticfx32.dll - ok
16:43:11.0172 0x0f18 [ 47EAA300E0509F7367477BCFAE9B1DE1, 85A8B05514AB3CA5DAFCF0332F077D281169C0CF05D84549B3C166FC1BBBB7AB ] C:\Windows\SysWOW64\atiu9pag.dll
16:43:11.0172 0x0f18 C:\Windows\SysWOW64\atiu9pag.dll - ok
16:43:11.0174 0x0f18 [ 0EF997D3749DF31CA083A8AB7FE4025B, F1CC6E68380446FAA7B19D4E20B73D8A70018D304F6391A6FC0649CFC3F60A31 ] C:\Windows\SysWOW64\atiumdag.dll
16:43:11.0174 0x0f18 C:\Windows\SysWOW64\atiumdag.dll - ok
16:43:11.0176 0x0f18 [ C1CEC5EB2A3006E9B753EC1127E71936, B72080CB0CAC18A5A9C121853E489D48FB6328F35C9C363F958963FF923C62D1 ] C:\Windows\SysWOW64\atiumdva.dll
16:43:11.0176 0x0f18 C:\Windows\SysWOW64\atiumdva.dll - ok
16:43:11.0177 0x0f18 ================ Scan generic autorun ======================
16:43:11.0717 0x0f18 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:43:11.0900 0x0f18 RTHDVCPL - ok
16:43:12.0039 0x0f18 [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
16:43:12.0046 0x0f18 AdobeAAMUpdater-1.0 - ok
16:43:12.0274 0x0f18 [ 359D1899260CC4CA1138DC6C8A4AF83A, CC1D8FCDE1CF86A92919980D7D4881B2B6694728B4B91E96B6D93413D1FC0572 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:43:12.0287 0x0f18 StartCCC - ok
16:43:12.0359 0x0f18 [ 452FA961163EF4AEE4815796A13AB2CF, 14DC422082F96F5C21C41A5E5F6E8445547CC4B02B18F0A86A34669CA2CE18A7 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
16:43:12.0360 0x0f18 Adobe Reader Speed Launcher - ok
16:43:12.0543 0x0f18 [ 8750687E825637A0CA3A4A12CA928F17, 9194E3C1C4F1BFCA56C0BC80A7127FF3326E6022983E22814ECD2D2150128C7F ] C:\Program Files (x86)\Smadav\SMΔRTP.exe
16:43:12.0568 0x0f18 SMΔRT-Protection - ok
16:43:12.0644 0x0f18 [ 67BD916F01424DEB8AB8CD9E0096F277, D1E4A7BA332DA229138E89E5C4550A58ADD896B85728DF6BA33F1DE57D586E77 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
16:43:12.0646 0x0f18 BCSSync - ok
16:43:12.0675 0x0f18 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:43:12.0682 0x0f18 SwitchBoard - ok
16:43:12.0787 0x0f18 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
16:43:12.0804 0x0f18 AdobeCS6ServiceManager - ok
16:43:12.0910 0x0f18 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:43:12.0947 0x0f18 Sidebar - ok
16:43:12.0971 0x0f18 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:43:12.0986 0x0f18 mctadmin - ok
16:43:13.0028 0x0f18 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:43:13.0044 0x0f18 Sidebar - ok
16:43:13.0055 0x0f18 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:43:13.0057 0x0f18 mctadmin - ok
16:43:13.0302 0x0f18 [ 5F9961CB14740208EA8026E88FC5083B, 50CA9DA831B27D57618A1B08805741E8BD7FC3CF9D6B69276B4D86457BC6415D ] C:\Program Files\Sandboxie\SbieCtrl.exe
16:43:13.0352 0x0f18 SandboxieControl - ok
16:43:13.0467 0x0f18 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:43:13.0488 0x0f18 Sidebar - ok
16:43:13.0529 0x0f18 [ 618BCB8EE7474A4BFE16FDEE001DA32E, 93FD8047B7866FC1E82CAD8D66957A4C99094969E0BA8B2BC662EA20BC2137EF ] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
16:43:13.0538 0x0f18 OPENVPN-GUI - ok
16:43:13.0807 0x0f18 AV detected via SS2: IObit Malware Fighter, C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFAntivirusFix.exe ( 6.0.0.8649 ), 0x71010 ( enabled : outofdate )
16:43:13.0868 0x0f18 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.167 ), 0x60000 ( disabled : updated )
16:43:13.0902 0x0f18 Win FW state via NFP2: enabled ( trusted )
16:43:13.0902 0x0f18 ============================================================
16:43:13.0902 0x0f18 Scan finished
16:43:13.0902 0x0f18 ============================================================
16:43:13.0906 0x0f10 Detected object count: 0
16:43:13.0906 0x0f10 Actual detected object count: 0
16:44:05.0240 0x09e0 Deinitialize success

3. LOG SCAN ASWMBR

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2018-11-26 15:20:30
-----------------------------
15:20:30.641 OS Version: Windows x64 6.1.7601 Service Pack 1
15:20:30.641 Number of processors: 4 586 0x2A07
15:20:30.642 ComputerName: AZURLANEPC UserName: Yoizuki
15:20:32.596 Initialize success
15:20:32.637 VM: initialized successfully
15:20:32.637 VM: Intel CPU supported
15:20:40.741 VM: supported disk I/O ataport.SYS
15:21:32.070 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:21:32.074 Disk 0 Vendor: ST1000DM010-2EP102 CC43 Size: 953869MB BusType: 3
15:21:32.093 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-4
15:21:32.095 Disk 1 Vendor: ST3320310CS ES11 Size: 305245MB BusType: 3
15:21:32.204 VM: Disk 1 MBR read successfully
15:21:32.207 Disk 1 MBR scan
15:21:32.210 Disk 1 Windows 7 default MBR code
15:21:32.223 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:21:32.231 Disk 1 unknown boot code
15:21:32.234 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 72000 MB offset 206848
15:21:32.257 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 233143 MB offset 147662848
15:21:32.265 Disk 1 statistics 370/0/18 @ 0.93 MB/s
15:21:32.269 Scan finished successfully
15:22:02.104 Disk 1 MBR has been saved successfully to "I:\Program Master?\Taskmanager aman\Dr admin\MBR.dat"
15:22:02.246 The log file has been saved successfully to "I:\Program Master?\Taskmanager aman\Dr admin\aswMBR.txt"

4. LOGSCAN GMER

GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2018-11-25 04:15:53
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-4 ST3320310CS rev.ES11 298.09GB
Running: i23rwbg6.exe; Driver: C:\Users\Yoizuki\AppData\Local\Temp\pwdyqfob.sys

---- User code sections - GMER 2.2 ----

.text C:\Windows\Explorer.EXE[2160] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077671bb0 5 bytes JMP 0000000077640fda
.text C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe[4796] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000761c1465 2 bytes [1C, 76]
.text C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe[4796] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000761c14bb 2 bytes [1C, 76]
.text ... * 2
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtReadFile 00000000778c1370 5 bytes JMP 0000000077a50015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtClose 00000000778c1400 5 bytes JMP 0000000077ae0015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtQueryObject 00000000778c1410 5 bytes JMP 0000000077af0015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationFile 00000000778c1420 5 bytes JMP 0000000077a60015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtQueryVirtualMemory 00000000778c1540 5 bytes JMP 0000000077ad0015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 00000000778c1580 5 bytes JMP 0000000077a80015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000778c1590 5 bytes JMP 0000000077ab0015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection 00000000778c15b0 5 bytes JMP 0000000077ac0015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 00000000778c1640 5 bytes JMP 0000000077a40015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile 00000000778c16e0 5 bytes JMP 0000000077a20015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtQueryVolumeInformationFile 00000000778c17a0 5 bytes JMP 0000000077a70015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000778c17b0 5 bytes JMP 0000000077a90015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtQuerySection 00000000778c1820 5 bytes JMP 0000000077aa0015
.text D:\networx_portable\64-bit\networx.exe[4856] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 00000000778c1860 5 bytes JMP 0000000077a30015
.text C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe[5636] C:\Windows\syswow64\kernel32.dll!CreateThread + 28 0000000075ac34f1 4 bytes {CALL 0xffffffff8a99b350}
.text C:\Program Files (x86)\IObit\IObit Malware Fighter\pub\PubMonitor.exe[11000] C:\Windows\syswow64\kernel32.dll!CreateThread + 28 0000000075ac34f1 4 bytes {CALL 0xffffffff8a9a33d8}
.text C:\Program Files (x86)\IObit\IObit Malware Fighter\pub\PubMonitor.exe[11000] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000761c1465 2 bytes [1C, 76]
.text C:\Program Files (x86)\IObit\IObit Malware Fighter\pub\PubMonitor.exe[11000] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000761c14bb 2 bytes [1C, 76]
.text ... * 2
.text C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe[10216] C:\Windows\syswow64\kernel32.dll!CreateThread + 28 0000000075ac34f1 4 bytes {CALL 0xffffffffe3d8a9f8}
.text C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe[10216] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000761c1465 2 bytes [1C, 76]
.text C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe[10216] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000761c14bb 2 bytes [1C, 76]
.text ... * 2
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\SysWOW64\ntdll.dll!RtlProcessFlsData 0000000077a899a7 5 bytes JMP 0000000000dc65d0
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\SysWOW64\ntdll.dll!RtlPcToFileHeader 0000000077a90093 7 bytes JMP 0000000000dc6660
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\SysWOW64\ntdll.dll!RtlExitUserProcess 0000000077aa8de8 5 bytes JMP 0000000000dc6510
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\SysWOW64\ntdll.dll!LdrShutdownProcess 0000000077aa8e79 7 bytes JMP 0000000000dc6780
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\SysWOW64\ntdll.dll!LdrShutdownThread 0000000077aad2f9 7 bytes JMP 0000000000dc6840
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\kernel32.dll!TlsFree 0000000075ac3587 5 bytes JMP 0000000068e4ba79
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\kernel32.dll!LoadLibraryExW 0000000075ac495d 5 bytes JMP 0000000000dc64a0
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\kernel32.dll!TlsAlloc + 7 0000000075ac49b4 6 bytes JMP 0000000068e4ba35
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\kernel32.dll!DeleteFileA 0000000075ac5444 5 bytes JMP 0000000062fb8d0d
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000075ac87c9 5 bytes [33, C0, C2, 04, 00]
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\kernel32.dll!DeleteFileW 0000000075ac89b3 5 bytes JMP 0000000062fb8dc0
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\GDI32.dll!CreateFontIndirectW 0000000076485c19 4 bytes JMP 0000000062dfa581
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\GDI32.dll!CreateFontW 000000007648b600 4 bytes JMP 0000000062dfa606
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!SetWindowLongW 00000000759c8b7c 5 bytes JMP 0000000062e71ba2
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!CreateWindowExW 00000000759c8b9a 5 bytes JMP 0000000062e71b0b
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!SetWindowPos 00000000759ccdb4 5 bytes JMP 0000000062e71bf7
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!ShowWindow 00000000759d0dbe 5 bytes JMP 0000000062e71c58
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!BeginPaint 00000000759d0eba 5 bytes JMP 0000000062e725d8
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!DestroyWindow 00000000759d1e6e 5 bytes JMP 0000000062e72634
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!InvalidateRect 00000000759d2a58 5 bytes JMP 0000000062e72697
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!SetParent 00000000759d3f14 5 bytes JMP 0000000062e71b56
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!ValidateRgn 00000000759d8cc0 5 bytes JMP 0000000062e7273c
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!ValidateRect 00000000759e08c6 5 bytes JMP 0000000062e72732
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!InvalidateRgn 00000000759ef1de 5 bytes JMP 0000000062e726c7
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\USER32.dll!GetUpdateRect 00000000759f011b 5 bytes JMP 0000000062e7264b
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\ole32.dll!CoUninitialize 00000000762186d3 5 bytes JMP 0000000000dc66f0
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000761c1465 2 bytes [1C, 76]
.text D:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe[12492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000761c14bb 2 bytes [1C, 76]
.text ... * 2
? C:\Windows\system32\mssprxy.dll [12492] entry point in ".rdata" section 000000006ea871e6
.text D:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe[13088] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 0000000077a911d7 7 bytes JMP 0000000000b01e24
.text D:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe[13088] C:\Windows\syswow64\kernel32.dll!DeleteFileA 0000000075ac5444 5 bytes JMP 0000000062fb8d0d
.text D:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe[13088] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000075ac87c9 5 bytes [33, C0, C2, 04, 00]
.text D:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe[13088] C:\Windows\syswow64\kernel32.dll!DeleteFileW 0000000075ac89b3 5 bytes JMP 0000000062fb8dc0
.text D:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe[13088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000761c1465 2 bytes [1C, 76]
.text D:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe[13088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000761c14bb 2 bytes [1C, 76]
.text ... * 2
---- Processes - GMER 2.2 ----

Library D:\networx_portable\64-bit\sqlite3.dll (*** suspicious ***) @ D:\networx_portable\64-bit\networx.exe [4856] 0000000004910000

---- Registry - GMER 2.2 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control@SystemStartOptions NOEXECUTE=OPTIN
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime 0x02 0xBA 0x2C 0x71 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime 0x7E 0xA8 0x75 0x7F ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime 0x02 0xBA 0x2C 0x71 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime 0x7E 0xA8 0x75 0x7F ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@en-US 85
Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\GSM000116843009_01_07DD_A5*NOEDID_1002_6610_00000001_00000000_100^CDA60A70FA16D09F1972C1FBE701C997@Timestamp 0x08 0x5C 0x7C 0x72 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\MUI\StringCacheSettings@StringCacheGeneration 131
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}\Connection
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}\Connection@DefaultNameResourceId 1801
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}\Connection@DefaultNameIndex 9
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}\Connection@Name isatap.{007226F1-67B3-4687-8C25-BD12AB55B19D}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{79B20889-C786-41D9-A7AF-A70B8377706E}\Connection@Name isatap.{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{A8C821C8-56F2-4365-BD39-1D021DFD3B38}\Connection@Name isatap.{3820CD7A-2945-4AB0-9639-EB97D7DA559C}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}\Connection@Name Reusable ISATAP Interface {E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind \Device\{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"{C99EE244-BFBC-45E4-8032-54B283463059}"?"{79B20889-C786-41D9-A7AF-A70B8377706E}"?"{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export \Device\TCPIP6TUNNEL_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\TCPIP6TUNNEL_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\TCPIP6TUNNEL_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\TCPIP6TUNNEL_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\TCPIP6TUNNEL_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Power\PowerSettings\f693fb01-e858-4f00-b20f-f30e12ac06d6\191f65b5-d45c-4a4f-8aae-1ab8bfd980e6
Reg HKLM\SYSTEM\CurrentControlSet\Control\Power\PowerSettings\f693fb01-e858-4f00-b20f-f30e12ac06d6\191f65b5-d45c-4a4f-8aae-1ab8bfd980e6@Attributes 1
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId 85
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime 551531108
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID 2b72559f-bb8e-409a-bdba-d4bc1c5
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter 1
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\6To4\{314072D1-156F-4F22-8689-99C0573BE4CB}@InterfaceName Reusable Microsoft 6To4 Adapter
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\6To4\{314072D1-156F-4F22-8689-99C0573BE4CB}@ReusableType 1
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{79B20889-C786-41D9-A7AF-A70B8377706E}@InterfaceName isatap.{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{A8C821C8-56F2-4365-BD39-1D021DFD3B38}@InterfaceName isatap.{3820CD7A-2945-4AB0-9639-EB97D7DA559C}
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}@InterfaceName Reusable ISATAP Interface {E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}@ReusableType 1
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind \Device\Smb_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Smb_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Smb_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Smb_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Smb_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Smb_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Smb_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Smb_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\De
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route "Smb" "Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Smb" "Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Smb" "Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Smb" "Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Smb" "Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"Smb" "Tcpip6" "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"Smb" "Tcpip6" "{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"Smb" "Tcpip6" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Smb" "Tcpip6" "{C99EE244-BFBC-45E4-8032-54B283463059}"?"Smb" "Tcpip6" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Smb" "Tcpip6" "{79B20889-C786-41D9-A7AF-A70B8377706E}"?"Smb" "Tcpip6" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Smb" "Tcpip6" "{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"Smb" "Tcpip6" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export \Device\LanmanServer_Smb_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\LanmanServer_Smb_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\LanmanServer_Smb_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\LanmanServer_Smb_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\LanmanServer_Smb_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\LanmanServer_Smb_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\LanmanServer_Smb_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\LanmanServer_Smb_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\LanmanServer_Smb_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\LanmanServer_Smb_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\LanmanServer_Smb_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\LanmanServer_Smb_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\LanmanServer_Smb_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\LanmanServer_Smb_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\LanmanServer_Tcpip_{00722
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind \Device\Smb_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Smb_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Smb_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Smb_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Smb_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Smb_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Smb_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Smb_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\De
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route "Smb" "Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Smb" "Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Smb" "Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Smb" "Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Smb" "Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"Smb" "Tcpip6" "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"Smb" "Tcpip6" "{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"Smb" "Tcpip6" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Smb" "Tcpip6" "{C99EE244-BFBC-45E4-8032-54B283463059}"?"Smb" "Tcpip6" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Smb" "Tcpip6" "{79B20889-C786-41D9-A7AF-A70B8377706E}"?"Smb" "Tcpip6" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Smb" "Tcpip6" "{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"Smb" "Tcpip6" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export \Device\LanmanWorkstation_Smb_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\LanmanWorkstation_Smb_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\LanmanWorkstation_Smb_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\LanmanWorkstation_Smb_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\LanmanWorkstation_Smb_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\LanmanWorkstation_Smb_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\LanmanWorkstation_Smb_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\LanmanWorkstation_Smb_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\LanmanWorkstation_Smb_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\LanmanWorkstation_Smb_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\LanmanWorkstation_Smb_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\LanmanWorkstation_Smb_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\LanmanWorkstation_Smb_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\LanmanWorkstation_Smb_Tcpip6_{2
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Bind \Device\NetBT_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBT_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBT_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBT_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\NetBT_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\NetBT_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\NetBT_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\NetBT_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBT_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\NetBT_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBT_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\NetBT_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBT_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\NetBT_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Route "NetBT" "Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"NetBT" "Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"NetBT" "Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"NetBT" "Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"NetBT" "Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"NetBT" "Tcpip6" "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"NetBT" "Tcpip6" "{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"NetBT" "Tcpip6" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"NetBT" "Tcpip6" "{C99EE244-BFBC-45E4-8032-54B283463059}"?"NetBT" "Tcpip6" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"NetBT" "Tcpip6" "{79B20889-C786-41D9-A7AF-A70B8377706E}"?"NetBT" "Tcpip6" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"NetBT" "Tcpip6" "{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"NetBT" "Tcpip6" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Export \Device\NetBIOS_NetBT_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBIOS_NetBT_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBIOS_NetBT_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBIOS_NetBT_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\NetBIOS_NetBT_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\NetBIOS_NetBT_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\NetBIOS_NetBT_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\NetBIOS_NetBT_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBIOS_NetBT_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\NetBIOS_NetBT_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBIOS_NetBT_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\NetBIOS_NetBT_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBIOS_NetBT_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\NetBIOS_NetBT_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Bind \Device\Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Tcpip_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Tcpip6_{6FA4374B-6039-49E3-BC74-070409C61B66}?
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Route "Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"Tcpip6" "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"Tcpip6" "{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"Tcpip6" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip6" "{C99EE244-BFBC-45E4-8032-54B283463059}"?"Tcpip6" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip6" "{79B20889-C786-41D9-A7AF-A70B8377706E}"?"Tcpip6" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip6" "{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"Tcpip6" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Export \Device\NetBT_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBT_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBT_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBT_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\NetBT_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\NetBT_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\NetBT_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\NetBT_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBT_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\NetBT_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBT_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\NetBT_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBT_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\NetBT_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\NetBT_Tcpip_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\NetBT_Tcpip6_{6FA4374B-6039-49E3-BC74-070409C61B66}?
Reg HKLM\SYSTEM\CurrentControlSet\services\rdyboost\Parameters@ReadyBootPlanAge 1
Reg HKLM\SYSTEM\CurrentControlSet\services\rdyboost\Parameters@LastBootPlanUserTime ?Sat?, ?Nov ?17 ?18, 02:11:52 PM???????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch 868
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 219
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Bind \Device\Tcpip6_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Tcpip_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Route "Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"Tcpip6" "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"Tcpip6" "{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"Tcpip6" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip6" "{C99EE244-BFBC-45E4-8032-54B283463059}"?"Tcpip6" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip6" "{79B20889-C786-41D9-A7AF-A70B8377706E}"?"Tcpip6" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip6" "{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"Tcpip6" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Export \Device\Smb_Tcpip6_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Smb_Tcpip_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Smb_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Smb_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Smb_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Smb_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Smb_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Smb_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Smb_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Smb_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Linkage@Bind \Device\{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6FA4374B-6039-49E3-BC74-070409C61B66}@DhcpIPAddress 0.0.0.0
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6FA4374B-6039-49E3-BC74-070409C61B66}@DhcpSubnetMask 0.0.0.0
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Bind \Device\{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Route "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"{314072D1-156F-4F22-8689-99C0573BE4CB}"?"{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"{C99EE244-BFBC-45E4-8032-54B283463059}"?"{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"{79B20889-C786-41D9-A7AF-A70B8377706E}"?"{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Export \Device\Tcpip6_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters@ICS_PublicAdapterIndex 0
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{007226f1-67b3-4687-8c25-bd12ab55b19d}@Dhcpv6State 0
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{6df0e31e-dfe0-4c6e-95a7-fb0b7383319b}
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{6df0e31e-dfe0-4c6e-95a7-fb0b7383319b}@Dhcpv6Iaid 318767104
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{6df0e31e-dfe0-4c6e-95a7-fb0b7383319b}@Dhcpv6State 0
Reg HKLM\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpClient@SpecialPollTimeRemaining time.windows.com,7dc26ba???????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Winmgmt\Parameters@ServiceDllUnloadOnStop 0
Reg HKLM\SYSTEM\ControlSet003\Control@SystemStartOptions NOEXECUTE=OPTIN
Reg HKLM\SYSTEM\ControlSet003\Control\CMF\SqmData@SystemStartTime 0x02 0xBA 0x2C 0x71 ...
Reg HKLM\SYSTEM\ControlSet003\Control\CMF\SqmData@SystemLastStartTime 0x7E 0xA8 0x75 0x7F ...
Reg HKLM\SYSTEM\ControlSet003\Control\CMF\SqmData@CMFStartTime 0x02 0xBA 0x2C 0x71 ...
Reg HKLM\SYSTEM\ControlSet003\Control\CMF\SqmData@CMFLastStartTime 0x7E 0xA8 0x75 0x7F ...
Reg HKLM\SYSTEM\ControlSet003\Control\CMF\SqmData\BootLanguages@en-US 85
Reg HKLM\SYSTEM\ControlSet003\Control\Diagnostics\Performance@ActiveShutdownDCL C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.003
Reg HKLM\SYSTEM\ControlSet003\Control\GraphicsDrivers\Configuration\GSM000116843009_01_07DD_A5*NOEDID_1002_6610_00000001_00000000_100^CDA60A70FA16D09F1972C1FBE701C997@Timestamp 0x08 0x5C 0x7C 0x72 ...
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Microsoft ISATAP Adapter 1?2?3?4?5?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B} (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}\Connection (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}\Connection@DefaultNameResourceId 1801
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}\Connection@DefaultNameIndex 9
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}\Connection@Name isatap.{007226F1-67B3-4687-8C25-BD12AB55B19D}
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{79B20889-C786-41D9-A7AF-A70B8377706E}\Connection@Name isatap.{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{A8C821C8-56F2-4365-BD39-1D021DFD3B38}\Connection@Name isatap.{3820CD7A-2945-4AB0-9639-EB97D7DA559C}
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind \Device\{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"{C99EE244-BFBC-45E4-8032-54B283463059}"?"{79B20889-C786-41D9-A7AF-A70B8377706E}"?"{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export \Device\TCPIP6TUNNEL_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\TCPIP6TUNNEL_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\TCPIP6TUNNEL_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\TCPIP6TUNNEL_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\TCPIP6TUNNEL_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?
Reg HKLM\SYSTEM\ControlSet003\Control\Session Manager\Memory Management\PrefetchParameters@BootId 85
Reg HKLM\SYSTEM\ControlSet003\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime 551531108
Reg HKLM\SYSTEM\ControlSet003\Control\Terminal Server@InstanceID 2b72559f-bb8e-409a-bdba-d4bc1c5
Reg HKLM\SYSTEM\ControlSet003\Control\WDI\Config@ServerName \BaseNamedObjects\WDI_{1037b8df-8a7e-4659-a296-1e08d0c52dfa}
Reg HKLM\SYSTEM\ControlSet003\Control\WMI\Autologger\WdiContextLog@FileCounter 1
Reg HKLM\SYSTEM\ControlSet003\services\iphlpsvc\Parameters\Isatap\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B} (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\iphlpsvc\Parameters\Isatap\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}@InterfaceName isatap.{007226F1-67B3-4687-8C25-BD12AB55B19D}
Reg HKLM\SYSTEM\ControlSet003\services\iphlpsvc\Parameters\Isatap\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}@ReusableType 0
Reg HKLM\SYSTEM\ControlSet003\services\iphlpsvc\Parameters\Isatap\{79B20889-C786-41D9-A7AF-A70B8377706E}@InterfaceName isatap.{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}
Reg HKLM\SYSTEM\ControlSet003\services\iphlpsvc\Parameters\Isatap\{79B20889-C786-41D9-A7AF-A70B8377706E}@ReusableType 0
Reg HKLM\SYSTEM\ControlSet003\services\iphlpsvc\Parameters\Isatap\{A8C821C8-56F2-4365-BD39-1D021DFD3B38}@InterfaceName isatap.{3820CD7A-2945-4AB0-9639-EB97D7DA559C}
Reg HKLM\SYSTEM\ControlSet003\services\iphlpsvc\Parameters\Isatap\{A8C821C8-56F2-4365-BD39-1D021DFD3B38}@ReusableType 0
Reg HKLM\SYSTEM\ControlSet003\services\LanmanServer\Linkage@Bind \Device\Smb_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Smb_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Smb_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Smb_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Smb_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Smb_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Smb_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Smb_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\De
Reg HKLM\SYSTEM\ControlSet003\services\LanmanServer\Linkage@Route "Smb" "Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Smb" "Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Smb" "Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Smb" "Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Smb" "Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"Smb" "Tcpip6" "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"Smb" "Tcpip6" "{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"Smb" "Tcpip6" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Smb" "Tcpip6" "{C99EE244-BFBC-45E4-8032-54B283463059}"?"Smb" "Tcpip6" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Smb" "Tcpip6" "{79B20889-C786-41D9-A7AF-A70B8377706E}"?"Smb" "Tcpip6" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Smb" "Tcpip6" "{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"Smb" "Tcpip6" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7
Reg HKLM\SYSTEM\ControlSet003\services\LanmanServer\Linkage@Export \Device\LanmanServer_Smb_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\LanmanServer_Smb_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\LanmanServer_Smb_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\LanmanServer_Smb_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\LanmanServer_Smb_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\LanmanServer_Smb_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\LanmanServer_Smb_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\LanmanServer_Smb_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\LanmanServer_Smb_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\LanmanServer_Smb_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\LanmanServer_Smb_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\LanmanServer_Smb_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\LanmanServer_Smb_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\LanmanServer_Smb_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\LanmanServer_Tcpip_{00722
Reg HKLM\SYSTEM\ControlSet003\services\LanmanWorkstation\Linkage@Bind \Device\Smb_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Smb_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Smb_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Smb_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Smb_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Smb_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Smb_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Smb_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\De
Reg HKLM\SYSTEM\ControlSet003\services\LanmanWorkstation\Linkage@Route "Smb" "Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Smb" "Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Smb" "Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Smb" "Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Smb" "Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"Smb" "Tcpip6" "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"Smb" "Tcpip6" "{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"Smb" "Tcpip6" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Smb" "Tcpip6" "{C99EE244-BFBC-45E4-8032-54B283463059}"?"Smb" "Tcpip6" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Smb" "Tcpip6" "{79B20889-C786-41D9-A7AF-A70B8377706E}"?"Smb" "Tcpip6" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Smb" "Tcpip6" "{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"Smb" "Tcpip6" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7
Reg HKLM\SYSTEM\ControlSet003\services\LanmanWorkstation\Linkage@Export \Device\LanmanWorkstation_Smb_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\LanmanWorkstation_Smb_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\LanmanWorkstation_Smb_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\LanmanWorkstation_Smb_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\LanmanWorkstation_Smb_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\LanmanWorkstation_Smb_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\LanmanWorkstation_Smb_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\LanmanWorkstation_Smb_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\LanmanWorkstation_Smb_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\LanmanWorkstation_Smb_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\LanmanWorkstation_Smb_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\LanmanWorkstation_Smb_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\LanmanWorkstation_Smb_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\LanmanWorkstation_Smb_Tcpip6_{2
Reg HKLM\SYSTEM\ControlSet003\services\NetBIOS\Linkage@Bind \Device\NetBT_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBT_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBT_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBT_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\NetBT_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\NetBT_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\NetBT_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\NetBT_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBT_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\NetBT_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBT_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\NetBT_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBT_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\NetBT_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\ControlSet003\services\NetBIOS\Linkage@Route "NetBT" "Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"NetBT" "Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"NetBT" "Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"NetBT" "Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"NetBT" "Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"NetBT" "Tcpip6" "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"NetBT" "Tcpip6" "{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"NetBT" "Tcpip6" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"NetBT" "Tcpip6" "{C99EE244-BFBC-45E4-8032-54B283463059}"?"NetBT" "Tcpip6" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"NetBT" "Tcpip6" "{79B20889-C786-41D9-A7AF-A70B8377706E}"?"NetBT" "Tcpip6" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"NetBT" "Tcpip6" "{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"NetBT" "Tcpip6" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?
Reg HKLM\SYSTEM\ControlSet003\services\NetBIOS\Linkage@Export \Device\NetBIOS_NetBT_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBIOS_NetBT_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBIOS_NetBT_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBIOS_NetBT_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\NetBIOS_NetBT_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\NetBIOS_NetBT_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\NetBIOS_NetBT_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\NetBIOS_NetBT_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBIOS_NetBT_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\NetBIOS_NetBT_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBIOS_NetBT_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\NetBIOS_NetBT_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBIOS_NetBT_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\NetBIOS_NetBT_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\ControlSet003\services\NetBT\Linkage@Bind \Device\Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Tcpip_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Tcpip6_{6FA4374B-6039-49E3-BC74-070409C61B66}?
Reg HKLM\SYSTEM\ControlSet003\services\NetBT\Linkage@Route "Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"Tcpip6" "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"Tcpip6" "{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"Tcpip6" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip6" "{C99EE244-BFBC-45E4-8032-54B283463059}"?"Tcpip6" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip6" "{79B20889-C786-41D9-A7AF-A70B8377706E}"?"Tcpip6" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip6" "{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"Tcpip6" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?
Reg HKLM\SYSTEM\ControlSet003\services\NetBT\Linkage@Export \Device\NetBT_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBT_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBT_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBT_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\NetBT_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\NetBT_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\NetBT_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\NetBT_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\NetBT_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\NetBT_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\NetBT_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\NetBT_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\NetBT_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\NetBT_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\NetBT_Tcpip_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\NetBT_Tcpip6_{6FA4374B-6039-49E3-BC74-070409C61B66}?
Reg HKLM\SYSTEM\ControlSet003\services\rdyboost\Parameters@ReadyBootPlanAge 1
Reg HKLM\SYSTEM\ControlSet003\services\SharedAccess\Epoch@Epoch 868
Reg HKLM\SYSTEM\ControlSet003\services\SharedAccess\Epoch2@Epoch 219
Reg HKLM\SYSTEM\ControlSet003\services\Smb\Linkage@Bind \Device\Tcpip6_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Tcpip_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\ControlSet003\services\Smb\Linkage@Route "Tcpip" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?"Tcpip6" "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"Tcpip6" "{314072D1-156F-4F22-8689-99C0573BE4CB}"?"Tcpip6" "{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"Tcpip6" "{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"Tcpip6" "{C99EE244-BFBC-45E4-8032-54B283463059}"?"Tcpip6" "{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"Tcpip6" "{79B20889-C786-41D9-A7AF-A70B8377706E}"?"Tcpip6" "{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"Tcpip6" "{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"Tcpip6" "{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?
Reg HKLM\SYSTEM\ControlSet003\services\Smb\Linkage@Export \Device\Smb_Tcpip6_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Smb_Tcpip_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Smb_Tcpip_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?\Device\Smb_Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Smb_Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Smb_Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Smb_Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Smb_Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Smb_Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Smb_Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Smb_Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Smb_Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Smb_Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\ControlSet003\services\TCPIP6\Linkage@Bind \Device\{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\ControlSet003\services\TCPIP6\Linkage@Route "{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}"?"{314072D1-156F-4F22-8689-99C0573BE4CB}"?"{A8C821C8-56F2-4365-BD39-1D021DFD3B38}"?"{007226F1-67B3-4687-8C25-BD12AB55B19D}"?"{C99EE244-BFBC-45E4-8032-54B283463059}"?"{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}"?"{79B20889-C786-41D9-A7AF-A70B8377706E}"?"{3820CD7A-2945-4AB0-9639-EB97D7DA559C}"?"{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}"?"{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}"?
Reg HKLM\SYSTEM\ControlSet003\services\TCPIP6\Linkage@Export \Device\Tcpip6_{6FA4374B-6039-49E3-BC74-070409C61B66}?\Device\Tcpip6_{E4E37E17-FE29-4B96-BE6D-9DE4813C44A7}?\Device\Tcpip6_{314072D1-156F-4F22-8689-99C0573BE4CB}?\Device\Tcpip6_{A8C821C8-56F2-4365-BD39-1D021DFD3B38}?\Device\Tcpip6_{007226F1-67B3-4687-8C25-BD12AB55B19D}?\Device\Tcpip6_{C99EE244-BFBC-45E4-8032-54B283463059}?\Device\Tcpip6_{E2DF11E1-3A74-4709-87C4-F17E99CB8C4F}?\Device\Tcpip6_{79B20889-C786-41D9-A7AF-A70B8377706E}?\Device\Tcpip6_{3820CD7A-2945-4AB0-9639-EB97D7DA559C}?\Device\Tcpip6_{6DF0E31E-DFE0-4C6E-95A7-FB0B7383319B}?\Device\Tcpip6_{2B8E9599-FC23-4AB3-8C90-79EA7C77F76C}?
Reg HKLM\SYSTEM\ControlSet003\services\TCPIP6\Parameters\Interfaces\{6df0e31e-dfe0-4c6e-95a7-fb0b7383319b} (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\TCPIP6\Parameters\Interfaces\{6df0e31e-dfe0-4c6e-95a7-fb0b7383319b}@Dhcpv6Iaid 318767104
Reg HKLM\SYSTEM\ControlSet003\services\TCPIP6\Parameters\Interfaces\{6df0e31e-dfe0-4c6e-95a7-fb0b7383319b}@Dhcpv6State 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer@CleanShutdown 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ApplicationDestinations@MaxEntries 18
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList@MRUList ba
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2@FavoritesRemovedChanges 19
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage2@FavoritesChanges 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband@FavoritesChanges 15
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband@FavoritesRemovedChanges 19
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore@Count 124
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111620181117
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111620181117@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018111620181117
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111620181117@CachePrefix :2018111620181117:
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111620181117@CacheLimit 8192
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111620181117@CacheOptions 11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111620181117@CacheRepair 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111720181118
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111720181118@CachePath %USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012018111720181118
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111720181118@CachePrefix :2018111720181118:
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111720181118@CacheLimit 8192
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111720181118@CacheOptions 11
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018111720181118@CacheRepair 0

---- Files - GMER 2.2 ----

File C:\Program Files (x86)\ACD Systems\ACDSee\8.0 0 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\ACDSee.sip 10793 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\ACDSee8.chm 487360 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\ACDSee8.exe 3166103 bytes executable
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\ACDSeeStates.xml 19142 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LicenseAgreement.rtf 130159 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM 0 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Pages 0 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Pages\ExpiredACDSee.htm 1287 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Pages\nag-acdsee8-EN.jpg 8401 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Pages\offer.css 648 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Pages\Offer15DayTrial.htm 1329 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Pages\Offer30DayTrial.htm 1210 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Pages\OfferGracePeriod.htm 1492 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Pages\offertip.css 1005 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Products 0 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Products\ProductsFull.xml 5049 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\LM\Products\ProductsTrial.xml 5047 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart 0 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\browse.html 4819 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\fix.html 4882 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\getPhotos.html 4669 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img 0 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bg-inner-header.jpg 10669 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bg-overview-header.jpg 12079 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bg-overview-text-header.jpg 37163 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-browse-off.jpg 3954 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-browse-on.jpg 3051 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-fix-off.jpg 3759 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-fix-on.jpg 2942 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-get-photos-off.jpg 2933 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-get-photos-on.jpg 2334 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-browse-off.jpg 3354 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-browse-on.jpg 2190 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-browse-over.jpg 3294 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-fix-off.jpg 3489 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-fix-on.jpg 2307 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-fix-over.jpg 3172 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-get-photos-off.jpg 2946 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-get-photos-on.jpg 1974 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-get-photos-over.jpg 2956 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-organize-off.jpg 3533 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-organize-on.jpg 2278 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-organize-over.jpg 3419 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-preserve-off.jpg 3554 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-preserve-on.jpg 2443 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-share-off.jpg 3113 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-share-on.jpg 2051 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-share-over.jpg 2962 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-welcome-off.jpg 2538 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-welcome-over.jpg 2605 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-organize-off.jpg 3925 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-organize-on.jpg 3013 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-preserve-off.jpg 4257 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-preserve-on.jpg 3310 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-share-off.jpg 3600 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-share-on.jpg 2829 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-inner-body-footer.jpg 1731 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-inner-body-sep1.jpg 410 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-inner-browse-img.jpg 29250 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-inner-fix-img.jpg 26067 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-inner-get-photos-img.jpg 25702 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-inner-nav-sep1.jpg 603 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-inner-nav-sep2.jpg 581 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-inner-organize-img.jpg 24014 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-inner-preserve-img.jpg 30561 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-inner-share-img.jpg 27909 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-body-browse.jpg 24158 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-body-fix.jpg 30435 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-body-get-photos.jpg 30627 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-body-organize.jpg 23667 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-body-preserve.jpg 19804 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-body-sep1.jpg 542 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-body-sep2.jpg 544 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-body-share.jpg 35309 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-nav-sep-end.jpg 2380 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-nav-sep1.jpg 611 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-nav-sep2.jpg 469 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-nav-sep3.jpg 430 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-nav-sep4.jpg 409 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-nav-sep5.jpg 463 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-nav-sep6.jpg 453 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\bt-nav-preserve-over.jpg 3210 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-overview-body-blank.jpg 3544 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-title-browse.gif 1405 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-title-fix.gif 1266 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-title-get-photos.gif 1090 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-title-organize.gif 1424 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-title-preserve.gif 1437 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\img\gr-title-share.gif 1261 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\index.html 4721 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\organize.html 4946 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\preserve.html 4776 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\QuickStart\share.html 5080 bytes
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\SoundLib.dll 204800 bytes executable
File C:\Program Files (x86)\ACD Systems\ACDSee\8.0\TaskPaneStates.xml 59017 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\EN 0 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\EN\ACDCLClient30.dll 155648 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\EN\ACDDnlMgr.exe 188416 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\EN\ACDInTouch53.dll 303104 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\EN\ContactInfo.chm 52073 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\EN\DBInit.xml 27442 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.chm 46111 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe 253952 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\EN\ipwssl5.dll 321672 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\EN\myACD.chm 47022 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\EN\Sync.exe 299008 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2 0 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_ICN.apl 62608 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\AM_LHA.apl 70800 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\AM_LHA.chm 39701 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\AM_TGZ.apl 160912 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\AM_TGZ.chm 40273 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\AM_ZIP.apl 107664 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\AM_ZIP.chm 40096 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\AX_Susie.apl 50320 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\AX_Susie.chm 39194 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ContactInfo.chm 52073 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_Archive.apl 177296 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_Archive.chm 45832 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_DFinder.apl 488592 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_DFinder.chm 48110 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_Email.apl 623760 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_Email.chm 49423 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_HTML.apl 783504 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_HTML.chm 49201 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_SendPix.apl 586896 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_SendPix.chm 50342 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\CX_Tivo.apl 271504 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_ACDStd.apl 1344656 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_ACDStd.chm 61733 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_Adobe.apl 132240 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_Adobe.chm 39906 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_IFF.apl 78992 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_IFF.chm 40362 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_JP2.apl 480400 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_JP2.chm 41454 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_PSD.apl 91280 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_PSD.chm 40824 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_RAS.apl 74896 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_RAS.chm 41050 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_RSB.apl 66704 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_RSB.chm 39076 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_SGI.apl 74896 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\IDE_SGI.chm 40884 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_Canvas.apl 70800 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_DCRaw.apl 570512 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_DCRaw.chm 42340 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_DjVu.apl 562320 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_DjVu.chm 39780 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_Font.apl 66704 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_Font.chm 40026 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_FPX.apl 83088 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_FPX.chm 40460 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_ICN.chm 38888 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_ICO.apl 124048 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_ICO.chm 40308 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_Media.apl 750736 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_Media.chm 45303 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PhotoCD.apl 132240 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PhotoCD.chm 40594 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PIC.apl 66704 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PIC.chm 38942 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_Pict.apl 83088 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PICT.chm 39262 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PIX.APL 62608 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PIX.chm 39174 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PNM.apl 177296 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PNM.chm 39692 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PS.apl 255120 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PS.chm 41070 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PSP.apl 140432 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_PSP.chm 39206 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_Susie.apl 74896 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_Susie.chm 39976 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_X.apl 160912 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ID_X.chm 39744 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\ijl11.dll 180224 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\PX_Prints_Gifts.apl 45056 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\PlugIns2\SPXLib.dll 258048 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\ScreenCapture.dll 61440 bytes executable
File C:\Program Files (x86)\Common Files\ACD Systems\ShellIntMgr30.dll 389120 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\Video 0 bytes
File C:\Program Files (x86)\Common Files\ACD Systems\Video\ACDFX.ax 131072 bytes executable
File C:\Program Files (x86)\IObit\IObit Malware Fighter\Update\BDUpdate-bk.ini.tmp 0 bytes
File C:\Program Files (x86)\IObit\IObit Malware Fighter\Update\BDUpdate.ini.tmp 0 bytes
File C:\Program Files (x86)\IObit\IObit Malware Fighter\Update\Update.ini.tmp 0 bytes

---- EOF - GMER 2.2 ----

You can look on attachment, i upload 3 screenshot, on malwarebyte premium detected (if i checked scan antiroot), but if i scan using malwarebyte antirootkit the result is clean.

This is false positive? because i read on other forum said that false positive

TDSSKiller.3.1.0.20_28.11.2018_16.42.07_log.txt

aswMBR luci.txt

log gmer quick scan luci.log

kevinf80 · December 17, 2018

Hello luci and welcome to Malwarebytes,

Please download aswMBR from here: http://files.avast.com/files/rootkit-scanner/aswmbr.exe Save to your desktop.

Double click the aswMBR.exe, and click Run
There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
Click the Scan button to start the scan once the update has finished downloading
On completion of the scan, click the save log button, save it to your desktop, attach that to your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this, zip up that file and attach it to your reply..

Next,

Run the following:

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...

Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)

Make sure Addition.txt is checkmarked under "Optional scans"

Press Scan button to run the tool....
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The tool will also make a log named (Addition.txt) Please attach that log to your reply.

Thank you,

Kevin...

luci · December 18, 2018

here on the attachment

aswMBR luci.txt

MBR.7z

Addition.txt

kevinf80 · December 18, 2018

Can you also post the main log from FRST, "frst.txt" Logs are saved here:C:\FRST\Logs

You`re MBR is clean: https://www.virustotal.com/en/file/495fb1bc36ab1fd80ef2eb4009dca850b554e733bca8f3ff6d056ddc3e3f0603/analysis/1545122577/

Regards,

Kevin...

luci · December 18, 2018

here on attachment, FRST.txt

FRST.txt

kevinf80 · December 18, 2018

That log is not complete, Processes, Registry and Internet Explorer sections are missing...?

luci · December 18, 2018

sorry, i think i upload wrong MBR.dat(old MBR.dat), i'm uploading new MBR.DAT on this post

I scan on virustotal and detected as virus malmo:

https://www.virustotal.com/#/file/d5d8b71a583b38512c6ec7e8d7e1e8328bf61737539c04db3b337429817066fb/detection

Please re-check on attachment, i re-upload the new scan log and new MBR.DAT

Re-upload on attachment:

- mbr.dat

- aswMBR.txt

- FRST.txt

- addition.txt

I tested to scan this using malwarebyte but without antirootkit checked and clean

luci · December 18, 2018

5 minutes ago, kevinf80 said:

That log is not complete, Processes, Registry and Internet Explorer sections are missing...?

wait, i rescan, btw can you re-check the mbr.dat on post above me?

luci · December 19, 2018

9 minutes ago, kevinf80 said:

That log is not complete, Processes, Registry and Internet Explorer sections are missing...?

this the new log + new MBR.DAT

Please check this, i scan on virustotal detected as malmo = https://www.virustotal.com/#/file/d5d8b71a583b38512c6ec7e8d7e1e8328bf61737539c04db3b337429817066fb/detection

But i scan that MBR.DAT using malwarebyte premium without checking the scan rootkit the result is clean, i will scan using malarebyte antirootkit beta again after this post/on the next post

Addition_19-12-2018 06.59.25.txt

FRST_19-12-2018 06.59.25.txt

MBR.7z

kevinf80 · December 19, 2018

MBR.dat you upload is coming in as clean...? https://www.virustotal.com/en/file/7c0e2f07e1d5dd007958cc8ab5cd68ddb3b86134857abf82630ed6b0969a51c8/analysis/1545177811/

luci · December 19, 2018

6 minutes ago, kevinf80 said:

MBR.dat you upload is coming in as clean...? https://www.virustotal.com/en/file/7c0e2f07e1d5dd007958cc8ab5cd68ddb3b86134857abf82630ed6b0969a51c8/analysis/1545177811/

wait, why the result scanning from virustotal is different from you and me?

i scan this mbr.dat on virustotal and the result is like this: https://www.virustotal.com/#/file/d5d8b71a583b38512c6ec7e8d7e1e8328bf61737539c04db3b337429817066fb/detection

On first post i uploading the wrong mbr.dat file, but on the next post i reupload the new file of mbr.dat, here i send again the new mbr.dat on attachment

I try scanning this file mbr.dat on attachment and the result is malmo

Look on screenshot on attachment, that the result from https://www.virustotal.com/#/file/d5d8b71a583b38512c6ec7e8d7e1e8328bf61737539c04db3b337429817066fb/detection

As you can see, malwarebyte on virustotal detected as clean, but other antivirus detected as malmo, i use red circle line on that screenshot

I scan using malwarebyte antirootkit with current update, and clean too

MBR.7z

luci · December 19, 2018

try this, i uploading using sendspace, without zipped to 7z

https://www.sendspace.com/file/q598cf

luci · December 19, 2018

If i scan that MBR.DAT using IOBIT Malwarefighter the result is detected

Please re-check the new MBR.DAT on sendspace link above this post

here= https://www.sendspace.com/file/q598cf --------------------> (mbr.dat), please ignore the file i upload on first post about mbr.dat, i upload wrong file, the new file is that file on sendspace

kevinf80 · December 19, 2018

Hello luci

Unfortunately I cannot upload that file onto my PC, my security flags it as malicious. Probably the best way forward is to replace the MBR....

https://www.sevenforums.com/tutorials/20864-mbr-restore-windows-7-master-boot-record.html

Thank you,

Kevin...

luci · December 19, 2018

3 minutes ago, kevinf80 said:

Hello luci

Unfortunately I cannot upload that file onto my PC, my security flags it as malicious. Probably the best way forward is to replace the MBR....

https://www.sevenforums.com/tutorials/20864-mbr-restore-windows-7-master-boot-record.html

Thank you,

Kevin...

if i clean from malwarebyte premium while antirootkit checkbox is checked, any risk my HDD partition will get error??

Because if i scan using mallwarebyte antirootkit beta (difference software from malwarebyte premium), the scan result is clean.

I don't know why malwarebyte premium and malwarebyte antirootkit beta have difference scan result

kevinf80 · December 19, 2018

Not really sure what you mean, can you run a scan with Malwarebytes with rootkit selected, do not take any action just save and post that log...

luci · December 19, 2018

12 hours ago, kevinf80 said:

Not really sure what you mean, can you run a scan with Malwarebytes with rootkit selected, do not take any action just save and post that log...

i means, i read other forum and they said if i clean mbr.dat then my hdd partition will get error

Already scan using 2 software:

1. Malwarebyte premium

2. Malwarebyte antirootkit beta, from https://www.malwarebytes.com/antirootkit/ (this difference software)

Scan Result:

1. I scan using malwarebyte premium with rootkit selected, scan result is detected: detected: Rootkit.MBR.Malmo.A (Boot image)

screenshot on attachment= malwarepremium1.jpg

2. i scan using Malwarebyte antirootkit beta, the scan result is clean.

screenshot on attachment= malwarebyteantirootkitbeta.jpg

Why 2 malwarebyte software show difference scan result?

I read other forum at https://support.emsisoft.com/topic/26435-boot-virus-malmo-just-one-problem-out-of-many/ , there is case like my case and they said false positive, look screenshot on attachment falsepositive.jpg

They said: "This is an older MBR bootkit

\DosDevices\PhysicalDrive1     detected: Rootkit.MBR.Malmo.A (Boot image) (B) [krnl.xmd]

and is very likey a false positive based on what I can see in your logs."

luci · December 19, 2018

LOG SCAN MALWAREBYTE PREMIUM 3.5.1

-Log Details-
Scan Date: 12/14/18
Scan Time: 7:51 PM
Log File: 06c5a37a-ff9f-11e8-82d0-00ff3820cd7a.json
Administrator: Yes

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.365
Update Package Version: 1.0.8055
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: AzurLanePC\Yuudachi

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 232927
Threats Detected: 2
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 5 min, 0 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 2
Bootkit.Malmo.MBR, 0, No Action By User, [15174], [514093],0.0.0
Bootkit.Malmo.MBR, 1, No Action By User, [15174], [514093],0.0.0

WMI: 0
(No malicious items detected)

(end)

But remember, if i scan using Malwarebyte Antirootkit Beta, the scan result is clean

kevinf80 · December 20, 2018

The thread you quote ran from GPT I believe, your system boots from MBR... As you have Premium version of Malwarebytes I`m moving your thread to Malwarebytes 3 Support Forum, maybe @dcollins one of the staff guys will have a look at your thread and make a decision....

Thank you,

Kevin...

luci · December 20, 2018

55 minutes ago, kevinf80 said:

The thread you quote ran from GPT I believe, your system boots from MBR... As you have Premium version of Malwarebytes I`m moving your thread to Malwarebytes 3 Support Forum, maybe @dcollins one of the staff guys will have a look at your thread and make a decision....

Thank you,

Kevin...

okay, i'm waiting

Because i scan using 2 malwarebyte difference product, and the scan result is difference too

1. Malwarebyte antirootkit beta, from https://www.malwarebytes.com/antirootkit/ (this difference software) = result clean

2. Malwarebyte Premium with antiroot checked= result detected malmo

If i scan using Malwarebyte antirootkit beta if the result is detected so i sure 100% trojan, but the fact is if i scan using Malwarebyte antirootkit beta the scan result is clean.

I still have big question, why software Malwarebyte antirootkit beta which that software more specially to detected rootkit but in my case not detected alias clean??

This difference scan result make me not sure 100% if that detecting result is trojan, i don't know ..., need someone who can help me

luci · December 20, 2018

8 hours ago, luci said:

okay, i'm waiting

Because i scan using 2 malwarebyte difference product, and the scan result is difference too

1. Malwarebyte antirootkit beta, from https://www.malwarebytes.com/antirootkit/   (this difference software) = result clean

2. Malwarebyte Premium with antiroot checked= result detected malmo

If i scan using  Malwarebyte antirootkit beta if the result is detected so i sure 100% trojan, but the fact is if i scan using  Malwarebyte antirootkit beta the scan result is clean.

I still have big question, why software  Malwarebyte antirootkit beta which that software more specially to detected rootkit but in my case not detected alias clean??

This difference scan result make me not sure 100% if that detecting result is trojan, i don't know ..., need someone who can help me

as i said before, i scan using 2 malwarebyte difference product

here log malwarebyte antirootkit beta:

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
main: v2018.12.20.03
rootkit: v2018.12.20.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Yuudachi :: AZURLANEPC [administrator]

12/20/2018 4:44:42 PM
mbar-log-2018-12-20 (16-44-42).txt

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

And log Malwarebyte premium:

LOG SCAN MALWAREBYTE PREMIUM 3.5.1

-Log Details-
Scan Date: 12/14/18
Scan Time: 7:51 PM
Log File: 06c5a37a-ff9f-11e8-82d0-00ff3820cd7a.json
Administrator: Yes

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.365
Update Package Version: 1.0.8055
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: AzurLanePC\Yuudachi

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 232927
Threats Detected: 2
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 5 min, 0 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 2
Bootkit.Malmo.MBR, 0, No Action By User, [15174], [514093],0.0.0
Bootkit.Malmo.MBR, 1, No Action By User, [15174], [514093],0.0.0

WMI: 0
(No malicious items detected)

(end)

You can see, 2 software but with difference scan result, malwarebyte premium with antirootkit checked is detected, but malwarebyte antirootkit scan result is clean.

Somebody help me

mbar-log-2018-12-20 (16-44-42).txt

kevinf80 · December 20, 2018

Hiya luci.

I`m surprised @dcollins has not responded, maybe @exile360 will have a look...

Thank you,

Kevin..

exile360 · December 21, 2018

I didn't read the whole thread, but is there a particular reason you're scanning with the outdated version 3.5.1 of Malwarebytes rather than the latest 3.6.1? If not, then please download and install it from here, then try running a Threat scan with rootkit scanning enabled to see if it still detects the rootkit.

Thanks

luci · December 21, 2018

1 hour ago, exile360 said:

I didn't read the whole thread, but is there a particular reason you're scanning with the outdated version 3.5.1 of Malwarebytes rather than the latest 3.6.1? If not, then please download and install it from here, then try running a Threat scan with rootkit scanning enabled to see if it still detects the rootkit.

Thanks

yes, the owner of this PC prefer ver. 3.5.1 but the database update is current

I have sample of mbr.dat from farbar, can you check my sample mbr.dat?

here= https://www.sendspace.com/file/q598cf --------------------> (mbr.dat)

Can you check my mbr.dat sample?

Because if i scan with Malwarebyte antirootkit beta, from https://www.malwarebytes.com/antirootkit/ (this difference software) = scan result clean (with current update)

And the log on attachment.

i scan using 2 malwarebyte difference product

here log malwarebyte antirootkit beta:

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
main: v2018.12.20.03
rootkit: v2018.12.20.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Yuudachi :: AZURLANEPC [administrator]

12/20/2018 4:44:42 PM
mbar-log-2018-12-20 (16-44-42).txt

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

And log Malwarebyte premium:

LOG SCAN MALWAREBYTE PREMIUM 3.5.1

-Log Details-
Scan Date: 12/14/18
Scan Time: 7:51 PM
Log File: 06c5a37a-ff9f-11e8-82d0-00ff3820cd7a.json
Administrator: Yes

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.365
Update Package Version: 1.0.8055
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: AzurLanePC\Yuudachi

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 232927
Threats Detected: 2
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 5 min, 0 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 2
Bootkit.Malmo.MBR, 0, No Action By User, [15174], [514093],0.0.0
Bootkit.Malmo.MBR, 1, No Action By User, [15174], [514093],0.0.0

WMI: 0
(No malicious items detected)

(end)

You can see, 2 software but with difference scan result, malwarebyte premium with antirootkit checked is detected, but malwarebyte antirootkit scan result is clean.

I scan using IOBIT Malware Fighter is clean too if i scan root

Addition new.txt

FRST new.txt

luci · December 21, 2018

adding log aswMBR with database avast updated:

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2018-12-21 09:56:48
-----------------------------
09:56:48.951 OS Version: Windows x64 6.1.7601 Service Pack 1
09:56:48.951 Number of processors: 4 586 0x2A07
09:56:48.951 ComputerName: AZURLANEPC UserName: Yuudachi
09:56:49.665 Initialize success
09:56:49.727 VM: initialized successfully
09:56:49.728 VM: Intel CPU supported
09:56:52.499 VM: supported disk I/O ataport.SYS
10:02:52.119 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:02:52.123 Disk 0 Vendor: ST1000DM010-2EP102 CC43 Size: 953869MB BusType: 3
10:02:52.126 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
10:02:52.128 Disk 1 Vendor: ST3320310CS ES11 Size: 305245MB BusType: 3
10:02:52.251 VM: Disk 1 MBR read successfully
10:02:52.254 Disk 1 MBR scan
10:02:52.257 Disk 1 unknown MBR code
10:02:52.262 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:02:52.268 Disk 1 default boot code
10:02:52.272 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 72000 MB offset 206848
10:02:52.287 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 233143 MB offset 147662848
10:02:52.412 Disk 1 scanning C:\Windows\system32\drivers
10:03:00.649 Service scanning
10:03:27.738 Modules scanning
10:03:27.745 Disk 1 trace - called modules:
10:03:27.804 ntoskrnl.exe CLASSPNP.SYS disk.sys DfDiskLow.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
10:03:27.809 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8005ff5060]
10:03:27.813 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa8005e798e0]
10:03:27.818 5 DfDiskLow.sys[fffff880016371c9] -> nt!IofCallDriver -> [0xfffffa8005979580]
10:03:27.822 7 ACPI.sys[fffff88000d697a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa800597b060]
10:03:27.826 \Driver\atapi[0xfffffa80058dec10] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> DfDiskLow.sys[0xfffff88001631318]
10:03:27.831 Disk 1 statistics 101970/0/0 @ 9.31 MB/s
10:03:27.835 Scan finished successfully
10:04:40.099 Disk 1 MBR has been saved successfully to "C:\Users\Yuudachi\Downloads\MBR.dat"
10:04:40.104 The log file has been saved successfully to "C:\Users\Yuudachi\Downloads\aswMBR 21 december.txt"

mbr.dat sample still same at https://www.sendspace.com/file/q598cf --------------------> (mbr.dat)

aswMBR 21 december.txt

bootkit.Malmo.MBR is false positive or not?

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Important Information