Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: US charges Samourai cryptomixer founders for laundering $100 million

Featured Deal: A one-year Sam's Club membership is only $14 now

Latest Buyer's Guide: How to setup a VPN on your router: Detailed walkthrough

I've been advised to post here - original post 11/05 - thanks

Started by KerryJo2712 , May 21 2018 06:03 PM

Please log in to reply

8 replies to this topic

#1 KerryJo2712

Members
27 posts
OFFLINE

Gender:Female
Location:Manchester
Local time:06:04 AM

Posted 21 May 2018 - 06:03 PM

Hello there, I have posted in 3 seperate threads and received only 1 reply directing me to post here since posting this particular thread on the 11th May......I have included links to the other 2 posts below, I received lots of help through this site around a year ago and would appreciate it if anyone could direct me in running checks and analyzing the subsequent data.....I'm being targeted online for various reasons, not through any wrong doing of my own but because I dared to stand up to bullies so any help with this persistent threat would be greatly appreciated

https://www.bleepingcomputer.com/forums/t/677322/facebook-source-code-cavalry-keylogger-active-listening/#entry4499399

Many thanks

https://www.bleepingcomputer.com/forums/t/677317/new-hp-laptop-c-drive-full-virtual-memory-full-am-i-infected/

https://www.bleepingcomputer.com/forums/t/677321/i-think-my-router-has-been-hacked-cloned-or-streaming-audiovideo/

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 boopme

To Insanity and Beyond

Helper Emeritus
85,296 posts
OFFLINE

Gender:Male
Location:NJ USA
Local time:01:04 AM

Posted 24 May 2018 - 10:36 AM

Hello, start with these scans.

MiniToolBox

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
- Flush DNS
- Report IE Proxy Settings
- Reset IE Proxy Settings
- Report FF Proxy Settings
- Reset FF Proxy Settings
- List content of Hosts
- List IP conf[iguration
- List Winsock Entries
- List last 10 Event Viewer log
- List Installed Programs
- List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

TDSSKiller

Download TDSSKiller and save it to your desktop.
Extract (unzip) its contents to your desktop.
Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

And finally I'd like us to scan your machine with ESET OnlineScan:

Please download and run ESET Online Scanner
Check (if available) and click on the button.

It is recommended to turn off your antivirus program. Click on the button to see which antivirus is currently enabled:

Turn off your antivirus program. See here how to do this.

Check the option beside: Enable detection of potentially unwanted applications.
Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:

Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology

Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.

Push the button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes a list of found threats will open automatically (if any malicious files are found).

Push the button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
Push the button.
Check the box beside to uninstall the application when closed.
Push and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 KerryJo2712

Topic Starter

Members
27 posts
OFFLINE

Gender:Female
Location:Manchester
Local time:06:04 AM

Posted 28 May 2018 - 12:30 PM

Hello there, thank you for your help with this and apologies for the delay I've had no internet connection...here is MTB results just ran now

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Boss (administrator) on 28-05-2018 at 18:20:52
Running from "C:\Documents and Settings\Boss\My Documents\Kerrys docs"
Microsoft Windows XP Professional Service Pack 3, v.6419 (X86)
Model: EG780AA-ABU a1228.uk Manufacturer: HP Pavilion 061
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory

Hosts file not detected in the default directory
========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Intel(R) PRO/100 VE Network Connection = Local Area Connection (Connected)


# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration        Host Name . . . . . . . . . . . . : yesitsme        Primary Dns Suffix  . . . . . . . :         Node Type . . . . . . . . . . . . : Unknown        IP Routing Enabled. . . . . . . . : No        WINS Proxy Enabled. . . . . . . . : Yes        DNS Suffix Search List. . . . . . : lanEthernet adapter Local Area Connection:        Connection-specific DNS Suffix  . : lan        Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection        Physical Address. . . . . . . . . : 00-13-D3-91-F9-D1        Dhcp Enabled. . . . . . . . . . . : Yes        Autoconfiguration Enabled . . . . : Yes        IP Address. . . . . . . . . . . . : 192.168.1.68        Subnet Mask . . . . . . . . . . . : 255.255.255.0        Default Gateway . . . . . . . . . : 192.168.1.254        DHCP Server . . . . . . . . . . . : 192.168.1.254        DNS Servers . . . . . . . . . . . : 192.168.1.254        Lease Obtained. . . . . . . . . . : Monday, May 28, 2018 6:13:24 PM        Lease Expires . . . . . . . . . . : Tuesday, May 29, 2018 6:13:24 PMServer:  UnKnown
Address:  192.168.1.254

Pinging google.com [216.58.210.46] with 32 bytes of data:Reply from 216.58.210.46: bytes=32 time=13ms TTL=54Reply from 216.58.210.46: bytes=32 time=13ms TTL=54Ping statistics for 216.58.210.46:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 13ms, Maximum = 13ms, Average = 13msServer:  UnKnown
Address:  192.168.1.254

Pinging yahoo.com [98.137.246.8] with 32 bytes of data:Reply from 98.137.246.8: bytes=32 time=153ms TTL=49Reply from 98.137.246.8: bytes=32 time=152ms TTL=49Ping statistics for 98.137.246.8:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 152ms, Maximum = 153ms, Average = 152msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 d3 91 f9 d1 ...... Intel(R) PRO/100 VE Network Connection - McAfee Core NDIS Intermediate Filter Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.68	  20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1	  1
      192.168.1.0    255.255.255.0     192.168.1.68    192.168.1.68	  20
     192.168.1.68  255.255.255.255        127.0.0.1       127.0.0.1	  20
    192.168.1.255  255.255.255.255     192.168.1.68    192.168.1.68	  20
        224.0.0.0        240.0.0.0     192.168.1.68    192.168.1.68	  20
  255.255.255.255  255.255.255.255     192.168.1.68    192.168.1.68	  1
Default Gateway:     192.168.1.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\system32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/28/2018 06:09:39 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 800706BF from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (05/28/2018 11:26:49 AM) (Source: Application Error) (User: )
Description: Faulting application amazon music helper.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x001501f0.
Processing media-specific event for [amazon music helper.exe!ws!]

Error: (05/25/2018 01:57:09 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.3311, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [explorer.exe!ws!]

Error: (05/25/2018 09:34:19 AM) (Source: Application Error) (User: )
Description: Faulting application wmplayer.exe, version 11.0.5721.5145, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [wmplayer.exe!ws!]

Error: (05/25/2018 04:57:51 AM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 52.8.0.6607, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [firefox.exe!ws!]

Error: (05/25/2018 04:44:45 AM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 52.8.0.6694, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [firefox.exe!ws!]

Error: (05/25/2018 01:56:11 AM) (Source: Application Error) (User: )
Description: Faulting application McSvHost.exe, version 3.8.703.0, faulting module unknown, version 0.0.0.0, fault address 0x00640068.
Processing media-specific event for [McSvHost.exe!ws!]

Error: (05/25/2018 01:42:56 AM) (Source: Application Error) (User: )
Description: Faulting application hwupdchk.exe, version 13.8.703.0, faulting module hwupdchk.exe, version 13.8.703.0, fault address 0x0004113e.
Error in creating result PEAP-TLV in response to received PEAP-TLV (hwupdchk.exe!ld!)

Error: (05/25/2018 12:42:02 AM) (Source: Application Hang) (User: )
Description: Hanging application HelpCtr.exe, version 5.1.2600.3311, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/24/2018 02:08:57 PM) (Source: Application Hang) (User: )
Description: Hanging application WINWORD.EXE, version 14.0.7208.5000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (05/28/2018 06:17:15 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.

Error: (05/28/2018 06:16:42 PM) (Source: Service Control Manager) (User: )
Description: The Office Software Protection Platform service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (05/28/2018 06:16:42 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Office Software Protection Platform service to connect.

Error: (05/28/2018 06:16:12 PM) (Source: Service Control Manager) (User: )
Description: The Office Software Protection Platform service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (05/28/2018 06:16:12 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Office Software Protection Platform service to connect.

Error: (05/28/2018 06:14:29 PM) (Source: DCOM) (User: YESITSME)
Description: The server {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4} did not register with DCOM within the required timeout.

Error: (05/28/2018 06:13:24 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.

Error: (05/28/2018 06:11:10 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the mcpltsvc service.

Error: (05/28/2018 06:10:40 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the McNaiAnn service.

Error: (05/28/2018 06:10:10 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the McMPFSvc service.


Microsoft Office Sessions:
=========================
Error: (05/28/2018 06:09:39 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp44800706BF

Error: (05/28/2018 11:26:49 AM) (Source: Application Error)(User: )
Description: amazon music helper.exe0.0.0.0unknown0.0.0.0001501f0

Error: (05/25/2018 01:57:09 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.3311unknown0.0.0.000000000

Error: (05/25/2018 09:34:19 AM) (Source: Application Error)(User: )
Description: wmplayer.exe11.0.5721.5145unknown0.0.0.000000000

Error: (05/25/2018 04:57:51 AM) (Source: Application Error)(User: )
Description: firefox.exe52.8.0.6607unknown0.0.0.000000000

Error: (05/25/2018 04:44:45 AM) (Source: Application Error)(User: )
Description: firefox.exe52.8.0.6694unknown0.0.0.000000000

Error: (05/25/2018 01:56:11 AM) (Source: Application Error)(User: )
Description: McSvHost.exe3.8.703.0unknown0.0.0.000640068

Error: (05/25/2018 01:42:56 AM) (Source: Application Error)(User: )
Description: hwupdchk.exe13.8.703.0hwupdchk.exe13.8.703.00004113e

Error: (05/25/2018 12:42:02 AM) (Source: Application Hang)(User: )
Description: HelpCtr.exe5.1.2600.3311hungapp0.0.0.000000000

Error: (05/24/2018 02:08:57 PM) (Source: Application Hang)(User: )
Description: WINWORD.EXE14.0.7208.5000hungapp0.0.0.000000000


=========================== Installed Programs ============================

Adobe Flash Player 29 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.6.606 - Adobe Systems, Inc.)
Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - )
AiO_Scan (HKLM\...\{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}) (Version: 50.0.227.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Citrix Receiver (Enterprise) (HKLM\...\CitrixOnlinePluginFull) (Version: 13.4.0.25 - Citrix Systems, Inc.)
Citrix Receiver (HDX Flash Redirection) (HKLM\...\{0E8DC723-F1CD-424A-96CC-12428E7A1B4B}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (HKLM\...\{9D431014-9F90-4335-A58E-8A14B0BD77F1}) (Version: 3.4.0.29585 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (HKLM\...\{E3A60962-B768-4EA3-B0B6-DA671276B81A}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (HKLM\...\{D29DDA9B-FE05-48F1-A9D1-F6346A0A301A}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver(PNA) (HKLM\...\{7093E21A-5E1F-4EB0-B867-F11D1FC0E9AD}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver(SSON) (HKLM\...\{D0992620-D8C1-4C65-ABD7-56E217415791}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (HKLM\...\{3068513C-3AAC-410B-BAE7-C7837FFF8DEB}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Epson Easy Photo Print 2 (HKLM\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version:  - SEIKO EPSON Corporation)
FVD Downloader Module (HKLM\...\{A3F74A3C-6824-4878-AB46-21280389D09F}) (Version: 1.0.8 - Nimbus)
GearDrvs (HKLM\...\{CB84F0F2-927B-458D-9DC5-87832E3DC653}) (Version: 1.00.0000 - GEAR Software) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP PSC & OfficeJet 5.3.B (HKLM\...\{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}) (Version:  - HP)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4363 - )
Intel(R) PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 52.8.0 ESR (x86 en-US) (HKLM\...\Mozilla Firefox 52.8.0 ESR (x86 en-US)) (Version: 52.8.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.8.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{AEB9948B-4FF2-47C9-990E-47014492A0FE}) (Version: 6.00.3883.8 - Microsoft Corporation)
Online Plug-in (HKLM\...\{7BD3DC6D-A2BE-4345-B6EE-D146193DB18F}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
Plusnet Protect (HKLM\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
QFolder (HKLM\...\{8777AC6D-89F9-4793-8266-DE406F343E89}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5605 - Realtek Semiconductor Corp.)
Recover Keys (HKLM\...\Recover Keys_is1) (Version: 10.0.4.201 - Recover Keys)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung New PC Studio USB Driver Installer (HKLM\...\{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Scan (HKLM\...\{C506A18C-1469-4678-B094-F4EC9DAE6DB7}) (Version: 5.2.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.203 - McAfee, Inc.)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
User's Guide EPSON SX130 Series (HKLM\...\EPSON SX130 Series Useg) (Version:  - )
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - MobileTop (sshpmdm) Modem  (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - MobileTop (sshpusb) USB  (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows PowerShell(TM) 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)

========================= Memory info: ===================================

Percentage of memory in use: 66%
Total physical RAM: 1015.36 MB
Available physical RAM: 336.96 MB
Total Virtual: 1718.49 MB
Available Virtual: 902.59 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:142.07 GB) (Free:112.88 GB) NTFS
3 Drive e: () (Removable) (Total:0.06 GB) (Free:0.06 GB) FAT
6 Drive h: (HP_RECOVERY) (Fixed) (Total:6.96 GB) (Free:3.25 GB) FAT32
8 Drive j: (EXT STORE I) (Removable) (Total:28.95 GB) (Free:26.09 GB) FAT32

========================= Users: ========================================

User accounts for \\YESITSME

Administrator            Boss                     Guest                    


**** End of log ****

#4 boopme

To Insanity and Beyond

Helper Emeritus
85,296 posts
OFFLINE

Gender:Male
Location:NJ USA
Local time:01:04 AM

Posted 29 May 2018 - 11:05 AM

OK will wait for further logs.

#5 KerryJo2712

Topic Starter

Members
27 posts
OFFLINE

Gender:Female
Location:Manchester
Local time:06:04 AM

Posted 30 May 2018 - 07:44 PM

01:17:23.0031 0x098c TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
01:17:24.0671 0x098c

============================================================
01:17:24.0671 0x098c Current date / time: 2018/05/31 01:17:24.0671
01:17:24.0671 0x098c SystemInfo:
01:17:24.0671 0x098c
01:17:24.0671 0x098c OS Version: 5.1.2600 ServicePack: 3.0
01:17:24.0671 0x098c Product type: Workstation
01:17:24.0671 0x098c ComputerName: YESITSME
01:17:24.0671 0x098c UserName: Boss
01:17:24.0671 0x098c Windows directory: C:\WINDOWS
01:17:24.0671 0x098c System windows directory: C:\WINDOWS
01:17:24.0671 0x098c Processor architecture: Intel x86
01:17:24.0671 0x098c Number of processors: 1
01:17:24.0671 0x098c Page size: 0x1000
01:17:24.0671 0x098c Boot type: Normal boot
01:17:24.0671 0x098c

============================================================
01:17:24.0671 0x098c KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 2600.6419,

osProperties = 0x0
01:17:24.0671 0x098c KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 2600.6419,

osProperties = 0x0
01:17:24.0671 0x098c BG loaded
01:17:28.0796 0x098c System UUID: {F7F5308D-235B-E013-430E-C35D7979173F}
01:18:03.0218 0x098c Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ),

SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type

'K0', Flags 0x00000054
01:18:03.0281 0x098c Drive \Device\Harddisk1\DR3 - Size: 0x3B80000 ( 0.06 Gb ),

SectorSize: 0x200, Cylinders: 0x7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:18:03.0437 0x098c

============================================================
01:18:03.0437 0x098c \Device\Harddisk0\DR0:
01:18:03.0625 0x098c MBR partitions:
01:18:03.0625 0x098c \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F,

BlocksNum 0xDF11CF
01:18:03.0625 0x098c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA

0xDF120E, BlocksNum 0x11C239F2
01:18:03.0625 0x098c \Device\Harddisk1\DR3:
01:18:03.0640 0x098c MBR partitions:
01:18:03.0640 0x098c \Device\Harddisk1\DR3\Partition1: MBR, Type 0xE, StartLBA 0x27,

BlocksNum 0x1DBD9
01:18:03.0640 0x098c

============================================================
01:18:04.0484 0x098c C: <-> \Device\Harddisk0\DR0\Partition2
01:18:04.0828 0x098c H: <-> \Device\Harddisk0\DR0\Partition1
01:18:04.0875 0x098c

============================================================
01:18:04.0875 0x098c Initialize success
01:18:04.0875 0x098c

============================================================
01:18:19.0875 0x0cf4

============================================================
01:18:19.0875 0x0cf4 Scan started
01:18:19.0875 0x0cf4 Mode: Manual; SigCheck; TDLFS;
01:18:19.0875 0x0cf4

============================================================
01:18:19.0875 0x0cf4 KSN ping started
01:18:22.0515 0x0cf4 KSN ping finished: true
01:18:41.0812 0x0cf4 ================ Scan system memory

========================
01:18:41.0843 0x0cf4 System memory - ok
01:18:41.0843 0x0cf4 ================ Scan services

=============================
01:18:49.0125 0x0cf4 Abiosdsk - ok
01:18:49.0125 0x0cf4 abp480n5 - ok
01:18:49.0187 0x0cf4 ACDaemon - ok
01:18:49.0234 0x0cf4 [ 6F2130D1F91CFAAA53A0202F22CC23AF,

581DA5E6257F27D75DADDF01BB101B1361ED466CA8E2EDD3771D4CE0F991A9E7 ] ACPI

   C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:19:05.0734 0x0cf4 ACPI - ok
01:19:06.0453 0x0cf4 [ 9859C0F6936E723E4892D7141B1327D5,

5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC

     C:\WINDOWS\system32\drivers\ACPIEC.sys
01:19:07.0593 0x0cf4 ACPIEC - ok
01:19:08.0953 0x0cf4 [ C237E820E6FB291557108324E6A0AAAC,

9C98C0E6A0E0BB46CBAB253B4CF98A830D84A7AD1EFA903206F8E1E8D21B08CC ]

AdobeFlashPlayerUpdateSvc

C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:19:09.0671 0x0cf4 AdobeFlashPlayerUpdateSvc - detected UnsignedFile.Multi.Generic (

1 )
01:19:20.0421 0x0cf4 AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) -

warning
01:19:40.0484 0x0cf4 adpu160m - ok
01:19:40.0609 0x0cf4 [ 8BED39E3C35D6A489438B8141717A557,

1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec

C:\WINDOWS\system32\drivers\aec.sys
01:19:41.0421 0x0cf4 aec - ok
01:19:41.0562 0x0cf4 [ 1E44BC1E83D8FD2305F8D452DB109CF9,

CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD

C:\WINDOWS\System32\drivers\afd.sys
01:19:42.0046 0x0cf4 AFD - ok
01:19:42.0625 0x0cf4 [ 34F27C7D71F1C49C7D3857F28B42F544,

C307405BC92E174BF696F9A5EC844A95AD983AE2C4223C89F445D89A3361A232 ]

AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
01:19:45.0625 0x0cf4 AgereSoftModem - ok
01:19:45.0640 0x0cf4 Aha154x - ok
01:19:45.0671 0x0cf4 aic78u2 - ok
01:19:45.0671 0x0cf4 aic78xx - ok
01:19:46.0031 0x0cf4 [ A437A28E5B21807583F2CE2AC5F76192,

574FD8B9C79E003D76F00AB1CD3E0ED38EAE94ED1B9BFB65AC07CA47409BEAEC ] Alerter

   C:\WINDOWS\system32\alrsvc.dll
01:19:46.0609 0x0cf4 Alerter - ok
01:19:46.0906 0x0cf4 [ B3F4D7870D95478A4771EB42B7927EAB,

DDFAA116F0807CB1D84A9C13105BEE66E4E5844D0CF9A93BDBBB33B49F82F613 ] ALG

C:\WINDOWS\System32\alg.exe
01:19:47.0281 0x0cf4 ALG - ok
01:19:47.0281 0x0cf4 AliIde - ok
01:19:47.0296 0x0cf4 amsint - ok
01:19:48.0000 0x0cf4 [ A4DDB52FE0846A7F90C79CE9C655AD0A,

1E94EE38D068829172C8C8EEC5F14EF130A39814793F79E95D57A07B0BEB88A5 ] AppMgmt

     C:\WINDOWS\System32\appmgmts.dll
01:19:48.0781 0x0cf4 AppMgmt - ok
01:19:50.0500 0x0cf4 [ 9EEBF325F8B4683973F0AF30C6CF150E,

916EDE7005A4EC1854BC3E27E2FA3EE034EF4122FF75697E8991156F018ECFE4 ] Arp1394

C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:19:51.0812 0x0cf4 Arp1394 - ok
01:19:51.0828 0x0cf4 asc - ok
01:19:51.0828 0x0cf4 asc3350p - ok
01:19:51.0875 0x0cf4 asc3550 - ok
01:20:11.0281 0x0cf4 [ 0E5E4957549056E2BF2C49F4F6B601AD,

F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ]

aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:20:11.0703 0x0cf4 aspnet_state - ok
01:20:11.0828 0x0cf4 [ 8F619CF1D0750066A4AAB48F38907D22,

141419C184E7923B32DDB213BF6EFAA022055EE21E90BBA93B9EC4783803C2C1 ] AsyncMac

       C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:20:12.0203 0x0cf4 AsyncMac - ok
01:20:12.0312 0x0cf4 [ 7316AFA8EFA110621D6D90722AF3EFE6,

717FA969665699EF1F2DA789F29D011C490B3F8125D7EE8CD1CEEB414B471997 ] atapi

C:\WINDOWS\system32\DRIVERS\atapi.sys
01:20:12.0671 0x0cf4 atapi - ok
01:20:12.0687 0x0cf4 Atdisk - ok
01:20:12.0828 0x0cf4 [ AF6F35D96B0220D1355318351E9B9FBE,

3ED2E8098F4C96D151D0851C35195220C1D67273D9AD03E218DB88E0A32F0607 ] Atmarpc

      C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:20:13.0281 0x0cf4 Atmarpc - ok
01:20:13.0484 0x0cf4 [ 1B66662A027EFBE4541783F0723D71D5,

2B8795B4F61D9FA3A5A7DD2FA2CA93F7DA000EB36B3ADB0243C60FD7E70DD1BE ] AudioSrv

       C:\WINDOWS\System32\audiosrv.dll
01:20:13.0750 0x0cf4 AudioSrv - ok
01:20:14.0000 0x0cf4 [ D9F724AA26C010A217C97606B160ED68,

329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub

    C:\WINDOWS\system32\DRIVERS\audstub.sys
01:20:14.0312 0x0cf4 audstub - ok
01:20:14.0515 0x0cf4 [ DA1F27D85E0D1525F6621372E7B685E9,

5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep

       C:\WINDOWS\system32\drivers\Beep.sys
01:20:14.0781 0x0cf4 Beep - ok
01:20:15.0656 0x0cf4 [ D9FF0A70A51FB61F5ABD0CEA62749E03,

B58EC65F60F37D20CD727DE814A510EC90F5B67E8430F79E0D7D8C9C58DA74E3 ] BITS

C:\WINDOWS\system32\qmgr.dll
01:20:16.0843 0x0cf4 BITS - ok
01:20:16.0937 0x0cf4 [ CFD4E51402DA9838B5A04AE680AF54A0,

5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser

C:\WINDOWS\System32\browser.dll
01:20:17.0390 0x0cf4 Browser - ok
01:20:17.0593 0x0cf4 [ 90A673FC8E12A79AFBED2576F6A7AAF9,

BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k

C:\WINDOWS\system32\drivers\cbidf2k.sys
01:20:18.0140 0x0cf4 cbidf2k - ok
01:20:18.0171 0x0cf4 cd20xrnt - ok
01:20:18.0265 0x0cf4 [ C1B486A7658353D33A10CC15211A873B,

AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio

     C:\WINDOWS\system32\drivers\Cdaudio.sys
01:20:18.0718 0x0cf4 Cdaudio - ok
01:20:18.0828 0x0cf4 [ B7E6F9E557905F038D6EFD115B4FF618,

B70B3F452385E7BB845EAD97542C1C6631C7F6DA6DFB3019C477109D4F80B806 ] Cdfs

C:\WINDOWS\system32\drivers\Cdfs.sys
01:20:19.0062 0x0cf4 Cdfs - ok
01:20:19.0171 0x0cf4 [ F18AB264458913B1304FE899F5FA68FB,

D7250EF6DC09DCAE45E25E69DDD037183BEE192ACA4C8E97975E559A935512DE ] Cdrom

      C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:20:20.0171 0x0cf4 Cdrom - ok
01:20:20.0203 0x0cf4 [ 0DAAE43A50E7A0BE59052E05E2DACA5D,

FC9F3C9E1CA86CAA5451C3D23F1443DEDACFE0F327B4321BD2B441C69183B51D ] cfwids

     C:\WINDOWS\system32\drivers\cfwids.sys
01:20:21.0015 0x0cf4 cfwids - ok
01:20:21.0031 0x0cf4 Changer - ok
01:20:21.0203 0x0cf4 [ D8EF9DDF0D8EB0C3ED59C0FABA97D499,

885B492603D55C4CB26A0616E1D7EE3ACFC1F35569C90E3B13B19F3FE313736A ] CiSvc

C:\WINDOWS\system32\cisvc.exe
01:20:39.0781 0x0cf4 CiSvc - ok
01:20:39.0906 0x0cf4 [ 764609692A63D7EA9B7051B923900301,

6B043466B065BB2DED97B06F0071D86DA044EB4D9FEE4DC08A7D6D12BA28A15E ] ClipSrv

   C:\WINDOWS\system32\clipsrv.exe
01:20:50.0453 0x0cf4 ClipSrv - ok
01:20:50.0562 0x0cf4 [ D87ACAED61E417BBA546CED5E7E36D9C,

14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ]

clr_optimization_v2.0.50727_32

c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:20:55.0640 0x0cf4 clr_optimization_v2.0.50727_32 - ok
01:20:55.0656 0x0cf4 CmdIde - ok
01:20:55.0656 0x0cf4 COMSysApp - ok
01:20:55.0843 0x0cf4 Cpqarray - ok
01:20:55.0906 0x0cf4 [ F81F67B1ACA9B7473F3DF67B24A66D61,

40C04EE9E460D1B0B36ACB818CFB18F405788A1E01C88D880BB6588D8593AF2A ] CryptSvc

     C:\WINDOWS\System32\cryptsvc.dll
01:21:01.0125 0x0cf4 CryptSvc - ok
01:21:01.0171 0x0cf4 [ ECDB9665937F737A7AB26390A6C68573,

8E9D3DBC1C75202F11F3B6D9071673C8F37994BD4341A3F259526D6B15E970D4 ] ctxusbm

    C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
01:21:07.0125 0x0cf4 ctxusbm - ok
01:21:07.0171 0x0cf4 dac2w2k - ok
01:21:07.0281 0x0cf4 dac960nt - ok
01:21:07.0828 0x0cf4 [ 6B27A5C03DFB94B4245739065431322C,

6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ]

DcomLaunch      C:\WINDOWS\system32\rpcss.dll
01:21:08.0828 0x0cf4 DcomLaunch - ok
01:21:08.0953 0x0cf4 [ 7EF07645D1AF5ACA0762F95E6F80D27F,

709D168F106876E1F170DB372E28F77AE6DC63F04E1FCA78EFE3AE4E6A9D26F2 ] Dhcp

C:\WINDOWS\System32\dhcpcsvc.dll
01:21:10.0515 0x0cf4 Dhcp - ok
01:21:10.0625 0x0cf4 [ 40A52785370971E2CD137A5811E11AA4,

842C76E628F99816E5CE64B8441C0EF82FBA9AD303F7709080713CC6A619DE3A ] Disk

C:\WINDOWS\system32\DRIVERS\disk.sys
01:21:13.0843 0x0cf4 Disk - ok
01:21:13.0875 0x0cf4 dmadmin - ok
01:21:14.0203 0x0cf4 [ FC6189CC82BD4A5738C0F2F08B478762,

FAE1982AA53D6B94912EF0554EB15A9DBB54D0484A223A0BB7F41EB015A92A36 ] dmboot

     C:\WINDOWS\system32\drivers\dmboot.sys
01:21:20.0937 0x0cf4 dmboot - ok
01:21:21.0031 0x0cf4 [ 672B7AF1E9AB4040D74370A3500E5E5C,

4D894DCED5158456E4DF63B7DB9A7C41AEC20D98691DF7472371B50850161FD9 ] dmio

   C:\WINDOWS\system32\drivers\dmio.sys
01:21:22.0171 0x0cf4 dmio - ok
01:21:22.0265 0x0cf4 [ E9317282A63CA4D188C0DF5E09C6AC5F,

D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload

C:\WINDOWS\system32\drivers\dmload.sys
01:21:23.0500 0x0cf4 dmload - ok
01:21:23.0750 0x0cf4 [ 4CFF9FF7E1A6414B23D001100EEA5FF7,

8BE62E94687B39DA7FA7AD63677F999687FFA6CDC62C720F510E2A05D4201DCD ] dmserver

       C:\WINDOWS\System32\dmserver.dll
01:21:24.0796 0x0cf4 dmserver - ok
01:21:25.0468 0x0cf4 [ 08F31922388CB31D32841690ACA1379A,

3D848BE892BF193DC8BC3BAA00E8E8BDCF16D151DA318ADE1DED580662CE1F08 ] DMusic

      C:\WINDOWS\system32\drivers\DMusic.sys
01:21:26.0500 0x0cf4 DMusic - ok
01:21:26.0609 0x0cf4 [ 5F7E24FA9EAB896051FFB87F840730D2,

356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ]

Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
01:21:28.0390 0x0cf4 Dnscache - ok
01:21:28.0687 0x0cf4 [ 241D6D615124B79D576C37D4C3C1B320,

169AE444BA34682FD0F6F71B95C4A7A22D1A07FCF011B02B9086EDE3F3E42A81 ] Dot3svc

   C:\WINDOWS\System32\dot3svc.dll
01:21:29.0671 0x0cf4 Dot3svc - ok
01:21:29.0687 0x0cf4 dpti2o - ok
01:21:29.0968 0x0cf4 [ 780426DAD0CEB30124A61A85D71E77D3,

4F5B861940E32AA1BE4BFA91432576640858CEC12FF9C98E863EEC20D8F81DFD ] drmkaud

    C:\WINDOWS\system32\drivers\drmkaud.sys
01:21:31.0359 0x0cf4 drmkaud - ok
01:21:31.0453 0x0cf4 [ 95974E66D3DE4951D29E28E8BC0B644C,

5737A2FB4D95AAB61A50E25CC570D78FC91C1A7B02754211B1B57DC4209A7D58 ] E100B

      C:\WINDOWS\system32\DRIVERS\e100b325.sys
01:21:32.0062 0x0cf4 E100B - ok
01:21:32.0140 0x0cf4 [ 531E7657D42B6849EE52AEB8C9DD601C,

2272D69C09AB1A7ED1F670C75FE3BA03065730A84CB2A0E57676D97E0307DFC5 ] EapHost

     C:\WINDOWS\System32\eapsvc.dll
01:21:32.0812 0x0cf4 EapHost - ok
01:21:32.0875 0x0cf4 [ C74E4CAD632295421255781787844C58,

50DAE9EC594FE82F2E5E1BB49F77224EF87A00CCB0E0B2D34A6BAB9143F3A2D7 ] ERSvc

C:\WINDOWS\System32\ersvc.dll
01:21:33.0593 0x0cf4 ERSvc - ok
01:21:33.0656 0x0cf4 [ 65DF52F5B8B6E9BBD183505225C37315,

59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog

    C:\WINDOWS\system32\services.exe
01:21:33.0796 0x0cf4 Eventlog - ok
01:21:33.0859 0x0cf4 [ D4991D98F2DB73C60D042F1AEF79EFAE,

58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ]

EventSystem     C:\WINDOWS\system32\Es.dll
01:21:34.0171 0x0cf4 EventSystem - ok
01:21:34.0234 0x0cf4 [ C473E4A84355A32B53F2F4CE3A0406EE,

31355D762D01AB33FB0AFC2985BFFB9DEF85880D1C025F93889F6A9527EAD030 ] Fastfat

C:\WINDOWS\system32\drivers\Fastfat.sys
01:21:36.0187 0x0cf4 Fastfat - ok
01:21:36.0390 0x0cf4 [ 99BC0B50F511924348BE19C7C7313BBF,

A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ]

FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:21:37.0218 0x0cf4 FastUserSwitchingCompatibility - ok
01:21:37.0312 0x0cf4 [ FA2D4AD77C535C75B00C799942FEE927,

BD685B891186CDE6268FF64B370EA6EFE1271F49908AF5F0284BC61CB459B38D ] Fdc

C:\WINDOWS\system32\DRIVERS\fdc.sys
01:21:38.0140 0x0cf4 Fdc - ok
01:21:38.0484 0x0cf4 [ 532B70A154643DC5D722EEC7E82B8446,

CAEACADF94A04B5F1826073D85668372F1633A40B0E106488DBA9011CCB0134A ] Fips

C:\WINDOWS\system32\drivers\Fips.sys
01:21:39.0250 0x0cf4 Fips - ok
01:21:39.0312 0x0cf4 [ B91B6DEF9522CDC7310ED88563FABC37,

E2E3D3A5EE360FB34D2EEA14044C8B49EDF056054F94FF228C9696DB9050D9A4 ] Flpydisk

C:\WINDOWS\system32\drivers\Flpydisk.sys
01:21:39.0906 0x0cf4 Flpydisk - ok
01:21:39.0968 0x0cf4 [ CDCACF60EB651F84F6307C7A4D5D26A0,

B1C832450ECAB4C3AF2CC3727DD9C74912C0BF6461F171F24BF992E1889B6932 ] FltMgr

C:\WINDOWS\system32\DRIVERS\fltMgr.sys
01:21:40.0750 0x0cf4 FltMgr - ok
01:21:40.0921 0x0cf4 [ 8BA7C024070F2B7FDD98ED8A4BA41789,

47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ]

FontCache3.0.0.0

c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:21:41.0250 0x0cf4 FontCache3.0.0.0 - ok
01:21:41.0562 0x0cf4 [ 02763B58A5FBADC5A5EDED4C4797ADAB,

F58BA7570E8AF5895795E1C03025C0801D9A3B7D8385CDE0B4E0C24A4E79F095 ]

FortiSslvpnDaemon C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
01:21:41.0984 0x0cf4 FortiSslvpnDaemon - ok
01:21:42.0093 0x0cf4 [ 790A4CA68F44BE35967B3DF61F3E4675,

7CBC77C620ABA75FEF4BA8AD9C38766D50CD18106EBA4693F162F2C5A7D46AA8 ]

FsUsbExDisk     C:\WINDOWS\system32\FsUsbExDisk.SYS
01:21:42.0234 0x0cf4 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
01:21:52.0234 0x0cf4 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
01:21:57.0171 0x0cf4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A,

EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec

C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:21:58.0343 0x0cf4 Fs_Rec - ok
01:21:58.0406 0x0cf4 [ 6AC26732762483366C3969C9E4D2259D,

FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk

C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:21:59.0640 0x0cf4 Ftdisk - ok
01:21:59.0937 0x0cf4 [ AB8A6A87D9D7255C3884D5B9541A6E80,

D073B5D8A06EFA6415E8F22DFE486DE913113AE23F59CFC5EEF1B3E694CE86F3 ]

GEARAspiWDM     C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
01:22:00.0265 0x0cf4 GEARAspiWDM - ok
01:22:01.0125 0x0cf4 [ A68D8864E187D6B4B60BBD9ABD51F57D,

484121122F9CC54CD093C34347B73452AAEB05FCF3004EC826D9ADE15D2EE3BB ] Gpc

   C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:22:01.0828 0x0cf4 Gpc - ok
01:22:03.0234 0x0cf4 [ 605CCC9CE1839BC5583017DF7CAE27A6,

F1F67830FC3531DFBDAF5315F59422438AB9F243D89491AC75D1818E7ED98B5D ] gupdate

    C:\Program Files\Google\Update\GoogleUpdate.exe
01:22:03.0703 0x0cf4 gupdate - ok
01:22:03.0781 0x0cf4 [ 605CCC9CE1839BC5583017DF7CAE27A6,

F1F67830FC3531DFBDAF5315F59422438AB9F243D89491AC75D1818E7ED98B5D ] gupdatem

      C:\Program Files\Google\Update\GoogleUpdate.exe
01:22:04.0234 0x0cf4 gupdatem - ok
01:22:07.0828 0x0cf4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C,

00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc

    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
01:22:08.0453 0x0cf4 gusvc - ok
01:22:10.0828 0x0cf4 [ 2A013E7530BEAB6E569FAA83F517E836,

481390EE00AF49BB54B8C885801FCAC0F87F4EF3D935ABBBA42B7C063EFDDB8F ]

HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
01:22:11.0171 0x0cf4 HdAudAddService - detected UnsignedFile.Multi.Generic ( 1 )
01:22:13.0984 0x0cf4 Detect skipped due to KSN trusted
01:22:13.0984 0x0cf4 HdAudAddService - ok
01:22:18.0609 0x0cf4 [ 3FCC124B6E08EE0E9351F717DD136939,

EBFE0FB51E14570A1A1D64C8E5383F3FF28509361D13945B79A9C551EB522012 ] HDAudBus

    C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:22:18.0734 0x0cf4 HDAudBus - detected UnsignedFile.Multi.Generic ( 1 )
01:22:21.0234 0x0cf4 Detect skipped due to KSN trusted
01:22:21.0234 0x0cf4 HDAudBus - ok
01:22:22.0031 0x0cf4 [ 9000FA63CFEAFDFD1D39655F8F111903,

866DEB075CDEFD40EA679DAADC97C07891D40392D6B6B34ACDAEF6CE68ED06A7 ]

helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:22:22.0406 0x0cf4 helpsvc - ok
01:22:25.0812 0x0cf4 [ 56296857059FA06E084AF9D0B1A9325D,

FD0629A486987126E0E47EBD936DECD1D4F50233E4636330875ABE73F6EF6C22 ] HidServ

C:\WINDOWS\System32\hidserv.dll
01:22:26.0578 0x0cf4 HidServ - ok
01:22:27.0156 0x0cf4 [ FFAFDE8424D92B4AEB72670F446D8F22,

1E0A0AA86E70A2B21DA188510E57F350620B3E006A09D3F15B5B605174934BF7 ] hidusb

C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:22:27.0640 0x0cf4 hidusb - ok
01:22:28.0656 0x0cf4 [ 156765F692192EA9039A6C4A809312FD,

73400BC5E5C92A2E7834CB8EB33B3D78BF73C875C98B1AD91B0112FBB8DB19E3 ] HipShieldK

     C:\WINDOWS\system32\drivers\HipShieldK.sys
01:22:29.0078 0x0cf4 HipShieldK - ok
01:22:29.0140 0x0cf4 [ 1DDD16693D34768F3DE24411F5735E86,

30324438A0A2F2E5AC47961519CDC02ED5C9246442440955F0D76C3E9DF99729 ] hkmsvc

     C:\WINDOWS\System32\kmsvc.dll
01:22:30.0421 0x0cf4 hkmsvc - ok
01:22:35.0171 0x0cf4 [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ]

HomeNetSvc      C:\Program Files\Common

Files\Mcafee\Platform\McSvcHost\McSvHost.exe
01:22:35.0343 0x0cf4 HomeNetSvc - ok
01:22:35.0359 0x0cf4 hpn - ok
01:22:36.0234 0x0cf4 [ 9F1D80908658EB7F1BF70809E0B51470,

84FD62D34BC63BA41027DD2164B1E4F86BC8783E8A601E9F189627A4B3D54AAA ] HPZid412

      C:\WINDOWS\system32\DRIVERS\HPZid412.sys
01:22:37.0000 0x0cf4 HPZid412 - ok
01:22:37.0687 0x0cf4 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3,

886A5222940A6E14B359B45AA158390468B601FB58949E7F5BEC93B5459AF689 ] HPZipr12

C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
01:22:38.0234 0x0cf4 HPZipr12 - ok
01:22:38.0718 0x0cf4 [ CF1B7951B4EC8D13F3C93B74BB2B461B,

3A1B8A9A9AB0E916288AD6198C377E3A4D278DB3D8DCD4299F0ADC83973F0495 ]

HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
01:22:39.0765 0x0cf4 HPZius12 - ok
01:22:44.0109 0x0cf4 [ F80A415EF82CD06FFAF0D971528EAD38,

524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP

C:\WINDOWS\system32\Drivers\HTTP.sys
01:22:44.0656 0x0cf4 HTTP - ok
01:22:45.0703 0x0cf4 [ BD8081AA24F116B2CA3CB91AB32A278A,

719083BBDA006D9571C5EEB373A809C277FEC6414F719DA91F5BE25D4B7ADD69 ] HTTPFilter

   C:\WINDOWS\System32\w3ssl.dll
01:22:46.0265 0x0cf4 HTTPFilter - ok
01:22:46.0265 0x0cf4 i2omgmt - ok
01:22:46.0281 0x0cf4 i2omp - ok
01:22:47.0125 0x0cf4 [ 72229484FDBB55A76CF2BF0A33C07199,

DE9AB328C18BDB1C5C8148E46E5F8A21AA273D213BEAF5FCE779B561F066B792 ] i8042prt

   C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:22:47.0328 0x0cf4 i8042prt - ok
01:22:53.0234 0x0cf4 [ 240D0F5D7CAAFD87BD8D801A97BBE041,

37CA330CE08A1A35C767D4512EA4832C98268B899B88E87A6F59FF5245652157 ] ialm

C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
01:22:54.0968 0x0cf4 ialm - ok
01:23:03.0015 0x0cf4 [ 1CF03C69B49ACB70C722DF92755C0C8C,

C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT

   C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
01:23:03.0609 0x0cf4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
01:23:13.0437 0x0cf4 Detect skipped due to KSN trusted
01:23:13.0437 0x0cf4 IDriverT - ok
01:23:17.0437 0x0cf4 [ C01AC32DC5C03076CFB852CB5DA5229C,

A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc

c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication

Foundation\infocard.exe
01:23:18.0593 0x0cf4 idsvc - ok
01:23:18.0687 0x0cf4 [ AAAE7F1F575C1C6573084E910660BE1B,

45A3D8B074470421BD4D63BBF31DB7D2CE059EAD55A1D485CE1AF00358830576 ] Imapi

    C:\WINDOWS\system32\DRIVERS\imapi.sys
01:23:35.0531 0x0cf4 Imapi - ok
01:23:44.0125 0x0cf4 [ CA6D1EE11B36A2FD7D2E4F82D8C0A429,

037D97C6D1B13FA4161157E287D642C6E85A1821441EA6D2AD8C28182B53DBBA ]

ImapiService    C:\WINDOWS\system32\imapi.exe
01:23:44.0500 0x0cf4 ImapiService - ok
01:23:44.0515 0x0cf4 ini910u - ok
01:23:56.0171 0x0cf4 [ B2957D6C1226F029230DAC2C46D34286,

C581D967C96DD3EC1DFFEDF01087A3042FED333CFF389698FCC7396B79B8C13F ]

IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:24:00.0718 0x0cf4 IntcAzAudAddService - ok
01:24:00.0796 0x0cf4 [ 6EB87B5EC638903470F6B0402EAD6599,

55A8F2EDB22974D8ECC41286F256E767FC85859A13C1F2AB881F00B026F53259 ] IntelIde

C:\WINDOWS\system32\DRIVERS\intelide.sys
01:24:12.0437 0x0cf4 IntelIde - ok
01:24:12.0609 0x0cf4 [ 514C5EE514CB699FBED51E74A220E261,

758C2D2A7F94A2805222763ED754C094BECB9A65EFA8855AC15A02C0BE02553C ] intelppm

       C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:24:13.0109 0x0cf4 intelppm - ok
01:24:13.0234 0x0cf4 [ C0E5E466FC2C126429728060B5CD92D9,

86C16FF88E66CCB92EE35022647DD94A46633534C3BC120C81AB719B4E0FF7C2 ] Ip6Fw

C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
01:24:13.0656 0x0cf4 Ip6Fw - ok
01:24:13.0781 0x0cf4 [ 731F22BA402EE4B62748ADAF6363C182,

5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ]

IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:24:15.0046 0x0cf4 IpFilterDriver - ok
01:24:15.0109 0x0cf4 [ 87DCEC7A87E8344E79DA035A5EDF8B0A,

3E866676CE0A0576F11C5C96FE18190B6E01A4B7BA8A7EA6822442C66036ABF7 ] IpInIp

C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:24:15.0484 0x0cf4 IpInIp - ok
01:24:15.0671 0x0cf4 [ 8EB436E01A5535DCD0ADA273CBD4F7B0,

779A9B40447E26FBD31F46B85BB9735FD74FD26E5EB5C038FF658A9F3A10AD75 ] IpNat

C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:24:16.0000 0x0cf4 IpNat - ok
01:24:16.0265 0x0cf4 [ 13F79A5C92BB6A07540B7A37AC2C4AAD,

1C6686738B6677DD961CCD4B8EC4F7B1ABADA67F3C904F6566ADA56FE77D68F4 ] IPSec

    C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:24:17.0015 0x0cf4 IPSec - ok
01:24:17.0250 0x0cf4 [ 6FA444F11B5213AD2048EA1ED5D58159,

627A3E89D329B90F22876B0211029D973A26C9536F6278B84BCDF269265DCEDE ] IRENUM

    C:\WINDOWS\system32\DRIVERS\irenum.sys
01:24:17.0656 0x0cf4 IRENUM - ok
01:24:17.0734 0x0cf4 [ 554AC08FFD31A9A4ED4337BA5F2B8702,

97B8D35324CA8A3C4ED14F33DC817434FF3CA521B42F634AD724528DF578CFCB ] isapnp

     C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:24:18.0328 0x0cf4 isapnp - ok
01:24:18.0453 0x0cf4 [ 6946E7C9B6ACB20CDDAC1F12E08FEB58,

6B27C44519E91A19971C6EF9AA21804EFE8E1206BDAA45BECA05B173B9A5C8F8 ] Kbdclass

     C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:24:18.0765 0x0cf4 Kbdclass - ok
01:24:18.0875 0x0cf4 [ DF27EE324113679647D7CDB4C2322458,

42CD14B6F5CA12B8A65B7781A188A29C81C38292A3B22B473EB85D6240D1BCC0 ] kbdhid

       C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:24:19.0187 0x0cf4 kbdhid - ok
01:24:19.0484 0x0cf4 [ 17566366EC1A5E48B9BA024DB7869B3D,

186C118FDCB156B1075BA6A28F3430E6AD19A123B17A0721F2E2210E92FBE6AF ] kmixer

C:\WINDOWS\system32\drivers\kmixer.sys
01:24:19.0703 0x0cf4 kmixer - ok
01:24:19.0984 0x0cf4 [ B467646C54CC746128904E1654C750C1,

3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD

     C:\WINDOWS\system32\drivers\KSecDD.sys
01:24:20.0671 0x0cf4 KSecDD - ok
01:24:21.0062 0x0cf4 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527,

0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ]

LanmanServer    C:\WINDOWS\System32\srvsvc.dll
01:24:27.0062 0x0cf4 LanmanServer - ok
01:24:27.0312 0x0cf4 [ A8888A5327621856C0CEC4E385F69309,

B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ]

lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:24:28.0218 0x0cf4 lanmanworkstation - ok
01:24:28.0218 0x0cf4 lbrtfdc - ok
01:24:28.0312 0x0cf4 [ D53F9AED00F107A77D421A82BC8CEA6A,

C17B8D3C3B6794FC761B42B5B6A962AD577FDD1F930111D90E4FD84A147FD910 ] LmHosts

    C:\WINDOWS\System32\lmhsvc.dll
01:24:30.0109 0x0cf4 LmHosts - ok
01:24:30.0109 0x0cf4 massfilter - ok
01:24:30.0312 0x0cf4 MBAMSwissArmy - ok
01:24:30.0687 0x0cf4 [ 0C422D003BB2EF1C98B4733C295B4F04,

DA1F484454D4EC80809AC301ED96683817D3AE4A6C26539B746582FD56C0B268 ] McAfee

SiteAdvisor Service c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
01:24:30.0828 0x0cf4 McAfee SiteAdvisor Service - ok
01:24:31.0343 0x0cf4 [ 16B115E3706F493BE99FCA5D75EE54CF,

CAEC1D17894EBBE303A23BD33B6E9DB9EFB670E31C7393812BCFB8B418FCD816 ] McAPExe

      C:\Program Files\McAfee\MSC\McAPExe.exe
01:24:31.0828 0x0cf4 McAPExe - ok
01:24:32.0140 0x0cf4 [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ]

McMPFSvc        C:\Program Files\Common

Files\Mcafee\Platform\McSvcHost\McSvHost.exe
01:24:32.0640 0x0cf4 McMPFSvc - ok
01:24:32.0796 0x0cf4 [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ]

McNaiAnn        C:\Program Files\Common

Files\McAfee\Platform\McSvcHost\McSvHost.exe
01:24:32.0828 0x0cf4 McNaiAnn - ok
01:24:33.0406 0x0cf4 [ F86C81CEAC145BC440BA18B55D88605B,

ABC3EEB7FEE3DEBBA4CA474AC7A61489424BB8F9D08281DFA0E3BA91BF7862E3 ] McODS

      C:\Program Files\McAfee\VirusScan\mcods.exe
01:24:34.0796 0x0cf4 McODS - ok
01:24:35.0109 0x0cf4 [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] mcpltsvc

      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
01:24:35.0156 0x0cf4 mcpltsvc - ok
01:24:35.0187 0x0cf4 [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] McProxy

      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
01:24:35.0218 0x0cf4 McProxy - ok
01:24:35.0390 0x0cf4 [ 571F38CFF87053ECEDCA3D2CDA963956,

83FB333B93B06B19FC6F753D1CDF1096966B302E0EE4C06F0E3F509773282A16 ] Messenger

   C:\WINDOWS\System32\msgsvc.dll
01:24:36.0062 0x0cf4 Messenger - ok
01:24:36.0468 0x0cf4 [ BD40B4F2E6282ADABE9D82E963DB42FB,

B35E94445B0178D750F9CFE0A260E576DCB0DD280E8B00F0767568C170690073 ] mfeapfk

   C:\WINDOWS\system32\drivers\mfeapfk.sys
01:24:36.0671 0x0cf4 mfeapfk - ok
01:24:36.0968 0x0cf4 [ 2AED3FE3E34AE751F4FD7EDF97B411F0,

A19836AC942375662E3F3D5E13A75AC16994432C2EAB5F56934DDA97E2FFEB40 ] mfeavfk

     C:\WINDOWS\system32\drivers\mfeavfk.sys
01:24:37.0640 0x0cf4 mfeavfk - ok
01:24:37.0843 0x0cf4 [ 4DA6C7377F721C1A621FBE0474A77D60,

25FA62B4D4198609F97F58C7E2DE50533337E21D768EC74C1E00141B08D76E40 ] mfebopk

   C:\WINDOWS\system32\drivers\mfebopk.sys
01:24:38.0062 0x0cf4 mfebopk - ok
01:24:38.0640 0x0cf4 [ E30103A209E0E0316E9B12B9C43F8063,

4BBA45946AF83BDAF167D43AEA9C8CCBF7F4E5A07E2E431AFB9863D0ECE83171 ] mfecore

      C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
01:24:54.0171 0x0cf4 mfecore - ok
01:24:54.0546 0x0cf4 [ 8020C7C06B9DDC3372A9A84844C03136,

24C0FCBBDCEEB9A804D6A160C904DBEFD2DF5C576856255CAC2206EC9A6C9809 ] mfefire

       C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
01:24:54.0578 0x0cf4 mfefire - ok
01:24:54.0609 0x0cf4 [ 496FA40A3D40A1158978498CFB814D9E,

FD31EC8114C784F741602AC7D584CD244482BB098BA2C2F49B06D2943BBA74A5 ] mfefirek

     C:\WINDOWS\system32\drivers\mfefirek.sys
01:24:55.0500 0x0cf4 mfefirek - ok
01:24:56.0218 0x0cf4 [ 7A4C47EB5772B5E4E99D01734A60679B,

7D6CE9EFC9AEA2A6A1C1CE12477BC7B21436CE4E497F04E1C43FA392C8092136 ] mfehidk

      C:\WINDOWS\system32\drivers\mfehidk.sys
01:24:57.0843 0x0cf4 mfehidk - ok
01:24:58.0281 0x0cf4 [ D7BDDB18EBAC819C627631EF0DBDB1E4,

1E2E64CD6FF61577308645705B79E72E70099F3B7E2C54E9837E7B3787F620A2 ] mfencbdc

C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
01:24:59.0390 0x0cf4 mfencbdc - ok
01:24:59.0500 0x0cf4 [ CF97DC38DFFCD838F0278F39910624CD,

E06857A891ADDC699B7D4D3D75FF25CC3CB31E8F1C21E9C8C21F5FB172CD86AA ] mfencrk

        C:\WINDOWS\system32\DRIVERS\mfencrk.sys
01:24:59.0718 0x0cf4 mfencrk - ok
01:24:59.0796 0x0cf4 [ C4CEBD21C39E2E7DBD156BC458F8EC7D,

8120677ECBA8A12F0C711986D9BF5154CE9D48C9463DB79445672C5595F3FC64 ] mfendisk

     C:\WINDOWS\system32\DRIVERS\mfendisk.sys
01:25:00.0187 0x0cf4 mfendisk - ok
01:25:00.0265 0x0cf4 [ C4CEBD21C39E2E7DBD156BC458F8EC7D,

8120677ECBA8A12F0C711986D9BF5154CE9D48C9463DB79445672C5595F3FC64 ]

mfendiskmp      C:\WINDOWS\system32\DRIVERS\mfendisk.sys
01:25:00.0312 0x0cf4 mfendiskmp - ok

01:25:00.0390 0x0cf4 [ C453856A058C6B3EB84D054173DDDC4D,

AFC25C058CE4255AA6E0A61CD4F3A0713015164F8F005313C88F2C9FB5A47B86 ] mfetdi2k

     C:\WINDOWS\system32\drivers\mfetdi2k.sys
01:25:00.0406 0x0cf4 mfetdi2k - ok
01:25:00.0546 0x0cf4 [ 9ECA2FA155897ED17E42AFC70F0CE01D,

D646CA71A99241D3E5C8A9521D5B18B17BB8F85115271C476FB0ED3E4A21987A ] mfevtp

    C:\WINDOWS\system32\mfevtps.exe
01:25:00.0984 0x0cf4 mfevtp - ok
01:25:01.0406 0x0cf4 Microsoft SharePoint Workspace Audit Service - ok
01:25:01.0578 0x0cf4 [ 4AE068242760A1FB6E1A44BF4E16AFA6,

1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd

      C:\WINDOWS\system32\drivers\mnmdd.sys
01:25:36.0343 0x0cf4 mnmdd - ok
01:25:36.0656 0x0cf4 [ FA7D23D3DD5E7CE0F6869A246C7FC7C3,

2856F2D86F000B74341C689B657E2D02F050831D6632029D389320894A278EA5 ] mnmsrvc

    C:\WINDOWS\system32\mnmsrvc.exe
01:25:40.0125 0x0cf4 mnmsrvc - ok
01:25:40.0812 0x0cf4 [ 24CFF4697702785872313159EC2434A2,

E8181A4E991F8AB33DB4C0378606A10033FEA06115C432C55142699E502D486D ] Mobile

Broadband HL Service C:\Documents and Settings\All Users\Application

Data\MobileBrServ\mbbservice.exe
01:25:42.0062 0x0cf4 Mobile Broadband HL Service - ok
01:25:42.0125 0x0cf4 [ 906499C774232C4C9444CC93425F05E2,

A4E24777112D69A6CFF4281A0398BFD89D7E98A6C21005C196063C3CD5215852 ] Modem

       C:\WINDOWS\system32\drivers\Modem.sys
01:25:43.0281 0x0cf4 Modem - ok
01:25:43.0421 0x0cf4 [ DB03590221F87989BE31209394E112D1,

565F6A8D5895118053A13BFDDB35F1A20C8891DB94EFA0BCA6D6283902F0A467 ] Mouclass

      C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:25:44.0546 0x0cf4 Mouclass - ok
01:25:44.0656 0x0cf4 [ B1C303E17FB9D46E87A98E4BA6769685,

161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid

      C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:25:45.0718 0x0cf4 mouhid - ok
01:25:45.0859 0x0cf4 [ 14FFB41E7DB770E282080E54240A6339,

71827917DBF688D9BAB555036DD21EB30C9853D6A032E80062BC6B3C07459AA4 ]

MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
01:25:46.0812 0x0cf4 MountMgr - ok
01:25:47.0031 0x0cf4 [ 88430BB53A4374E3D150C589F143E752,

CAFF8EBDE77742AAF07C47133931F6ECE17D48042782B20C9A57CCF5220CC01E ]

MozillaMaintenance C:\Program Files\Mozilla Maintenance

Service\maintenanceservice.exe
01:25:47.0328 0x0cf4 MozillaMaintenance - ok
01:25:47.0343 0x0cf4 mraid35x - ok
01:25:47.0484 0x0cf4 [ DC60415365C36FABEC85F02510D33A5C,

195B16E98B007F3B7186B413BC3304FECBDB628FE24E36ED612C267D5630B49E ] MRxDAV

   C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:25:48.0031 0x0cf4 MRxDAV - ok
01:25:48.0828 0x0cf4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0,

DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb

        C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:25:49.0468 0x0cf4 MRxSmb - ok
01:25:49.0609 0x0cf4 [ D4214476456F54ECF207F27F4A19AF30,

45ECDDB3F26EF9EA6090305FBC9391C81D8DDA4D98BC2437CA2C5CA6C7D06392 ] MSDTC

         C:\WINDOWS\system32\msdtc.exe
01:25:50.0640 0x0cf4 MSDTC - ok
01:25:50.0843 0x0cf4 [ E09362C993B1DFA569166DA45C7E0CB8,

6E52AA0CE81954407BA610D6F5F7691BBE69448DBEAD01E5E9C26D07CDEA7918 ] Msfs

C:\WINDOWS\system32\drivers\Msfs.sys
01:25:52.0656 0x0cf4 Msfs - ok
01:25:52.0656 0x0cf4 MSIServer - ok
01:25:52.0796 0x0cf4 [ 4159DBFF2C48D4BD59CD7130318BBECB,

311D55166479BA7AD1F7ACA59A6D82D2A77BF44AEA5E4C23FC44B93F215AE772 ]

MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:25:54.0218 0x0cf4 MSKSSRV - ok
01:25:54.0328 0x0cf4 [ 74BE6D8014EBC0996D43F29515442295,

A2EE5F4E93620459DCF94EB118164FECFADB07C4413F5EE6C64BCC2D41970305 ] MSPCLOCK

       C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:25:57.0437 0x0cf4 MSPCLOCK - ok
01:25:58.0078 0x0cf4 [ 9730536657538F248EE95973216DFF59,

4AE153D384A683114CA81A1E792D2F052286D664A6FD506E5D9A2D68D1F061BC ] MSPQM

        C:\WINDOWS\system32\drivers\MSPQM.sys
01:26:08.0687 0x0cf4 MSPQM - ok
01:26:08.0906 0x0cf4 [ 6A6F1B5F2E6079B6CEAC7FC0580961F3,

E417FAA2E6E005965A2B8A020D3A1F43EFFD8479F028B0FAC49A1723B34B5D61 ] mssmbios

     C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:26:10.0328 0x0cf4 mssmbios - ok
01:26:10.0453 0x0cf4 [ DE6A75F5C270E756C5508D94B6CF68F5,

FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup

   C:\WINDOWS\system32\drivers\Mup.sys
01:26:11.0671 0x0cf4 Mup - ok
01:26:12.0062 0x0cf4 [ 82A50BA9567F710A8BA6E0AFDE613104,

AC674184C9F322EA8BE3D0C08A4BE1FD59858C4D403E3820028A86C2234A286A ]

napagent        C:\WINDOWS\System32\qagentrt.dll
01:26:12.0984 0x0cf4 napagent - ok
01:26:13.0140 0x0cf4 [ 104EFCE994264E4B36C1B6F5A846EB60,

BCC9ADD954CA7869032E197DD521E96AF66FD9AF0E105D52B1D42D1E322C72EF ] NDIS

    C:\WINDOWS\system32\drivers\NDIS.sys
01:26:13.0921 0x0cf4 NDIS - ok
01:26:14.0093 0x0cf4 [ 0109C4F3850DFBAB279542515386AE22,

4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi

    C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:26:15.0281 0x0cf4 NdisTapi - ok
01:26:15.0531 0x0cf4 [ 4B51239904FFB424BF6ED20EE6860836,

AD67E3333A7D49CB41EAF3B9DC988CF35657A388A0DAF4CB1AB36EABA9FC4F9A ] Ndisuio

        C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:26:16.0203 0x0cf4 Ndisuio - ok
01:26:16.0531 0x0cf4 [ 6CC11A564FCD95313B0385C6787BBFFE,

95F3725DBE60D0CB30D1B63BA34E4A7B1A776CB5E8555DAC68AF49CEDD88FEFB ] NdisWan

       C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:26:17.0234 0x0cf4 NdisWan - ok
01:26:17.0484 0x0cf4 [ 2F597BB467E05B1FE3830EABD821B8E0,

141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy

     C:\WINDOWS\system32\drivers\NDProxy.sys
01:26:17.0828 0x0cf4 NDProxy - ok
01:26:17.0921 0x0cf4 [ A012EC6D73B1ACBB876DC0EFBE0FAFEE,

27F07379BAAED37B1A3D3E25D7A8E3D0A8F88E0C9CEAD283540BFEA314FD3635 ] NetBIOS

      C:\WINDOWS\system32\DRIVERS\netbios.sys
01:26:18.0625 0x0cf4 NetBIOS - ok
01:26:18.0812 0x0cf4 [ B24ED3A4966D1A9251899025759DC847,

1A1A03CAE4AE456A84E8C505788C938F28A23B28EBBBF36E06D468C9DEE97438 ] NetBT

   C:\WINDOWS\system32\DRIVERS\netbt.sys
01:26:25.0562 0x0cf4 NetBT - ok
01:26:25.0734 0x0cf4 [ C57B297C446A41FC2C7732F483382553,

99B803C9ECFB4BE963D89B148C9073A8A62B4C5012022A22AB0B876E2C993B01 ] NetDDE

     C:\WINDOWS\system32\netdde.exe
01:26:26.0406 0x0cf4 NetDDE - ok
01:26:26.0515 0x0cf4 [ C57B297C446A41FC2C7732F483382553,

99B803C9ECFB4BE963D89B148C9073A8A62B4C5012022A22AB0B876E2C993B01 ]

NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
01:26:27.0171 0x0cf4 NetDDEdsdm - ok
01:26:27.0250 0x0cf4 [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ] Netlogon

    C:\WINDOWS\system32\lsass.exe
01:26:28.0015 0x0cf4 Netlogon - ok
01:26:28.0187 0x0cf4 [ A6F2589CD87CB2C53CA8B7F2BDC855DF,

4C3B247FFBB57F8F0AAC65EA1AB5B20DD5424868823D00CAD0A44A31872A59C1 ] Netman

         C:\WINDOWS\System32\netman.dll
01:26:28.0812 0x0cf4 Netman - ok
01:26:29.0437 0x0cf4 [ D34612C5D02D026535B3095D620626AE,

1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ]

NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows

Communication Foundation\SMSvcHost.exe
01:26:29.0953 0x0cf4 NetTcpPortSharing - ok
01:26:30.0046 0x0cf4 [ 1BC1CBE1423F6E5AF2630FAFCA6C6C72,

0BB48FEB4663A229C82B4F74A737855CD8653789CE541AF4078A482A3BFB9830 ] NIC1394

    C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:26:30.0421 0x0cf4 NIC1394 - ok
01:26:30.0578 0x0cf4 [ 943337D786A56729263071623BBB9DE5,

B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla

C:\WINDOWS\System32\mswsock.dll
01:26:31.0562 0x0cf4 Nla - ok
01:26:31.0625 0x0cf4 [ C636EB36039B02E6C595D6D7C31D0F1C,

1E87B326616A5799C70CA7D494E005FB0A718E4A1A4BDC726D81AF390F860431 ] nm

C:\WINDOWS\system32\DRIVERS\NMnt.sys
01:26:31.0953 0x0cf4 nm - ok
01:26:32.0093 0x0cf4 [ 8209AEFF434C0D37543930AAD855BB79,

62E35233A356ACD8B198E9F979C6B940E262DCEBE9DBA996532AE4D647F913DA ] Npfs

C:\WINDOWS\system32\drivers\Npfs.sys
01:26:34.0234 0x0cf4 Npfs - ok
01:26:34.0718 0x0cf4 [ 3E8A141DCBEB618ADD4126A61CF264DD,

C8EB329B05D9993EC33EB21332BB00B654815C33506FD50F9A6CDA527C062EDD ] Ntfs

C:\WINDOWS\system32\drivers\Ntfs.sys
01:26:36.0343 0x0cf4 Ntfs - ok
01:26:36.0546 0x0cf4 [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ] NtLmSsp

    C:\WINDOWS\system32\lsass.exe
01:26:37.0453 0x0cf4 NtLmSsp - ok
01:26:37.0953 0x0cf4 [ 05D072BADDAC2FF15D5382A391F0897A,

37A1E901FAF5243EB4EEA81481B6C67D33EF62403BAEE390F3185FE6763FA17E ] NtmsSvc

C:\WINDOWS\system32\ntmssvc.dll
01:26:40.0062 0x0cf4 NtmsSvc - ok
01:26:40.0156 0x0cf4 [ 73C1E1F395918BC2C6DD67AF7591A3AD,

B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null

C:\WINDOWS\system32\drivers\Null.sys
01:26:41.0687 0x0cf4 Null - ok
01:26:42.0000 0x0cf4 [ BA53B9653D079E32BC8E8737117B5BFC,

2C5784AEA591CFBA392057D90D1460801BCD44EE42A46918ED46EA6DC25A617E ]

NWCWorkstation C:\WINDOWS\System32\nwwks.dll
01:26:45.0359 0x0cf4 NWCWorkstation - ok
01:26:45.0562 0x0cf4 [ B305F3FAD35083837EF46A0BBCE2FC57,

9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt

     C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:26:46.0281 0x0cf4 NwlnkFlt - ok
01:26:46.0421 0x0cf4 [ C99B3415198D1AAB7227F2C88FD664B9,

DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd

       C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:26:47.0312 0x0cf4 NwlnkFwd - ok
01:26:47.0531 0x0cf4 [ DBC474CA8EFE2501ED38B688DA94DD08,

D1940127C5E20867190014BE74AA59F38234C9AE9EA1E6BA15EDA98B25B67CDC ] NwlnkIpx

       C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
01:26:48.0531 0x0cf4 NwlnkIpx - ok
01:26:48.0609 0x0cf4 [ 56D34A67C05E94E16377C60609741FF8,

ABE48D3E7D38DB20E9D4884FC6FE42FAE0C5FAFD3AC86F1E585A4BB17C6F09C5 ] NwlnkNb

       C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
01:26:49.0609 0x0cf4 NwlnkNb - ok
01:26:49.0890 0x0cf4 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0,

899905C0EB182ABCDAE0D0D749C0BC39CD231B9FAEE733D5DFDAE86EB8BC755B ]

NwlnkSpx        C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
01:26:51.0109 0x0cf4 NwlnkSpx - ok
01:26:51.0343 0x0cf4 [ 9FB5C83D05AE3EB2B691F574F61F51E3,

5A023D50C7B26B6CD72E17B1A982133E781C57436DCCEF218D32AFCEDC6C9223 ] NWRDR

        C:\WINDOWS\system32\DRIVERS\nwrdr.sys
01:27:10.0812 0x0cf4 NWRDR - ok
01:27:11.0125 0x0cf4 [ 4B83FCBBE72AF5F99D109798653E8B78,

E646F6D365392890A3618D54D25EC4E1182400C4FF258158DBA24F814BC8C990 ]

NwSapAgent      C:\WINDOWS\System32\ipxsap.dll
01:27:11.0687 0x0cf4 NwSapAgent - ok
01:27:11.0796 0x0cf4 [ DB8294873A9CFC7482E76BFCABBE7BE5,

54D7AADB42444E746FE9227B973369E50A65DD999256C273DE59E2FCB6DAF1BE ] ohci1394

     C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:27:12.0281 0x0cf4 ohci1394 - ok
01:27:12.0578 0x0cf4 [ C3E24FBFA4C3291A5E5310609A58DB2E,

CC49A52348B880B68CF403D27FB82A2FA4DE0450F37A5F45A40E101D41E5F984 ] ose

C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:27:12.0609 0x0cf4 ose - ok
01:27:13.0671 0x0cf4 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7,

F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc

C:\Program Files\Common Files\Microsoft

Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:27:25.0046 0x0cf4 osppsvc - ok
01:27:25.0218 0x0cf4 [ 31ACEC5ABBBC4F9037DB1333F1663FCD,

F0EF83370420B6C0A5570F0D29BDFDA9EE2CF80DFBB6C1A762B8F8A7409DBABF ] Parport

C:\WINDOWS\system32\DRIVERS\parport.sys
01:27:50.0625 0x0cf4 Parport - ok
01:27:50.0765 0x0cf4 [ 07F08CDC6BCF2257BD884C3EE91288DB,

46AF692E242074FA212123E48EEEE36AD940D9EC8F2FA54270CBA6B76194FA8E ] PartMgr

C:\WINDOWS\system32\drivers\PartMgr.sys
01:27:51.0421 0x0cf4 PartMgr - ok
01:27:51.0656 0x0cf4 [ 70E98B3FD8E963A6A46A2E6247E0BEA1,

6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm

    C:\WINDOWS\system32\drivers\ParVdm.sys
01:27:52.0578 0x0cf4 ParVdm - ok
01:27:52.0843 0x0cf4 [ 175CC28DCF819F78CAA3FBD44AD9E52A,

C00F17040440E5C10439FF8110368A7813BD197E96338FD3703C86E399E27128 ] pccsmcfd

   C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
01:28:00.0359 0x0cf4 pccsmcfd - ok
01:28:00.0500 0x0cf4 [ 5DE1E01E77255550E0038EFF628F202E,

F1DF76DE2E97AC95F526E36783CA27D97B632A3E7A228A7D32834C553A61E459 ] PCI

C:\WINDOWS\system32\DRIVERS\pci.sys
01:28:02.0140 0x0cf4 PCI - ok
01:28:02.0265 0x0cf4 PCIDump - ok
01:28:02.0375 0x0cf4 [ CCF5F451BB1A5A2A522A76E670000FF0,

D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde

C:\WINDOWS\system32\drivers\PCIIde.sys
01:28:04.0109 0x0cf4 PCIIde - ok
01:28:04.0562 0x0cf4 [ BB7884FD8831691778F009A9A827401C,

1DFA7EC0473ECA16642021A4EB43CE52798D07A198DEAEF527E051551E751746 ] Pcmcia

    C:\WINDOWS\system32\drivers\Pcmcia.sys
01:28:07.0484 0x0cf4 Pcmcia - ok
01:28:07.0484 0x0cf4 PDCOMP - ok
01:28:07.0500 0x0cf4 PDFRAME - ok
01:28:07.0500 0x0cf4 PDRELI - ok
01:28:07.0515 0x0cf4 PDRFRAME - ok
01:28:07.0515 0x0cf4 perc2 - ok
01:28:07.0531 0x0cf4 perc2hib - ok
01:28:07.0609 0x0cf4 [ 65DF52F5B8B6E9BBD183505225C37315,

59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay

    C:\WINDOWS\system32\services.exe
01:28:09.0671 0x0cf4 PlugPlay - ok
01:28:10.0343 0x0cf4 [ 9D84376931440F3679BEEF2A414FA493,

C800227A67C3C10A26114DB54F5390D2A475D36BE65E87CB890A6819B0BB4884 ] Pml

Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
01:28:11.0203 0x0cf4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
01:28:22.0125 0x0cf4 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
01:28:22.0203 0x0cf4 Force sending object to P2P due to detect: Pml Driver HPZ12
01:28:33.0515 0x0cf4 Object send P2P result: true
01:28:37.0531 0x0cf4 [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ]

PolicyAgent     C:\WINDOWS\system32\lsass.exe
01:29:03.0968 0x0cf4 PolicyAgent - ok
01:29:04.0671 0x0cf4 [ 4FB133321E33CF310B0010F7F3631536,

FC31C0BC624FC1D2FFD839044B99BE6B361AED0A82FB553DA9FCA6F6CDE1FDFD ] pppop

      C:\WINDOWS\system32\DRIVERS\pppop.sys
01:29:05.0250 0x0cf4 pppop - ok
01:29:07.0250 0x0cf4 [ 6F8D4E8942170430E1E8E1392BE1C7E2,

6348B949FE12FEB3DD9ECD82D852165EEA4F03C045E9B99AE0857ABF6735BB96 ]

PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:29:27.0312 0x0cf4 PptpMiniport - ok
01:29:27.0640 0x0cf4 [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ]

ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:29:27.0953 0x0cf4 ProtectedStorage - ok
01:29:28.0718 0x0cf4 [ 5F03F871DC8C223334BA91FC980E8EAF,

E5C9955428B2A6BBFBE99AF87EBAC14B287A920CC4423BD1846B6725755DFCAA ] PSched

      C:\WINDOWS\system32\DRIVERS\psched.sys
01:29:29.0281 0x0cf4 PSched - ok
01:29:29.0406 0x0cf4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD,

DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink

C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:29:29.0734 0x0cf4 Ptilink - ok
01:29:29.0734 0x0cf4 ql1080 - ok
01:29:29.0750 0x0cf4 Ql10wnt - ok
01:29:29.0750 0x0cf4 ql12160 - ok
01:29:29.0796 0x0cf4 ql1240 - ok
01:29:29.0796 0x0cf4 ql1280 - ok
01:29:31.0171 0x0cf4 [ FE0D99D6F31E4FAD8159F690D68DED9C,

998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd

C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:29:31.0468 0x0cf4 RasAcd - ok
01:29:32.0406 0x0cf4 [ C2605EA65BF1B052E42D752FA7FCFDA5,

F8E93E2F0DADE459E022D951A65D45A267C121043692BAFB635D101F16492BB3 ] RasAuto

   C:\WINDOWS\System32\rasauto.dll
01:29:34.0968 0x0cf4 RasAuto - ok
01:29:36.0062 0x0cf4 [ 0ACC9422B1029011D057FBABEC4C5FA9,

75A5FAF7E0A4E81BBADEFAFA1E35631CC7668491840D3A641EB3CC50D8602B1A ] Rasl2tp

     C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:29:36.0484 0x0cf4 Rasl2tp - ok
01:29:36.0859 0x0cf4 [ 67872BE9182B9FF39B2759E91EAC5D06,

A463B28927CB085838B8946A657D1D6C5E78033D4BEADA798168F78A08842E19 ] RasMan

      C:\WINDOWS\System32\rasmans.dll
01:29:37.0562 0x0cf4 RasMan - ok
01:29:39.0453 0x0cf4 [ 11C361AA15FB8E72118BD8415E6DBD7F,

0AE124F11E9B5BCA53FB7FBB977D663BB4FAE8D0D03ED19BC1460B61797BB39A ] RasPppoe

     C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:29:40.0312 0x0cf4 RasPppoe - ok
01:29:41.0125 0x0cf4 [ FDBB1D60066FCFBB7452FD8F9829B242,

10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti

    C:\WINDOWS\system32\DRIVERS\raspti.sys
01:29:41.0718 0x0cf4 Raspti - ok
01:29:41.0984 0x0cf4 [ 567B201561F77ED347C5BE8820D55B2D,

6CBC82464846C5DABFC537AA80DF6901C41773A1C611F626DF3F7922B7764D68 ] Rdbss

    C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:29:42.0796 0x0cf4 Rdbss - ok
01:29:43.0578 0x0cf4 [ 4912D5B403614CE99C28420F75353332,

975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD

C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:29:43.0968 0x0cf4 RDPCDD - ok
01:29:44.0359 0x0cf4 [ 689D94F2D76C44EEEF04113B74F652E4,

91DA8843C790FB7C3B939B6ED30FFF6BEEEE8BDCC655E70654A21E880C3BB2DC ] rdpdr

C:\WINDOWS\system32\DRIVERS\rdpdr.sys
01:29:45.0421 0x0cf4 rdpdr - ok
01:29:46.0968 0x0cf4 [ 43AF5212BD8FB5BA6EED9754358BD8F7,

AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD

        C:\WINDOWS\system32\drivers\RDPWD.sys
01:29:49.0250 0x0cf4 RDPWD - ok
01:29:50.0218 0x0cf4 [ 25DBECA33C5FE916490B6FAAE307DE55,

F845A972F94981E5D47C564072BF619DB646F922C78CAF8EC5956980469B9E03 ] RDSessMgr

    C:\WINDOWS\system32\sessmgr.exe
01:29:51.0593 0x0cf4 RDSessMgr - ok
01:29:52.0328 0x0cf4 [ EBE526E35F00189AFBD4FE379C76E416,

5E60736BCE339D08B78F5CE37DF51233AAEFC60D74CF5C892B529FAB9438868D ] redbook

     C:\WINDOWS\system32\DRIVERS\redbook.sys
01:29:53.0265 0x0cf4 redbook - ok
01:29:55.0734 0x0cf4 [ 7A11E5CDF3F6FCDFDEA885B5889B2369,

C1C12852786FDAEA478001E3B2FFE85EB8220C387772DB05BDA8781E9BA412EC ]

RemoteAccess    C:\WINDOWS\System32\mprdim.dll
01:29:56.0328 0x0cf4 RemoteAccess - ok
01:29:58.0406 0x0cf4 [ 14EB586446F5A6C17CCC685DDA3B91BE,

707F8F0D8A742A5E6E984C8AC69E115A9A8223ECFBF20929ECF08F1F3BA18CF4 ]

RemoteRegistry C:\WINDOWS\system32\regsvc.dll
01:29:59.0281 0x0cf4 RemoteRegistry - ok
01:30:01.0406 0x0cf4 [ AD60DCBEDADA52BF6C03717E822F176D,

A1E74C6BD2A447F0FE1C2460E731DDFFB9893DDB07663F9B62C3C2598E6BC2FA ]

RpcLocator      C:\WINDOWS\system32\locator.exe
01:30:02.0031 0x0cf4 RpcLocator - ok
01:30:03.0187 0x0cf4 [ 6B27A5C03DFB94B4245739065431322C,

6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs

   C:\WINDOWS\system32\rpcss.dll
01:30:04.0359 0x0cf4 RpcSs - ok
01:30:10.0328 0x0cf4 [ 471B3F9741D762ABE75E9DEEA4787E47,

D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP

       C:\WINDOWS\system32\rsvp.exe
01:30:10.0953 0x0cf4 RSVP - ok
01:30:12.0437 0x0cf4 [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ] SamSs

C:\WINDOWS\system32\lsass.exe
01:30:13.0484 0x0cf4 SamSs - ok
01:30:14.0765 0x0cf4 [ 191626FB54124AEFB11948D9CBB56AA8,

2AFFB5ACBAAA9D3089F77B37BA323C4A51F12FFFD79DC571C2239E1D3583EAA7 ]

SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
01:30:20.0046 0x0cf4 SCardSvr - ok
01:30:20.0546 0x0cf4 [ B1AAF8F173BB05E9FF544642D12936F6,

6D3D5976A86530EFC774E75E7A1050FEDDC8F8F18FBCD820E4285E4262D0930B ] Schedule

    C:\WINDOWS\system32\schedsvc.dll
01:30:21.0453 0x0cf4 Schedule - ok
01:30:22.0437 0x0cf4 [ 90A3935D05B494A5A39D37E71F09A677,

F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv

   C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:30:23.0625 0x0cf4 Secdrv - ok
01:30:24.0890 0x0cf4 [ F11FD54B991831EE3E64D677008F862F,

EB24675DF3018CE61F560DF555E88A8DC0E63C22F76996DB2D3E72E8428294DD ] seclogon

    C:\WINDOWS\System32\seclogon.dll
01:30:25.0609 0x0cf4 seclogon - ok
01:30:26.0546 0x0cf4 [ 8A85AE71E0B5B01E565582B8DA6A70B3,

06A2CFB7176FD47DBA7122F2C3DC4FD77FE9E12A0058E2022BC48072FBEBE3EA ] SENS

C:\WINDOWS\system32\sens.dll
01:30:27.0000 0x0cf4 SENS - ok
01:30:28.0468 0x0cf4 [ D39C4A6ACB529BE4FFA5E49EECCBBC5B,

7603395B6CD312A5F87E796BD4B1C629430CDCF9ADE6F1C683F179E36A1A37A0 ] Serial

C:\WINDOWS\system32\drivers\Serial.sys
01:30:28.0890 0x0cf4 Serial - ok
01:30:30.0968 0x0cf4 [ 9D38320BB32230349379DF5DDBBF7FCE,

8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ]

ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

01:30:31.0953 0x0cf4 ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
01:30:35.0140 0x0cf4 Detect skipped due to KSN trusted
01:30:35.0140 0x0cf4 ServiceLayer - ok
01:30:35.0421 0x0cf4 [ 16C82920B49D58548DDE524BD91FE275,

1E4B417504E2023C026303878912C6FED58FBA439647E6DF877DE69FFD115F22 ] Sfloppy

C:\WINDOWS\system32\drivers\Sfloppy.sys
01:30:36.0062 0x0cf4 Sfloppy - ok
01:30:37.0343 0x0cf4 [ CF0E8BD38C8E3FF71E4659B2ED9F7220,

86497B0071FA254D57F69D0E871490C625A01CCADA1C750817545DB181E415E7 ]

SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
01:30:38.0906 0x0cf4 SharedAccess - ok
01:30:40.0187 0x0cf4 [ 99BC0B50F511924348BE19C7C7313BBF,

A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ]

ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:30:41.0234 0x0cf4 ShellHWDetection - ok
01:30:41.0234 0x0cf4 Simbad - ok
01:30:41.0250 0x0cf4 Sparrow - ok
01:30:41.0968 0x0cf4 [ 56D1314C6B52622B7B33F4B5941C07BC,

4F0A9F9A27926597E75B3A08CCB6B27DA5E99C62C47A300D111595FCC4236CE6 ] splitter

   C:\WINDOWS\system32\drivers\splitter.sys
01:30:42.0312 0x0cf4 splitter - ok
01:30:42.0984 0x0cf4 [ 60784F891563FB1B767F70117FC2428F,

E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler

C:\WINDOWS\system32\spoolsv.exe
01:30:43.0734 0x0cf4 Spooler - ok
01:30:44.0671 0x0cf4 [ F434259611A11E8B9F9E94454171DCDB,

0CAB9FC49FBA288B745DE5DB844BEBF95EDDCF336D80FBB16ECB2DB55174E605 ] sr

C:\WINDOWS\system32\DRIVERS\sr.sys
01:30:45.0359 0x0cf4 sr - ok
01:30:46.0390 0x0cf4 [ C48C9775ADF79320DE07A354D3F2FA48,

D6CAE90ED5149DE44071B7D115EE6A686081D0AC519D5613D4E2BDC80D300445 ] srservice

      C:\WINDOWS\system32\srsvc.dll
01:30:47.0250 0x0cf4 srservice - ok
01:30:48.0234 0x0cf4 [ 959F0206D46CE43F1EB0A5B4D508B35F,

2A672E2CFD9C4D1A3EE1E1174EE8D7E54EFAF782902194CF53089690BE993702 ]

SRS_HDAL_Service C:\WINDOWS\system32\drivers\SRS_HDAL_i386.sys
01:30:49.0921 0x0cf4 SRS_HDAL_Service - ok
01:30:50.0718 0x0cf4 [ 47DDFC2F003F7F9F0592C6874962A2E7,

17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv

C:\WINDOWS\system32\DRIVERS\srv.sys
01:30:52.0250 0x0cf4 Srv - ok
01:30:52.0687 0x0cf4 [ 42A3A34B5D59D3CF54C683FEEF5AB900,

E24E638D42F27897AEE84CD7B1EE561BC4D30BCF436F90355DC115D18D47AA56 ] SSDPSRV

      C:\WINDOWS\System32\ssdpsrv.dll
01:30:53.0093 0x0cf4 SSDPSRV - ok
01:30:54.0156 0x0cf4 [ CC01384090411493D4F5439D0C70716B,

F4E2B5CE16510AD143E95D384B3308105BAEB6228018A32948F4EF4D119F2771 ] stisvc

C:\WINDOWS\system32\wiaservc.dll
01:30:56.0921 0x0cf4 stisvc - ok
01:30:57.0156 0x0cf4 [ 0C749E7ECE8794AE1794099C1953DB9E,

AF3DFBCBA6FB0A89DD8104CDBE2CABFA51526ADFB66183AFCF3FFBAD5C2E00CD ]

swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
01:30:58.0171 0x0cf4 swenum - ok
01:30:58.0250 0x0cf4 [ D0DCD940E9301ADD51DF993313F3115B,

4B2A33658B4873961B6899B8A8B012A6D10354B323624D0CF01F144E6FBE8AB5 ] swmidi

C:\WINDOWS\system32\drivers\swmidi.sys
01:30:59.0296 0x0cf4 swmidi - ok
01:30:59.0312 0x0cf4 SwPrv - ok
01:30:59.0328 0x0cf4 symc810 - ok
01:30:59.0328 0x0cf4 symc8xx - ok
01:30:59.0343 0x0cf4 SymIM - ok
01:30:59.0359 0x0cf4 SymIMMP - ok
01:30:59.0359 0x0cf4 sym_hi - ok
01:30:59.0375 0x0cf4 sym_u3 - ok
01:30:59.0656 0x0cf4 [ 1E993BDA05D911D49FF5531EA6D1B8CD,

8ABAED03EF72C186A40EA54F10F9A8C592F7FA820D26DE2E8F0F4538785E8D8B ] sysaudio

   C:\WINDOWS\system32\drivers\sysaudio.sys
01:31:00.0453 0x0cf4 sysaudio - ok
01:31:01.0312 0x0cf4 [ 1C6A886F04E74A20183DD032C6CE6456,

D0C6CEEA14997C83424694521342903F0F9AD49E16568C3CDB3CA6DB65809388 ]

SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
01:31:02.0062 0x0cf4 SysmonLog - ok
01:31:03.0187 0x0cf4 [ 74F2AE529878B494BD928CB64B490220,

FFF69DE198F5E4C8FCF2E11A98CC962F335BD79E39256389C1333F103B3E7155 ] TapiSrv

C:\WINDOWS\System32\tapisrv.dll
01:31:03.0953 0x0cf4 TapiSrv - ok
01:31:04.0562 0x0cf4 [ 9AEFA14BD6B182D61E3119FA5F436D3D,

EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip

C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:31:05.0718 0x0cf4 Tcpip - ok
01:31:06.0156 0x0cf4 [ FC56140FDBB88B504E9D745C1E3ABB1C,

97D947BBD572C4BA9D9326F1E52D100B36C4EC9A477CD0BAAC559CD3C3BB8285 ] TDPIPE

       C:\WINDOWS\system32\drivers\TDPIPE.sys
01:31:06.0796 0x0cf4 TDPIPE - ok
01:31:07.0218 0x0cf4 [ 66B2C34BFFE6E5FF9FC226F7DDDECEF5,

E5CEE937C35EF2D8966145C6224A4428B1BD76F99D4DE89D0FE90E9F6531A6B0 ] TDTCP

C:\WINDOWS\system32\drivers\TDTCP.sys
01:31:07.0671 0x0cf4 TDTCP - ok
01:31:07.0718 0x0cf4 TeamViewer4 - ok
01:31:08.0375 0x0cf4 [ 3CA25BF3B7391D4AD0C6F1DC8D1B717D,

67DB6A52B7C974884F0D13028437C34B5D12FD1A8E7D83AB258592BCF70F5C24 ] TermDD

     C:\WINDOWS\system32\DRIVERS\termdd.sys
01:31:13.0046 0x0cf4 TermDD - ok
01:31:15.0140 0x0cf4 [ 6BD9B61403E1A9B366FB46FD66464940,

29AA5540CF4F96150D0699A8A20AFBA35909E7B3FEDC6139F43D729452347531 ]

TermService     C:\WINDOWS\System32\termsrv.dll
01:31:17.0109 0x0cf4 TermService - ok
01:31:17.0281 0x0cf4 [ 99BC0B50F511924348BE19C7C7313BBF,

A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes

     C:\WINDOWS\System32\shsvcs.dll
01:31:17.0609 0x0cf4 Themes - ok
01:31:18.0109 0x0cf4 [ 51FB761031E14B1FA7AFDA9E01C22A1E,

CC3D6F577EB7881D55E957AAD364E4F58433E8D9E4286DF95E9E1EBCA9A87E8A ] TlntSvr

C:\WINDOWS\system32\tlntsvr.exe
01:31:19.0531 0x0cf4 TlntSvr - ok
01:31:19.0546 0x0cf4 TosIde - ok
01:31:19.0578 0x0cf4 [ 1C968E4691B63F5B86C4C65C12D7D206,

55BCF8CC630185793A9DEA39431E3A7514E7B0C33C10D80BD1D14BDA3CE65885 ] TrkWks

      C:\WINDOWS\system32\trkwks.dll
01:31:21.0015 0x0cf4 TrkWks - ok
01:31:21.0500 0x0cf4 [ 885ED0A5A38E4DB0B97837B647E26F5F,

94EEB4D8B73CA254141DFAC116F4F7DD003FB17749214EA5F1FE434637CAEA28 ] Udfs

C:\WINDOWS\system32\drivers\Udfs.sys
01:31:22.0265 0x0cf4 Udfs - ok
01:31:22.0343 0x0cf4 ultra - ok
01:31:23.0734 0x0cf4 [ A2CE1DAB37EDB7A596966FA4BAA93BBD,

F31F4EDC3168541ED1BE89D42D38821DB26F7EE62BF584AD6E080F352BC5B5F8 ] Update

C:\WINDOWS\system32\DRIVERS\update.sys
01:31:24.0515 0x0cf4 Update - ok
01:31:25.0250 0x0cf4 [ 3F8D788E067268FEEA1C79B5907B9556,

64DBABFE31452FC5FC187434A6040F1CE8C26FA2CA8EF62591E677FF69A51613 ] upnphost

    C:\WINDOWS\System32\upnphost.dll
01:31:25.0468 0x0cf4 upnphost - ok
01:31:26.0125 0x0cf4 [ E876879DEC4509FFD26CAC208FDCB4FE,

3F55BA66BACBB6586797D115D4C21C61305740919221BBA59CD97FA29162FADA ] UPS

   C:\WINDOWS\System32\ups.exe
01:31:27.0140 0x0cf4 UPS - ok
01:31:27.0859 0x0cf4 [ 1B611611C28D2DF25BC057D79C6F13FC,

B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp

     C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:31:28.0187 0x0cf4 usbccgp - ok
01:31:29.0250 0x0cf4 [ 4BAC8DF07F1D8434FC640E677A62204E,

76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci

C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:31:35.0078 0x0cf4 usbehci - ok
01:31:35.0156 0x0cf4 [ 23397705CAE15D9C3AB04B6CCB51F588,

0537D09B6DA65290DB70AA268521E6DACD8236464339595E53110D001704A4D3 ] usbhub

      C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:31:35.0515 0x0cf4 usbhub - ok
01:31:37.0703 0x0cf4 [ 2B772ECE9D1701B875259EBBDB0BAAD7,

ABA36A5A186B906A0E25A8EC2735DD4F0F27FDFD5B6EB015BB4D8244C097A291 ] usbprint

     C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:31:39.0171 0x0cf4 usbprint - ok
01:31:39.0468 0x0cf4 [ F8EDE2B6928970DCE3D5614C27D9E7F6,

6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan

      C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:31:39.0812 0x0cf4 usbscan - ok
01:31:39.0843 0x0cf4 [ BA215DD63AE739565ECB443D265CE0C6,

C7416E6A379C67CF758B9FC8FCFA04E91CDFD631D68FF4DD24485402197160DA ] usbstor

    C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:31:40.0218 0x0cf4 usbstor - ok
01:31:42.0046 0x0cf4 [ 49470AA99527B811CE4A46D2F6DF5ACE,

CC7719D6F3A1CB0BDC72FD605E7E56BBBF5554E399BD7A5A1CE02D7B6E4A7D1A ] usbuhci

       C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:31:42.0546 0x0cf4 usbuhci - ok
01:31:44.0312 0x0cf4 [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E,

CFA47A71403419CA7C94333B4F7766DFC97C5DCDBC3AD1B106044B93C979A5C5 ]

usb_rndisx      C:\WINDOWS\system32\DRIVERS\usb8023x.sys
01:31:44.0859 0x0cf4 usb_rndisx - ok
01:31:46.0562 0x0cf4 [ 5437703622D5E398E45F5A0578A191BA,

DFD6A24E169F5B31138D7E27788B25EC09BCEE7365ECAD7B0E5965704796D826 ] VgaSave

     C:\WINDOWS\System32\drivers\vga.sys
01:31:47.0140 0x0cf4 VgaSave - ok
01:31:47.0140 0x0cf4 ViaIde - ok
01:31:48.0484 0x0cf4 [ 4B7A8D499374EDE1FDC7CEC22094E12E,

AC0E0079C908798FB3C1FD60A9A534041B73F145F4AD8751308E0D9FFC8A539D ] VolSnap

     C:\WINDOWS\system32\drivers\VolSnap.sys
01:31:49.0609 0x0cf4 VolSnap - ok
01:31:50.0640 0x0cf4 [ 19BDE11A7EE797908E252677932A0964,

E342C64B125745DD9187F1E55AA5D41B28FD04F13B5AA5E1B681B881F012E381 ] VSS

C:\WINDOWS\System32\vssvc.exe
01:31:51.0078 0x0cf4 VSS - ok
01:31:51.0531 0x0cf4 [ DB5633CF64637919A002B5AECC76A9B5,

6EECF5F4CB63791E6BB75228FDE1D236731D129CC7490569489F52646B92A165 ] W32Time

   C:\WINDOWS\system32\w32time.dll
01:31:51.0953 0x0cf4 W32Time - ok
01:31:52.0468 0x0cf4 [ 91A407C7F833BCF97240564FD44B1A66,

B6A9AE1FB53D8E0B868694B0F758D1C09F8256F1C2D562B36CC673DA8482E60A ] Wanarp

     C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:31:52.0734 0x0cf4 Wanarp - ok
01:31:52.0734 0x0cf4 WDICA - ok
01:31:52.0796 0x0cf4 [ 76E4B15C066144E711464F72D7B27AF3,

3D91304EBEDEE3788C647697D1082CE7DB5C91F12A7ED46B568BD7BC224A1398 ] wdmaud

       C:\WINDOWS\system32\drivers\wdmaud.sys
01:31:54.0046 0x0cf4 wdmaud - ok
01:31:54.0515 0x0cf4 [ F98737AD88563DD7A5CEB01A6F14C273,

2D62B880C0A326B993BD76B76DC130E2FDF9CA2F4FC53D159F09C2DE623E7EC8 ]

WebClient       C:\WINDOWS\System32\webclnt.dll
01:31:55.0296 0x0cf4 WebClient - ok
01:31:56.0625 0x0cf4 [ 6A5011B6CDC97EFB2624DC84CEEE10A0,

78DA902E8EF669ED1C4100734AD8F2F65A37C621F1579078CAF2B5EB67CAAF14 ] winmgmt

       C:\WINDOWS\system32\wbem\WMIsvc.dll
01:31:58.0671 0x0cf4 winmgmt - ok
01:31:59.0250 0x0cf4 [ C51B4A5C05A5475708E3C81C7765B71D,

F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ]

WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
01:32:00.0296 0x0cf4 WmdmPmSN - ok
01:32:00.0546 0x0cf4 [ E76F8807070ED04E7408A86D6D3A6137,

BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi

C:\WINDOWS\System32\advapi32.dll
01:32:01.0750 0x0cf4 Wmi - ok
01:32:02.0625 0x0cf4 [ 1176656B002BB4983185279A560D6CDC,

9D7AFAC5D9833FD94D76ADB23223E7AE09E0A94EB50FD847EB9EBD6CB529300F ]

WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:32:04.0234 0x0cf4 WmiApSrv - ok
01:32:07.0234 0x0cf4 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B,

C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ]

WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
01:32:09.0468 0x0cf4 WMPNetworkSvc - ok
01:32:10.0656 0x0cf4 [ CF4DEF1BF66F06964DC0D91844239104,

CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb

       C:\WINDOWS\system32\DRIVERS\wpdusb.sys
01:32:11.0093 0x0cf4 WpdUsb - ok
01:32:12.0109 0x0cf4 [ 6ABE6E225ADB5A751622A9CC3BC19CE8,

4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL

C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:32:12.0390 0x0cf4 WS2IFSL - ok
01:32:12.0546 0x0cf4 [ 7D9199D9006D8FCBCCF3C6416F939B16,

720F29755D1DACF19D640A94FB60CC1E55C6931DC5726DF0A51DD089129AEDA8 ] wscsvc

        C:\WINDOWS\system32\wscsvc.dll
01:32:12.0828 0x0cf4 wscsvc - ok
01:32:13.0468 0x0cf4 [ D17E3330856C16B51651F9431FE197AC,

D0DAB5ABED706DDEC7817D7FA8B7D753A69D24BE41FA7CA42C61C2C3FC79735B ]

wuauserv        C:\WINDOWS\system32\wuauserv.dll
01:32:13.0812 0x0cf4 wuauserv - ok
01:32:14.0359 0x0cf4 [ F15FEAFFFBB3644CCC80C5DA584E6311,

79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf

C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:32:15.0093 0x0cf4 WudfPf - ok
01:32:15.0609 0x0cf4 [ 28B524262BCE6DE1F7EF9F510BA3985B,

AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd

C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:32:15.0843 0x0cf4 WudfRd - ok
01:32:16.0656 0x0cf4 [ 05231C04253C5BC30B26CBAAE680ED89,

5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc

     C:\WINDOWS\System32\WUDFSvc.dll
01:32:16.0984 0x0cf4 WudfSvc - ok
01:32:18.0843 0x0cf4 [ 578F0A329CF1AB10715AB437CFAF8DDA,

D919409126307C89F02BD7165C2123F5452D469751FD4D4954D73CEC7FB89852 ] WZCSVC

     C:\WINDOWS\System32\wzcsvc.dll
01:32:19.0875 0x0cf4 WZCSVC - ok
01:32:20.0078 0x0cf4 [ 57F89D9888665E43C9CC14537C8EE465,

088B3EBC6E470EE71BEA514ED1EF94CF57D44C547FCD959970E3E5271493D61F ] xmlprov

C:\WINDOWS\System32\xmlprov.dll
01:32:20.0421 0x0cf4 xmlprov - ok
01:32:20.0500 0x0cf4 ZTEusbmdm6k - ok
01:32:20.0578 0x0cf4 ZTEusbnmea - ok
01:32:20.0609 0x0cf4 ZTEusbser6k - ok
01:32:20.0921 0x0cf4 ================ Scan global

===============================
01:32:21.0937 0x0cf4 [ CC6C9961669EA568BEF904B3C021400A,

A69F19FC88F11B7FB6BFA77E48221997F286AF8F420292F0B77BC7F95EB0B4C9 ]

C:\WINDOWS\system32\basesrv.dll
01:32:23.0140 0x0cf4 [ 69AE2B2E6968C316536E5B10B9702E63,

D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ]

C:\WINDOWS\system32\winsrv.dll
01:32:25.0062 0x0cf4 [ 69AE2B2E6968C316536E5B10B9702E63,

D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ]

C:\WINDOWS\system32\winsrv.dll
01:32:25.0093 0x0cf4 [ 65DF52F5B8B6E9BBD183505225C37315,

59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ]

C:\WINDOWS\system32\services.exe
01:32:25.0218 0x0cf4 [ Global ] - ok
01:32:25.0234 0x0cf4 ================ Scan MBR

==================================
01:32:26.0203 0x0cf4 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
01:33:20.0578 0x0cf4 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
01:33:20.0578 0x0cf4 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
01:33:35.0609 0x0cf4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
01:33:36.0734 0x0cf4 \Device\Harddisk1\DR3 - ok
01:33:36.0734 0x0cf4 ================ Scan VBR

==================================
01:33:36.0921 0x0cf4 [ A01C37FD692844334BFB51BA5A242959 ]

\Device\Harddisk0\DR0\Partition1
01:33:37.0031 0x0cf4 \Device\Harddisk0\DR0\Partition1 - ok
01:33:37.0187 0x0cf4 [ 98D4DF7763E9A31F4D7999E7322846ED ]

\Device\Harddisk0\DR0\Partition2
01:33:37.0343 0x0cf4 \Device\Harddisk0\DR0\Partition2 - ok
01:33:37.0359 0x0cf4 [ 4D3A561E27E04DD90604852103E212E7 ]

\Device\Harddisk1\DR3\Partition1
01:33:37.0375 0x0cf4 \Device\Harddisk1\DR3\Partition1 - ok
01:33:37.0375 0x0cf4 ================ Scan active images

========================
01:33:37.0375 0x0cf4 [ 514C5EE514CB699FBED51E74A220E261,

758C2D2A7F94A2805222763ED754C094BECB9A65EFA8855AC15A02C0BE02553C ]

C:\WINDOWS\system32\drivers\intelppm.sys
01:33:37.0375 0x0cf4 C:\WINDOWS\system32\drivers\intelppm.sys - ok
01:33:37.0375 0x0cf4 [ D4548661AC07876D04759AF39826F8B3,

A7CBA3B0255AE5C7F92E69E0B6C18E2A687BE275A0177475165B7A71AD9B2A58 ]

C:\WINDOWS\system32\drivers\videoprt.sys
01:33:37.0375 0x0cf4 C:\WINDOWS\system32\drivers\videoprt.sys - ok
01:33:37.0375 0x0cf4 [ 240D0F5D7CAAFD87BD8D801A97BBE041,

37CA330CE08A1A35C767D4512EA4832C98268B899B88E87A6F59FF5245652157 ]

C:\WINDOWS\system32\drivers\ialmnt5.sys
01:33:37.0375 0x0cf4 C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
01:33:37.0390 0x0cf4 [ 3FCC124B6E08EE0E9351F717DD136939,

EBFE0FB51E14570A1A1D64C8E5383F3FF28509361D13945B79A9C551EB522012 ]

C:\WINDOWS\system32\drivers\hdaudbus.sys
01:33:37.0390 0x0cf4 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
01:33:37.0390 0x0cf4 [ 6DF35CA139C3BC15CC74390ABB114EFE,

5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ]

C:\WINDOWS\system32\drivers\usbport.sys
01:33:37.0390 0x0cf4 C:\WINDOWS\system32\drivers\usbport.sys - ok
01:33:37.0390 0x0cf4 [ 49470AA99527B811CE4A46D2F6DF5ACE,

CC7719D6F3A1CB0BDC72FD605E7E56BBBF5554E399BD7A5A1CE02D7B6E4A7D1A ]

C:\WINDOWS\system32\drivers\usbuhci.sys
01:33:37.0390 0x0cf4 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
01:33:37.0406 0x0cf4 [ 4BAC8DF07F1D8434FC640E677A62204E,

76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ]

C:\WINDOWS\system32\drivers\usbehci.sys
01:33:37.0406 0x0cf4 C:\WINDOWS\system32\drivers\usbehci.sys - ok
01:33:37.0421 0x0cf4 [ D3F0349D5AE463CD2155A7B7653104BB,

BC977E3D69180F98A81649AEDCC9213645329FBDDFAA52F8298C4047C854F2F1 ]

C:\WINDOWS\system32\drivers\ks.sys
01:33:37.0421 0x0cf4 C:\WINDOWS\system32\drivers\ks.sys - ok
01:33:37.0421 0x0cf4 [ 34F27C7D71F1C49C7D3857F28B42F544,

C307405BC92E174BF696F9A5EC844A95AD983AE2C4223C89F445D89A3361A232 ]

C:\WINDOWS\system32\drivers\AGRSM.sys
01:33:37.0421 0x0cf4 C:\WINDOWS\system32\drivers\AGRSM.sys - ok
01:33:37.0421 0x0cf4 [ 906499C774232C4C9444CC93425F05E2,

A4E24777112D69A6CFF4281A0398BFD89D7E98A6C21005C196063C3CD5215852 ]

C:\WINDOWS\system32\drivers\modem.sys
01:33:37.0421 0x0cf4 C:\WINDOWS\system32\drivers\modem.sys - ok
01:33:37.0421 0x0cf4 [ 95974E66D3DE4951D29E28E8BC0B644C,

5737A2FB4D95AAB61A50E25CC570D78FC91C1A7B02754211B1B57DC4209A7D58 ]

C:\WINDOWS\system32\drivers\e100b325.sys
01:33:37.0421 0x0cf4 C:\WINDOWS\system32\drivers\e100b325.sys - ok
01:33:37.0437 0x0cf4 [ FA2D4AD77C535C75B00C799942FEE927,

BD685B891186CDE6268FF64B370EA6EFE1271F49908AF5F0284BC61CB459B38D ]

C:\WINDOWS\system32\drivers\fdc.sys
01:33:37.0437 0x0cf4 C:\WINDOWS\system32\drivers\fdc.sys - ok
01:33:37.0437 0x0cf4 [ 1BC1CBE1423F6E5AF2630FAFCA6C6C72,

0BB48FEB4663A229C82B4F74A737855CD8653789CE541AF4078A482A3BFB9830 ]

C:\WINDOWS\system32\drivers\nic1394.sys
01:33:37.0437 0x0cf4 C:\WINDOWS\system32\drivers\nic1394.sys - ok
01:33:37.0437 0x0cf4 [ 31ACEC5ABBBC4F9037DB1333F1663FCD,

F0EF83370420B6C0A5570F0D29BDFDA9EE2CF80DFBB6C1A762B8F8A7409DBABF ]

C:\WINDOWS\system32\drivers\parport.sys
01:33:37.0437 0x0cf4 C:\WINDOWS\system32\drivers\parport.sys - ok
01:33:37.0453 0x0cf4 [ D9F724AA26C010A217C97606B160ED68,

329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ]

C:\WINDOWS\system32\drivers\audstub.sys
01:33:37.0453 0x0cf4 C:\WINDOWS\system32\drivers\audstub.sys - ok
01:33:37.0453 0x0cf4 [ F18AB264458913B1304FE899F5FA68FB,

D7250EF6DC09DCAE45E25E69DDD037183BEE192ACA4C8E97975E559A935512DE ]

C:\WINDOWS\system32\drivers\cdrom.sys
01:33:37.0453 0x0cf4 C:\WINDOWS\system32\drivers\cdrom.sys - ok
01:33:37.0453 0x0cf4 [ AB8A6A87D9D7255C3884D5B9541A6E80,

D073B5D8A06EFA6415E8F22DFE486DE913113AE23F59CFC5EEF1B3E694CE86F3 ]

C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
01:33:37.0453 0x0cf4 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
01:33:37.0468 0x0cf4 [ AAAE7F1F575C1C6573084E910660BE1B,

45A3D8B074470421BD4D63BBF31DB7D2CE059EAD55A1D485CE1AF00358830576 ]

C:\WINDOWS\system32\drivers\imapi.sys
01:33:37.0468 0x0cf4 C:\WINDOWS\system32\drivers\imapi.sys - ok
01:33:37.0468 0x0cf4 [ EBE526E35F00189AFBD4FE379C76E416,

5E60736BCE339D08B78F5CE37DF51233AAEFC60D74CF5C892B529FAB9438868D ]

C:\WINDOWS\system32\drivers\redbook.sys
01:33:37.0468 0x0cf4 C:\WINDOWS\system32\drivers\redbook.sys - ok
01:33:37.0468 0x0cf4 [ C4CEBD21C39E2E7DBD156BC458F8EC7D,

8120677ECBA8A12F0C711986D9BF5154CE9D48C9463DB79445672C5595F3FC64 ]

C:\WINDOWS\system32\drivers\mfendisk.sys
01:33:37.0468 0x0cf4 C:\WINDOWS\system32\drivers\mfendisk.sys - ok
01:33:37.0468 0x0cf4 [ 0109C4F3850DFBAB279542515386AE22,

4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ]

C:\WINDOWS\system32\drivers\ndistapi.sys
01:33:37.0468 0x0cf4 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
01:33:37.0484 0x0cf4 [ 6CC11A564FCD95313B0385C6787BBFFE,

95F3725DBE60D0CB30D1B63BA34E4A7B1A776CB5E8555DAC68AF49CEDD88FEFB ]

C:\WINDOWS\system32\drivers\ndiswan.sys
01:33:37.0484 0x0cf4 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
01:33:37.0484 0x0cf4 [ 0ACC9422B1029011D057FBABEC4C5FA9,

75A5FAF7E0A4E81BBADEFAFA1E35631CC7668491840D3A641EB3CC50D8602B1A ]

C:\WINDOWS\system32\drivers\rasl2tp.sys
01:33:37.0484 0x0cf4 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
01:33:37.0484 0x0cf4 [ 11C361AA15FB8E72118BD8415E6DBD7F,

0AE124F11E9B5BCA53FB7FBB977D663BB4FAE8D0D03ED19BC1460B61797BB39A ]

C:\WINDOWS\system32\drivers\raspppoe.sys
01:33:37.0484 0x0cf4 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
01:33:37.0484 0x0cf4 [ 6F8D4E8942170430E1E8E1392BE1C7E2,

6348B949FE12FEB3DD9ECD82D852165EEA4F03C045E9B99AE0857ABF6735BB96 ]

C:\WINDOWS\system32\drivers\raspptp.sys
01:33:37.0484 0x0cf4 C:\WINDOWS\system32\drivers\raspptp.sys - ok
01:33:37.0500 0x0cf4 [ D8B19A32CB30C3D4F4D332CF0D9C416C,

4A08A8235F9724AD0AE63D6CBF06D75B906CDA1C05EA844D48D671D2413080AF ]

C:\WINDOWS\system32\drivers\tdi.sys
01:33:37.0500 0x0cf4 C:\WINDOWS\system32\drivers\tdi.sys - ok
01:33:37.0500 0x0cf4 [ A68D8864E187D6B4B60BBD9ABD51F57D,

484121122F9CC54CD093C34347B73452AAEB05FCF3004EC826D9ADE15D2EE3BB ]

C:\WINDOWS\system32\drivers\msgpc.sys
01:33:37.0500 0x0cf4 C:\WINDOWS\system32\drivers\msgpc.sys - ok
01:33:37.0500 0x0cf4 [ 5F03F871DC8C223334BA91FC980E8EAF,

E5C9955428B2A6BBFBE99AF87EBAC14B287A920CC4423BD1846B6725755DFCAA ]

C:\WINDOWS\system32\drivers\psched.sys
01:33:37.0500 0x0cf4 C:\WINDOWS\system32\drivers\psched.sys - ok
01:33:37.0515 0x0cf4 [ 2AED3FE3E34AE751F4FD7EDF97B411F0,

A19836AC942375662E3F3D5E13A75AC16994432C2EAB5F56934DDA97E2FFEB40 ]

C:\WINDOWS\system32\drivers\mfeavfk.sys
01:33:37.0515 0x0cf4 C:\WINDOWS\system32\drivers\mfeavfk.sys - ok
01:33:37.0515 0x0cf4 [ 496FA40A3D40A1158978498CFB814D9E,

FD31EC8114C784F741602AC7D584CD244482BB098BA2C2F49B06D2943BBA74A5 ]

C:\WINDOWS\system32\drivers\mfefirek.sys
01:33:37.0515 0x0cf4 C:\WINDOWS\system32\drivers\mfefirek.sys - ok
01:33:37.0515 0x0cf4 [ D7BDDB18EBAC819C627631EF0DBDB1E4,

1E2E64CD6FF61577308645705B79E72E70099F3B7E2C54E9837E7B3787F620A2 ]

C:\WINDOWS\system32\drivers\mfencbdc.sys
01:33:37.0515 0x0cf4 C:\WINDOWS\system32\drivers\mfencbdc.sys - ok
01:33:37.0515 0x0cf4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD,

DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ]

C:\WINDOWS\system32\drivers\ptilink.sys
01:33:37.0515 0x0cf4 C:\WINDOWS\system32\drivers\ptilink.sys - ok
01:33:37.0531 0x0cf4 [ 4FB133321E33CF310B0010F7F3631536,

FC31C0BC624FC1D2FFD839044B99BE6B361AED0A82FB553DA9FCA6F6CDE1FDFD ]

C:\WINDOWS\system32\drivers\pppop.sys
01:33:37.0531 0x0cf4 C:\WINDOWS\system32\drivers\pppop.sys - ok
01:33:37.0531 0x0cf4 [ FDBB1D60066FCFBB7452FD8F9829B242,

10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ]

C:\WINDOWS\system32\drivers\raspti.sys
01:33:37.0531 0x0cf4 C:\WINDOWS\system32\drivers\raspti.sys - ok
01:33:37.0531 0x0cf4 [ 689D94F2D76C44EEEF04113B74F652E4,

91DA8843C790FB7C3B939B6ED30FFF6BEEEE8BDCC655E70654A21E880C3BB2DC ]

C:\WINDOWS\system32\drivers\rdpdr.sys
01:33:37.0531 0x0cf4 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
01:33:37.0546 0x0cf4 [ 3CA25BF3B7391D4AD0C6F1DC8D1B717D,

67DB6A52B7C974884F0D13028437C34B5D12FD1A8E7D83AB258592BCF70F5C24 ]

C:\WINDOWS\system32\drivers\termdd.sys
01:33:37.0546 0x0cf4 C:\WINDOWS\system32\drivers\termdd.sys - ok
01:33:37.0546 0x0cf4 [ 6946E7C9B6ACB20CDDAC1F12E08FEB58,

6B27C44519E91A19971C6EF9AA21804EFE8E1206BDAA45BECA05B173B9A5C8F8 ]

C:\WINDOWS\system32\drivers\kbdclass.sys
01:33:37.0546 0x0cf4 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
01:33:37.0546 0x0cf4 [ DB03590221F87989BE31209394E112D1,

565F6A8D5895118053A13BFDDB35F1A20C8891DB94EFA0BCA6D6283902F0A467 ]

C:\WINDOWS\system32\drivers\mouclass.sys
01:33:37.0546 0x0cf4 C:\WINDOWS\system32\drivers\mouclass.sys - ok
01:33:37.0546 0x0cf4 [ 0C749E7ECE8794AE1794099C1953DB9E,

AF3DFBCBA6FB0A89DD8104CDBE2CABFA51526ADFB66183AFCF3FFBAD5C2E00CD ]

C:\WINDOWS\system32\drivers\swenum.sys
01:33:37.0546 0x0cf4 C:\WINDOWS\system32\drivers\swenum.sys - ok
01:33:37.0562 0x0cf4 [ A2CE1DAB37EDB7A596966FA4BAA93BBD,

F31F4EDC3168541ED1BE89D42D38821DB26F7EE62BF584AD6E080F352BC5B5F8 ]

C:\WINDOWS\system32\drivers\update.sys
01:33:37.0562 0x0cf4 C:\WINDOWS\system32\drivers\update.sys - ok
01:33:37.0562 0x0cf4 [ 6A6F1B5F2E6079B6CEAC7FC0580961F3,

E417FAA2E6E005965A2B8A020D3A1F43EFFD8479F028B0FAC49A1723B34B5D61 ]

C:\WINDOWS\system32\drivers\mssmbios.sys
01:33:37.0562 0x0cf4 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
01:33:37.0562 0x0cf4 [ 2F597BB467E05B1FE3830EABD821B8E0,

141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ]

C:\WINDOWS\system32\drivers\ndproxy.sys
01:33:37.0562 0x0cf4 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
01:33:37.0578 0x0cf4 [ 46DFA070FBB267DF73C97239A18FABE0,

2064ED5EF64E7AC078500D21995AB13EEE45280427503A4CCFC6F70B39F4A0FD ]

C:\WINDOWS\system32\drivers\drmk.sys
01:33:37.0578 0x0cf4 C:\WINDOWS\system32\drivers\drmk.sys - ok
01:33:37.0578 0x0cf4 [ 281F73D9354B069A77F45CE2EFFC1445,

4C1D69DC90D822DE91CE8415E8A012903A78A04799557B935795039396C08A91 ]

C:\WINDOWS\system32\drivers\portcls.sys
01:33:37.0578 0x0cf4 C:\WINDOWS\system32\drivers\portcls.sys - ok
01:33:37.0578 0x0cf4 [ B2957D6C1226F029230DAC2C46D34286,

C581D967C96DD3EC1DFFEDF01087A3042FED333CFF389698FCC7396B79B8C13F ]

C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:33:37.0578 0x0cf4 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
01:33:37.0578 0x0cf4 [ 04FE5EF6ED4818EC4839EA5C611A6310,

666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ]

C:\WINDOWS\system32\drivers\usbd.sys
01:33:37.0578 0x0cf4 C:\WINDOWS\system32\drivers\usbd.sys - ok
01:33:37.0593 0x0cf4 [ 23397705CAE15D9C3AB04B6CCB51F588,

0537D09B6DA65290DB70AA268521E6DACD8236464339595E53110D001704A4D3 ]

C:\WINDOWS\system32\drivers\usbhub.sys
01:33:37.0593 0x0cf4 C:\WINDOWS\system32\drivers\usbhub.sys - ok
01:33:37.0593 0x0cf4 [ C1B486A7658353D33A10CC15211A873B,

AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ]

C:\WINDOWS\system32\drivers\cdaudio.sys
01:33:37.0593 0x0cf4 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
01:33:37.0593 0x0cf4 [ B91B6DEF9522CDC7310ED88563FABC37,

E2E3D3A5EE360FB34D2EEA14044C8B49EDF056054F94FF228C9696DB9050D9A4 ]

C:\WINDOWS\system32\drivers\flpydisk.sys
01:33:37.0593 0x0cf4 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
01:33:37.0609 0x0cf4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A,

EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ]

C:\WINDOWS\system32\drivers\fs_rec.sys
01:33:37.0609 0x0cf4 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
01:33:37.0609 0x0cf4 [ 16C82920B49D58548DDE524BD91FE275,

1E4B417504E2023C026303878912C6FED58FBA439647E6DF877DE69FFD115F22 ]

C:\WINDOWS\system32\drivers\sfloppy.sys
01:33:37.0609 0x0cf4 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
01:33:37.0609 0x0cf4 [ DA1F27D85E0D1525F6621372E7B685E9,

5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ]

C:\WINDOWS\system32\drivers\beep.sys
01:33:37.0609 0x0cf4 C:\WINDOWS\system32\drivers\beep.sys - ok
01:33:37.0625 0x0cf4 [ C569EF030B11F896E123A30AC92678DB,

F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ]

C:\WINDOWS\system32\drivers\hidparse.sys
01:33:37.0625 0x0cf4 C:\WINDOWS\system32\drivers\hidparse.sys - ok
01:33:37.0625 0x0cf4 [ 72229484FDBB55A76CF2BF0A33C07199,

DE9AB328C18BDB1C5C8148E46E5F8A21AA273D213BEAF5FCE779B561F066B792 ]

C:\WINDOWS\system32\drivers\i8042prt.sys
01:33:37.0625 0x0cf4 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
01:33:37.0625 0x0cf4 [ DF27EE324113679647D7CDB4C2322458,

42CD14B6F5CA12B8A65B7781A188A29C81C38292A3B22B473EB85D6240D1BCC0 ]

C:\WINDOWS\system32\drivers\kbdhid.sys
01:33:37.0625 0x0cf4 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
01:33:37.0625 0x0cf4 [ 73C1E1F395918BC2C6DD67AF7591A3AD,

B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ]

C:\WINDOWS\system32\drivers\null.sys
01:33:37.0625 0x0cf4 C:\WINDOWS\system32\drivers\null.sys - ok
01:33:37.0640 0x0cf4 [ 5437703622D5E398E45F5A0578A191BA,

DFD6A24E169F5B31138D7E27788B25EC09BCEE7365ECAD7B0E5965704796D826 ]

C:\WINDOWS\system32\drivers\vga.sys

01:33:37.0640 0x0cf4 C:\WINDOWS\system32\drivers\vga.sys - ok
01:33:37.0640 0x0cf4 [ 4AE068242760A1FB6E1A44BF4E16AFA6,

1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ]

C:\WINDOWS\system32\drivers\mnmdd.sys
01:33:37.0640 0x0cf4 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
01:33:37.0640 0x0cf4 [ E09362C993B1DFA569166DA45C7E0CB8,

6E52AA0CE81954407BA610D6F5F7691BBE69448DBEAD01E5E9C26D07CDEA7918 ]

C:\WINDOWS\system32\drivers\msfs.sys
01:33:37.0640 0x0cf4 C:\WINDOWS\system32\drivers\msfs.sys - ok
01:33:37.0656 0x0cf4 [ 4912D5B403614CE99C28420F75353332,

975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ]

C:\WINDOWS\system32\drivers\rdpcdd.sys
01:33:37.0656 0x0cf4 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
01:33:37.0656 0x0cf4 [ 8209AEFF434C0D37543930AAD855BB79,

62E35233A356ACD8B198E9F979C6B940E262DCEBE9DBA996532AE4D647F913DA ]

C:\WINDOWS\system32\drivers\npfs.sys
01:33:37.0656 0x0cf4 C:\WINDOWS\system32\drivers\npfs.sys - ok
01:33:37.0656 0x0cf4 [ FE0D99D6F31E4FAD8159F690D68DED9C,

998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ]

C:\WINDOWS\system32\drivers\rasacd.sys
01:33:37.0656 0x0cf4 C:\WINDOWS\system32\drivers\rasacd.sys - ok
01:33:37.0656 0x0cf4 [ 13F79A5C92BB6A07540B7A37AC2C4AAD,

1C6686738B6677DD961CCD4B8EC4F7B1ABADA67F3C904F6566ADA56FE77D68F4 ]

C:\WINDOWS\system32\drivers\ipsec.sys
01:33:37.0656 0x0cf4 C:\WINDOWS\system32\drivers\ipsec.sys - ok
01:33:37.0671 0x0cf4 [ 9AEFA14BD6B182D61E3119FA5F436D3D,

EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ]

C:\WINDOWS\system32\drivers\tcpip.sys
01:33:37.0671 0x0cf4 C:\WINDOWS\system32\drivers\tcpip.sys - ok
01:33:37.0671 0x0cf4 [ C453856A058C6B3EB84D054173DDDC4D,

AFC25C058CE4255AA6E0A61CD4F3A0713015164F8F005313C88F2C9FB5A47B86 ]

C:\WINDOWS\system32\drivers\mfetdi2k.sys
01:33:37.0671 0x0cf4 C:\WINDOWS\system32\drivers\mfetdi2k.sys - ok
01:33:37.0671 0x0cf4 [ 1E44BC1E83D8FD2305F8D452DB109CF9,

CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ]

C:\WINDOWS\system32\drivers\afd.sys
01:33:37.0671 0x0cf4 C:\WINDOWS\system32\drivers\afd.sys - ok
01:33:37.0687 0x0cf4 [ 8EB436E01A5535DCD0ADA273CBD4F7B0,

779A9B40447E26FBD31F46B85BB9735FD74FD26E5EB5C038FF658A9F3A10AD75 ]

C:\WINDOWS\system32\drivers\ipnat.sys
01:33:37.0687 0x0cf4 C:\WINDOWS\system32\drivers\ipnat.sys - ok
01:33:37.0687 0x0cf4 [ B24ED3A4966D1A9251899025759DC847,

1A1A03CAE4AE456A84E8C505788C938F28A23B28EBBBF36E06D468C9DEE97438 ]

C:\WINDOWS\system32\drivers\netbt.sys
01:33:37.0687 0x0cf4 C:\WINDOWS\system32\drivers\netbt.sys - ok
01:33:37.0687 0x0cf4 [ A012EC6D73B1ACBB876DC0EFBE0FAFEE,

27F07379BAAED37B1A3D3E25D7A8E3D0A8F88E0C9CEAD283540BFEA314FD3635 ]

C:\WINDOWS\system32\drivers\netbios.sys
01:33:37.0687 0x0cf4 C:\WINDOWS\system32\drivers\netbios.sys - ok
01:33:37.0687 0x0cf4 [ 567B201561F77ED347C5BE8820D55B2D,

6CBC82464846C5DABFC537AA80DF6901C41773A1C611F626DF3F7922B7764D68 ]

C:\WINDOWS\system32\drivers\rdbss.sys
01:33:37.0687 0x0cf4 C:\WINDOWS\system32\drivers\rdbss.sys - ok
01:33:37.0703 0x0cf4 [ 91A407C7F833BCF97240564FD44B1A66,

B6A9AE1FB53D8E0B868694B0F758D1C09F8256F1C2D562B36CC673DA8482E60A ]

C:\WINDOWS\system32\drivers\wanarp.sys
01:33:37.0703 0x0cf4 C:\WINDOWS\system32\drivers\wanarp.sys - ok
01:33:37.0703 0x0cf4 [ 9EEBF325F8B4683973F0AF30C6CF150E,

916EDE7005A4EC1854BC3E27E2FA3EE034EF4122FF75697E8991156F018ECFE4 ]

C:\WINDOWS\system32\drivers\arp1394.sys
01:33:37.0703 0x0cf4 C:\WINDOWS\system32\drivers\arp1394.sys - ok
01:33:37.0703 0x0cf4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0,

DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ]

C:\WINDOWS\system32\drivers\mrxsmb.sys
01:33:37.0703 0x0cf4 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
01:33:37.0718 0x0cf4 [ 532B70A154643DC5D722EEC7E82B8446,

CAEACADF94A04B5F1826073D85668372F1633A40B0E106488DBA9011CCB0134A ]

C:\WINDOWS\system32\drivers\fips.sys
01:33:37.0718 0x0cf4 C:\WINDOWS\system32\drivers\fips.sys - ok
01:33:37.0718 0x0cf4 [ ECDB9665937F737A7AB26390A6C68573,

8E9D3DBC1C75202F11F3B6D9071673C8F37994BD4341A3F259526D6B15E970D4 ]

C:\WINDOWS\system32\drivers\ctxusbm.sys
01:33:37.0718 0x0cf4 C:\WINDOWS\system32\drivers\ctxusbm.sys - ok
01:33:37.0718 0x0cf4 [ F8F0D25CA553E39DDE485D8FC7FCCE89,

54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ]

C:\WINDOWS\system32\ntdll.dll
01:33:37.0718 0x0cf4 C:\WINDOWS\system32\ntdll.dll - ok
01:33:37.0718 0x0cf4 [ A6A6E04496E41962384ACDD9D026F20C,

0787CBE59D38054F80E9A7F69F527D2CEA16FFB9E1D09CB8FDE221287E7353EE ]

C:\WINDOWS\system32\smss.exe
01:33:37.0718 0x0cf4 C:\WINDOWS\system32\smss.exe - ok
01:33:37.0734 0x0cf4 [ 54F16317A4863F55DA696DC6CA8D7BB0,

7261374D0B12CC492624911017B65A6AC72CFFF9A6143920C6465758C291BFDE ]

C:\WINDOWS\system32\autochk.exe
01:33:37.0734 0x0cf4 C:\WINDOWS\system32\autochk.exe - ok
01:33:37.0734 0x0cf4 [ C473E4A84355A32B53F2F4CE3A0406EE,

31355D762D01AB33FB0AFC2985BFFB9DEF85880D1C025F93889F6A9527EAD030 ]

C:\WINDOWS\system32\drivers\fastfat.sys
01:33:37.0734 0x0cf4 C:\WINDOWS\system32\drivers\fastfat.sys - ok
01:33:37.0734 0x0cf4 [ 1B611611C28D2DF25BC057D79C6F13FC,

B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ]

C:\WINDOWS\system32\drivers\usbccgp.sys
01:33:37.0734 0x0cf4 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
01:33:37.0734 0x0cf4 [ 1F7A2A5C1416FA73469216BFCCDA9395,

3EE850804C55C35C6F8FE5B54D4BF6D96728712EBEBB961925502C8C3EF7F479 ]

C:\WINDOWS\system32\sfcfiles.dll
01:33:37.0734 0x0cf4 C:\WINDOWS\system32\sfcfiles.dll - ok
01:33:37.0750 0x0cf4 [ 43D1517F157E495C70AB6BBF24FF5024,

242B95C594AB7728C0D2BC704A57812D1FA4C42A07299568CDAADA41B1745B11 ]

C:\WINDOWS\system32\drivers\hidclass.sys
01:33:37.0750 0x0cf4 C:\WINDOWS\system32\drivers\hidclass.sys - ok
01:33:37.0750 0x0cf4 [ FFAFDE8424D92B4AEB72670F446D8F22,

1E0A0AA86E70A2B21DA188510E57F350620B3E006A09D3F15B5B605174934BF7 ]

C:\WINDOWS\system32\drivers\hidusb.sys
01:33:37.0750 0x0cf4 C:\WINDOWS\system32\drivers\hidusb.sys - ok
01:33:37.0750 0x0cf4 [ BA215DD63AE739565ECB443D265CE0C6,

C7416E6A379C67CF758B9FC8FCFA04E91CDFD631D68FF4DD24485402197160DA ]

C:\WINDOWS\system32\drivers\usbstor.sys
01:33:37.0750 0x0cf4 C:\WINDOWS\system32\drivers\usbstor.sys - ok
01:33:37.0765 0x0cf4 [ B1C303E17FB9D46E87A98E4BA6769685,

161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ]

C:\WINDOWS\system32\drivers\mouhid.sys
01:33:37.0765 0x0cf4 C:\WINDOWS\system32\drivers\mouhid.sys - ok
01:33:37.0765 0x0cf4 [ 2F31B7F954BED437F2C75026C65CAF7B,

1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ]

C:\WINDOWS\system32\drivers\wmilib.sys
01:33:37.0765 0x0cf4 C:\WINDOWS\system32\drivers\wmilib.sys - ok
01:33:37.0765 0x0cf4 [ 7316AFA8EFA110621D6D90722AF3EFE6,

717FA969665699EF1F2DA789F29D011C490B3F8125D7EE8CD1CEEB414B471997 ]

C:\WINDOWS\system32\drivers\atapi.sys
01:33:37.0765 0x0cf4 C:\WINDOWS\system32\drivers\atapi.sys - ok
01:33:37.0765 0x0cf4 [ FE97D0343ACFDEBDD578FC67CC91FA87,

FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ]

C:\WINDOWS\system32\drivers\dxapi.sys
01:33:37.0765 0x0cf4 C:\WINDOWS\system32\drivers\dxapi.sys - ok
01:33:37.0781 0x0cf4 [ 4B2E5C90222DA43B73AE554204718646,

F28B4C41B2E57EB12E3CCE27861CA9F1CB533D8DE10EA4C036E43E5B98F75E42 ]

C:\WINDOWS\system32\watchdog.sys
01:33:37.0781 0x0cf4 C:\WINDOWS\system32\watchdog.sys - ok
01:33:37.0781 0x0cf4 [ 80AAA73D56272FD54DC6DE8643D10E9F,

0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ]

C:\WINDOWS\system32\win32k.sys
01:33:37.0781 0x0cf4 C:\WINDOWS\system32\win32k.sys - ok
01:33:37.0781 0x0cf4 [ CC6C9961669EA568BEF904B3C021400A,

A69F19FC88F11B7FB6BFA77E48221997F286AF8F420292F0B77BC7F95EB0B4C9 ]

C:\WINDOWS\system32\basesrv.dll
01:33:37.0781 0x0cf4 C:\WINDOWS\system32\basesrv.dll - ok
01:33:37.0796 0x0cf4 [ DD40363ABAD230A84C5E2178B11EFA88,

E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ]

C:\WINDOWS\system32\csrsrv.dll
01:33:37.0796 0x0cf4 C:\WINDOWS\system32\csrsrv.dll - ok
01:33:37.0796 0x0cf4 [ 71E0CA2CE812D14EB9599830CD9CDBFD,

92B7E4BD2BF03683C32868B91761F9C95D6D6B504D5F344F89F444F32DB19CA2 ]

C:\WINDOWS\system32\csrss.exe
01:33:37.0796 0x0cf4 C:\WINDOWS\system32\csrss.exe - ok
01:33:37.0796 0x0cf4 [ 69AE2B2E6968C316536E5B10B9702E63,

D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ]

C:\WINDOWS\system32\winsrv.dll
01:33:37.0796 0x0cf4 C:\WINDOWS\system32\winsrv.dll - ok
01:33:37.0796 0x0cf4 [ AFFE0B7126A86603D3F49A19A5B7DC46,

63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ]

C:\WINDOWS\system32\gdi32.dll
01:33:37.0812 0x0cf4 C:\WINDOWS\system32\gdi32.dll - ok
01:33:37.0812 0x0cf4 [ 4A45B692D2BAA74124DF57472D5EA2F1,

DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ]

C:\WINDOWS\system32\kernel32.dll
01:33:37.0812 0x0cf4 C:\WINDOWS\system32\kernel32.dll - ok
01:33:37.0812 0x0cf4 [ 7E02D28A2BDB710887815C41189014C1,

5E0302A43A39B731E08E5E205958BDAA59FD00D2FD1B07115FA000720C9373FE ]

C:\WINDOWS\system32\user32.dll
01:33:37.0812 0x0cf4 C:\WINDOWS\system32\user32.dll - ok
01:33:37.0812 0x0cf4 [ DD8DDA7140E749D0FE202A73F260D237,

0D46D6792D287EC5FDAA97D2D2DC2AE309A9C0C1EB0EE7F24C6BF264AABF44BE ]

C:\WINDOWS\system32\drivers\dxg.sys
01:33:37.0812 0x0cf4 C:\WINDOWS\system32\drivers\dxg.sys - ok
01:33:37.0828 0x0cf4 [ A73F5D6705B1D820C19B18782E176EFD,

C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ]

C:\WINDOWS\system32\drivers\dxgthk.sys
01:33:37.0828 0x0cf4 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
01:33:37.0828 0x0cf4 [ CC29CF5BA4F3AD6BED8E424866810223,

FC685B76D6A35939CE6D572AE1250C476156E17ADC3E6947E1A7ECF2C3861F67 ]

C:\WINDOWS\system32\ialmdnt5.dll
01:33:37.0828 0x0cf4 C:\WINDOWS\system32\ialmdnt5.dll - ok
01:33:37.0828 0x0cf4 [ 9E57AF3D019BA7C1523B663C8FA7733D,

6A4338440930968332B9829C3DBBB481F1D96A3C48E9D639E4E408AF44994319 ]

C:\WINDOWS\system32\ialmrnt5.dll
01:33:37.0828 0x0cf4 C:\WINDOWS\system32\ialmrnt5.dll - ok
01:33:37.0828 0x0cf4 [ ECB7591870F8BFB1A4C17B718AD5A4AA,

67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ]

C:\WINDOWS\system32\vga.dll
01:33:37.0828 0x0cf4 C:\WINDOWS\system32\vga.dll - ok
01:33:37.0843 0x0cf4 [ F0683C310687E88FB4D1B814BDFB82A3,

35CE13B392E0E6075354E06F5E7E0CFAC898A6998D7DA42BDFC935C4397E60C4 ]

C:\WINDOWS\system32\ialmdev5.dll
01:33:37.0843 0x0cf4 C:\WINDOWS\system32\ialmdev5.dll - ok
01:33:37.0843 0x0cf4 [ 85091A542F424FCC77027C7CBC5FA87E,

EC449617FC2ACA290367819D0E26F8C3786A70A69872C855A97DFA0E3DC0E766 ]

C:\WINDOWS\system32\ialmdd5.dll
01:33:37.0843 0x0cf4 C:\WINDOWS\system32\ialmdd5.dll - ok
01:33:37.0843 0x0cf4 [ 57021A062C8E266C0A2A636450364B43,

62C5B5F17A316B83F85D3EA381CBC780FD06F3D16CBF1A3552C495EE0D6BBFB5 ]

C:\WINDOWS\system32\winlogon.exe
01:33:37.0843 0x0cf4 C:\WINDOWS\system32\winlogon.exe - ok
01:33:37.0859 0x0cf4 [ E76F8807070ED04E7408A86D6D3A6137,

BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ]

C:\WINDOWS\system32\advapi32.dll
01:33:37.0859 0x0cf4 C:\WINDOWS\system32\advapi32.dll - ok
01:33:37.0859 0x0cf4 [ 3DF05BAF56CBDC3C5E68D31573645532,

6600A0790F642E2716FA85A7C0F4A43F428812205618F8BCED54A478ECD3F506 ]

C:\WINDOWS\system32\authz.dll
01:33:37.0859 0x0cf4 C:\WINDOWS\system32\authz.dll - ok
01:33:37.0859 0x0cf4 [ 44C164B34A72F29087ECA32411F2ED44,

112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ]

C:\WINDOWS\system32\rpcrt4.dll
01:33:37.0859 0x0cf4 C:\WINDOWS\system32\rpcrt4.dll - ok
01:33:37.0859 0x0cf4 [ 5357826C8A8DD6A07F17C48BB45BE46E,

E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ]

C:\WINDOWS\system32\secur32.dll
01:33:37.0859 0x0cf4 C:\WINDOWS\system32\secur32.dll - ok
01:33:37.0875 0x0cf4 [ 636DF3FF20A1B69B3F9D21325E7115C7,

6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ]

C:\WINDOWS\system32\crypt32.dll
01:33:37.0875 0x0cf4 C:\WINDOWS\system32\crypt32.dll - ok
01:33:37.0875 0x0cf4 [ C3445D36DFEAB5A69D7226A59225B248,

B7E1D64DEFCA7E4BF52F572C08E8313101D748A9728285294C46A32C186DA578 ]

C:\WINDOWS\system32\msvcrt.dll
01:33:37.0875 0x0cf4 C:\WINDOWS\system32\msvcrt.dll - ok
01:33:37.0875 0x0cf4 [ 04D898830DF96A17A20FD35D7590F87E,

09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ]

C:\WINDOWS\system32\msasn1.dll
01:33:37.0875 0x0cf4 C:\WINDOWS\system32\msasn1.dll - ok
01:33:37.0890 0x0cf4 [ 5B9A8DF11461A1689D64F7052545DF41,

99961338E7A98436589741288FCBEC06EB90441B045E97920DD025C31F9AF342 ]

C:\WINDOWS\system32\nddeapi.dll
01:33:37.0890 0x0cf4 C:\WINDOWS\system32\nddeapi.dll - ok
01:33:37.0890 0x0cf4 [ CAC752BF84DB4666ED3CE0948E6EA937,

C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ]

C:\WINDOWS\system32\netapi32.dll
01:33:37.0890 0x0cf4 C:\WINDOWS\system32\netapi32.dll - ok
01:33:37.0890 0x0cf4 [ 092BF6E5DD04D60FDA21482628930509,

49B112FBB77B58B0C0AA797F1DF3AC1D6EE1602C3A5C567B9DE6860A77B9DA61 ]

C:\WINDOWS\system32\profmap.dll
01:33:37.0890 0x0cf4 C:\WINDOWS\system32\profmap.dll - ok
01:33:37.0890 0x0cf4 [ 39202C36B754959DE8D02CC263504E2D,

C339A3703E2BB369FE8321F37D5CE0B4B5DE8B19D661DA67B72913C618BFFE59 ]

C:\WINDOWS\system32\userenv.dll
01:33:37.0890 0x0cf4 C:\WINDOWS\system32\userenv.dll - ok
01:33:37.0906 0x0cf4 [ 61B11FBDD0D0EC69740DDBCC664E66FB,

E12B84AF23C004934F9D44DAF877C6F6D4E8E18BF5CF0704C6923A3411206D04 ]

C:\WINDOWS\system32\psapi.dll
01:33:37.0906 0x0cf4 C:\WINDOWS\system32\psapi.dll - ok
01:33:37.0906 0x0cf4 [ 72F0159BBCE770746D9342137F3E61DF,

F6B8207641EDF2F8D9EB473C233EF0B0DE333B35225399D04CC2800DF0D9D287 ]

C:\WINDOWS\system32\regapi.dll
01:33:37.0906 0x0cf4 C:\WINDOWS\system32\regapi.dll - ok
01:33:37.0906 0x0cf4 [ 8D403C48F57674A018D5D18FCD2BF2A5,

5953B791B6FD85D9C8FAD661E1A025F912961C8054B165016CD4BDF0479B50C0 ]

C:\WINDOWS\system32\setupapi.dll
01:33:37.0906 0x0cf4 C:\WINDOWS\system32\setupapi.dll - ok
01:33:37.0921 0x0cf4 [ 16E916243BDDBAF44D98E623B2D0CEAD,

A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ]

C:\WINDOWS\system32\imagehlp.dll
01:33:37.0921 0x0cf4 C:\WINDOWS\system32\imagehlp.dll - ok
01:33:37.0921 0x0cf4 [ 93D7B4F777BB2D4D265162E1876DE191,

3D45F82C4931D0719DE473D90D8E1D944E853B8EDDBF496701358A6ED612C3D5 ]

C:\WINDOWS\system32\version.dll
01:33:37.0921 0x0cf4 C:\WINDOWS\system32\version.dll - ok
01:33:37.0921 0x0cf4 [ 38E3107FA6C9CB5B4E2D2F926209C529,

70C00E6CEFCE40C3F0CDC4510D47DC70DB34D5A2BDAABE449479E540AB41D504 ]

C:\WINDOWS\system32\winsta.dll
01:33:37.0921 0x0cf4 C:\WINDOWS\system32\winsta.dll - ok
01:33:37.0921 0x0cf4 [ D458B738B4C2CE33174CFB2CE12412DB,

C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ]

C:\WINDOWS\system32\wintrust.dll
01:33:37.0921 0x0cf4 C:\WINDOWS\system32\wintrust.dll - ok
01:33:37.0937 0x0cf4 [ 9E3867D09706F3B7A93C401AEA09E5CF,

ED21A1D4749406752A428F42743F7D1EBB25192E3150EFAFC02E6D8B87475EE5 ]

C:\WINDOWS\system32\ws2help.dll
01:33:37.0937 0x0cf4 C:\WINDOWS\system32\ws2help.dll - ok
01:33:37.0937 0x0cf4 [ 96163A36BFB5D8D66190FA6066A4A84C,

8AA457AF85238C7BB7F314360861EA0C4E8BB74FFBAE4E5B496E11CA0A12F547 ]

C:\WINDOWS\system32\ws2_32.dll
01:33:37.0937 0x0cf4 C:\WINDOWS\system32\ws2_32.dll - ok
01:33:37.0953 0x0cf4 [ F3213AAEE090451EAF9B3218658E1872,

85591F1388DDB8D57D1FFD6976ECD490DA8ADDAAF7ED6D6E75EF0FFC0D93E68B ]

C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll
01:33:37.0953 0x0cf4 C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll - ok
01:33:37.0953 0x0cf4 [ 4368E21DAA2A7859B5B6D6F89C8DF99F,

7751DF5458558B4B1DD9CEF724FE99DFD9F627F959143BAB33CE184F1F1742C9 ]

C:\WINDOWS\system32\imm32.dll
01:33:37.0953 0x0cf4 C:\WINDOWS\system32\imm32.dll - ok
01:33:37.0953 0x0cf4 [ 1A0B58CAE9E9CA959DECAD29D2E286FF,

23CF7B1B4C43E16DF5C27140A2DA71391AA1FB432B91CCF58DB6E9C62DFD693F ]

C:\WINDOWS\system32\sxs.dll
01:33:37.0953 0x0cf4 C:\WINDOWS\system32\sxs.dll - ok
01:33:37.0953 0x0cf4 [ 34EE4D69CDD4176C8FD0B3E9EB9E738C,

0E8EC3B86123523EE4423003C5B5C54894240BD277E8773BBB91A3AE95CDBEC6 ]

C:\Program Files\Citrix\ICA Client\ShellHook.dll
01:33:37.0953 0x0cf4 C:\Program Files\Citrix\ICA Client\ShellHook.dll - ok
01:33:37.0968 0x0cf4 [ 59B408E5B8489B0B36A0D783D150EDCC,

CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ]

C:\WINDOWS\system32\ole32.dll
01:33:37.0968 0x0cf4 C:\WINDOWS\system32\ole32.dll - ok
01:33:37.0968 0x0cf4 [ C448A248B743F5FB935C787A5D97268B,

26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ]

C:\WINDOWS\system32\shlwapi.dll
01:33:37.0968 0x0cf4 C:\WINDOWS\system32\shlwapi.dll - ok
01:33:37.0968 0x0cf4 [ 6843D54BC4A40CC8C5741AF750233D10,

D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ]

C:\WINDOWS\system32\shell32.dll
01:33:37.0968 0x0cf4 C:\WINDOWS\system32\shell32.dll - ok
01:33:37.0968 0x0cf4 [ 736B12B725AEB2B07F0241A9F680CB10,

9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ]

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2

600.6028_x-ww_61e65202\comctl32.dll
01:33:37.0968 0x0cf4

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2

600.6028_x-ww_61e65202\comctl32.dll - ok
01:33:37.0984 0x0cf4 [ 93AFB83FBC1F9443CAC722FCA63D73BF,

853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ]

C:\WINDOWS\system32\comctl32.dll
01:33:37.0984 0x0cf4 C:\WINDOWS\system32\comctl32.dll - ok
01:33:37.0984 0x0cf4 [ 56C5B179FE3308B655EB6208C3256FEC,

C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ]

C:\WINDOWS\system32\kbdus.dll
01:33:37.0984 0x0cf4 C:\WINDOWS\system32\kbdus.dll - ok
01:33:37.0984 0x0cf4 [ BDAC6A0D197004C46F44599BCF13D19A,

404E79C09C5ACCA52C5D9693FEAD03D1209DA4D56A83C5D15925A1EDD3A1DEED ]

C:\WINDOWS\system32\msgina.dll
01:33:37.0984 0x0cf4 C:\WINDOWS\system32\msgina.dll - ok
01:33:38.0000 0x0cf4 [ 40B0F98BAD16AD5DEF894E88C3EF8014,

916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ]

C:\WINDOWS\system32\odbc32.dll
01:33:38.0000 0x0cf4 C:\WINDOWS\system32\odbc32.dll - ok
01:33:38.0000 0x0cf4 [ 299B07BCF132B7B0448DB7284ED72CDE,

2B8D0AF2F22A3F8E1E1BC7DCE78FF76A0DB5466C4B5CC426B1068E373A166CAF ]

C:\WINDOWS\system32\comdlg32.dll
01:33:38.0000 0x0cf4 C:\WINDOWS\system32\comdlg32.dll - ok
01:33:38.0000 0x0cf4 [ 9818BF587BE59D2E75985C640C27883E,

C610A670C1565BA33D64DB31083975BFDD7448AAD044FFBD61CAAC0234288976 ]

C:\WINDOWS\system32\odbcint.dll
01:33:38.0000 0x0cf4 C:\WINDOWS\system32\odbcint.dll - ok
01:33:38.0000 0x0cf4 [ 99BC0B50F511924348BE19C7C7313BBF,

A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ]

C:\WINDOWS\system32\shsvcs.dll
01:33:38.0000 0x0cf4 C:\WINDOWS\system32\shsvcs.dll - ok
01:33:38.0015 0x0cf4 [ 692D64203772EE801D1A0C36E8435143,

6670CD37FAAF1440E1875BBFF8335B35386B0A0E7F78AE26869108BF5566E4ED ]

C:\WINDOWS\system32\apphelp.dll
01:33:38.0015 0x0cf4 C:\WINDOWS\system32\apphelp.dll - ok
01:33:38.0015 0x0cf4 [ 9BACF227D6CD85D05A3A2B7A2F78C110,

5F6B238F76AAF84205586E1E4F0F6FECD547A44BCCDDFD30720863A10A442E37 ]

C:\WINDOWS\system32\sfc.dll
01:33:38.0015 0x0cf4 C:\WINDOWS\system32\sfc.dll - ok
01:33:38.0015 0x0cf4 [ 2F915F6AF939CF10EDBF13C96650140B,

BC749A8F9CAE58F7D79E804463E9D7E3F7F48F05FD83F85A46D310982890AFB7 ]

C:\WINDOWS\system32\sfc_os.dll
01:33:38.0015 0x0cf4 C:\WINDOWS\system32\sfc_os.dll - ok
01:33:38.0031 0x0cf4 [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ]

C:\WINDOWS\system32\lsass.exe
01:33:38.0031 0x0cf4 C:\WINDOWS\system32\lsass.exe - ok
01:33:38.0031 0x0cf4 [ 65DF52F5B8B6E9BBD183505225C37315,

59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ]

C:\WINDOWS\system32\services.exe
01:33:38.0031 0x0cf4 C:\WINDOWS\system32\services.exe - ok
01:33:38.0031 0x0cf4 [ BD31DC6DBE9333C4FBD4BDF0899F2160,

545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ]

C:\WINDOWS\system32\lsasrv.dll
01:33:38.0031 0x0cf4 C:\WINDOWS\system32\lsasrv.dll - ok
01:33:38.0031 0x0cf4 [ C30241CA2A0F0A0AE7A43BD5D26F4C1C,

2D7419812D5358B7D9D869556CCDE932F6B36C0DD3FBDD2D3B76DDCA76F84BCB ]

C:\WINDOWS\system32\msvcp60.dll
01:33:38.0031 0x0cf4 C:\WINDOWS\system32\msvcp60.dll - ok
01:33:38.0046 0x0cf4 [ 06C7DE7A95515F25FD160D8142B65B83,

75EFA7B7BACCD1E73E1E705975E7F3F805C0BAEA152A2FDFAC6419670EFFF477 ]

C:\WINDOWS\system32\ncobjapi.dll
01:33:38.0046 0x0cf4 C:\WINDOWS\system32\ncobjapi.dll - ok
01:33:38.0046 0x0cf4 [ FF7A7926E553DF76BD92B630C6153C81,

79643B3A7F7BDD144E1E40449D7C10E71B525A09CE30FFD0798BC39C9BFD4678 ]

C:\WINDOWS\system32\scesrv.dll
01:33:38.0046 0x0cf4 C:\WINDOWS\system32\scesrv.dll - ok
01:33:38.0046 0x0cf4 [ 45FAA17EE1755899E7F4CD009150E3C1,

03CB7D7158DF566E99304918EFF055C5C51C15FBDB7E354F348AC1DA6340D87F ]

C:\WINDOWS\system32\umpnpmgr.dll
01:33:38.0046 0x0cf4 C:\WINDOWS\system32\umpnpmgr.dll - ok
01:33:38.0062 0x0cf4 [ 748E7E6C3EB677218E7177DE228D6E81,

0C3AECFED1D3950F34A17E1BB7ADDED2BF903EC50B2F6EC3372202E03272EB87 ]

C:\WINDOWS\system32\shimeng.dll
01:33:38.0062 0x0cf4 C:\WINDOWS\system32\shimeng.dll - ok
01:33:38.0062 0x0cf4 [ 1F813C0C2A77BCC7AAAE4133DAD1A11D,

B614AF3E829C2EF21E88BFFABEDECA5FFAD250887101E907FA7B5CD752022A30 ]

C:\WINDOWS\AppPatch\AcAdProc.dll
01:33:38.0062 0x0cf4 C:\WINDOWS\AppPatch\AcAdProc.dll - ok
01:33:38.0062 0x0cf4 [ B54C22A12DA8F3872388E6FEFBAA4E5B,

89C405473240F83BCEAD8556A342E72C8A70BFDEC82D1717EBD3982ED2EDB3C4 ]

C:\WINDOWS\system32\mpr.dll
01:33:38.0062 0x0cf4 C:\WINDOWS\system32\mpr.dll - ok
01:33:38.0062 0x0cf4 [ 389496118B3B03C2328024AF320132AC,

11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ]

C:\WINDOWS\system32\dnsapi.dll
01:33:38.0062 0x0cf4 C:\WINDOWS\system32\dnsapi.dll - ok
01:33:38.0078 0x0cf4 [ 64C73947FE9B73C64C993D0A83B5A18A,

4D2C17B0CDB51DD8A2E9CDB248E8934061691796CC1E532D240C0E66453ECD49 ]

C:\WINDOWS\system32\ntdsapi.dll
01:33:38.0078 0x0cf4 C:\WINDOWS\system32\ntdsapi.dll - ok
01:33:38.0078 0x0cf4 [ 6CA878FFBC95E9E1528BD159E53301CD,

462809F6F32DFF9E154411CD25E06775A5AE6F35A6BCA3BDF6079BA60656E4DD ]

C:\WINDOWS\system32\wldap32.dll
01:33:38.0078 0x0cf4 C:\WINDOWS\system32\wldap32.dll - ok
01:33:38.0078 0x0cf4 [ F080D8EFCFA53DF4722A43B9C8728A8E,

61EAC65E9CA6211B2AA60914A4E99F10B7AACCCCD7700DE83F3741D35F2552A3 ]

C:\WINDOWS\system32\samlib.dll
01:33:38.0078 0x0cf4 C:\WINDOWS\system32\samlib.dll - ok
01:33:38.0093 0x0cf4 [ 1E41FB250D47B26323A54211BF7158FD,

76AC6716124850DD1D55304D7E7A87795F24F31EEAE0E5DF75D8843EEE4C25DD ]

C:\WINDOWS\system32\samsrv.dll
01:33:38.0093 0x0cf4 C:\WINDOWS\system32\samsrv.dll - ok
01:33:38.0093 0x0cf4 [ AA53AFD7F2031C7F7273D4C4A66E9DA0,

CA5A61ADF32B85B4D019D92F85E3DD46A7095299CBDC659F707881814944B244 ]

C:\WINDOWS\system32\cryptdll.dll
01:33:38.0093 0x0cf4 C:\WINDOWS\system32\cryptdll.dll - ok
01:33:38.0093 0x0cf4 [ DDEBC6E500AAFBDA03D2D76E4B12FF0E,

DD0EC442B91A07857FC0EE8EB52AFD52C7732B587B2A24B3F72886925E17AF88 ]

C:\WINDOWS\AppPatch\AcGenral.dll
01:33:38.0093 0x0cf4 C:\WINDOWS\AppPatch\AcGenral.dll - ok
01:33:38.0093 0x0cf4 [ 4A953F13942867BA8FB41F141EC1B80C,

BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ]

C:\WINDOWS\system32\winmm.dll
01:33:38.0093 0x0cf4 C:\WINDOWS\system32\winmm.dll - ok
01:33:38.0109 0x0cf4 [ 2D2013D32E7E4A3F1BC6F11480479275,

20BCF681CEDE2C99DEA80386C40DC19C9313B54B5ABC0CD92FF095E811525EA8 ]

C:\WINDOWS\system32\msacm32.dll
01:33:38.0109 0x0cf4 C:\WINDOWS\system32\msacm32.dll - ok
01:33:38.0109 0x0cf4 [ EFF03460E542EEA6B0ABDEC6BF19C897,

C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ]

C:\WINDOWS\system32\oleaut32.dll
01:33:38.0109 0x0cf4 C:\WINDOWS\system32\oleaut32.dll - ok
01:33:38.0109 0x0cf4 [ CEE0377BEE20904FFD6C9094C0B85BE4,

DAE6720763099375A2258485DDA855C5D05D7CE3F4C42D262BAF6CFC37BF9E0D ]

C:\WINDOWS\system32\uxtheme.dll
01:33:38.0109 0x0cf4 C:\WINDOWS\system32\uxtheme.dll - ok
01:33:38.0125 0x0cf4 [ 63904130079AAD117DE1C527F40C56BB,

43A756944A54EA68ADD432DA637700FAC3265A85F61DDB873BBAE7471C41182B ]

C:\WINDOWS\system32\msapsspc.dll
01:33:38.0125 0x0cf4 C:\WINDOWS\system32\msapsspc.dll - ok
01:33:38.0125 0x0cf4 [ 83D10CEEA8EA24A0C08F17A7E322718F,

6CF9DDAA5993BD76D0DBEE86BE8484DE889A242525C743DA90606BDBD5EA1C12 ]

C:\WINDOWS\system32\msvcrt40.dll
01:33:38.0125 0x0cf4 C:\WINDOWS\system32\msvcrt40.dll - ok
01:33:38.0125 0x0cf4 [ 0F64207B49390C8063C36AE7CBF9C2DB,

52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ]

C:\WINDOWS\system32\schannel.dll
01:33:38.0125 0x0cf4 C:\WINDOWS\system32\schannel.dll - ok
01:33:38.0125 0x0cf4 [ 4FB30F6C23C74D290ACFA55F474A3094,

FB3F44233BD822A547C51E17DBB69F071D0C551D60236375932C6A1BC2725CE5 ]

C:\WINDOWS\system32\digest.dll
01:33:38.0125 0x0cf4 C:\WINDOWS\system32\digest.dll - ok
01:33:38.0140 0x0cf4 [ 42466B87D281CF37F6FC3254D1E0345D,

F05B28BE764B42A2FE850695467B2137D8B333EC812CC129C397A456CCB33B04 ]

C:\WINDOWS\system32\msnsspc.dll
01:33:38.0140 0x0cf4 C:\WINDOWS\system32\msnsspc.dll - ok
01:33:38.0140 0x0cf4 [ 3F790874A85819E94574F3E7AF9C5806,

9D398D6752ED407C1E7F9B08A79DA77ACFFC060D28FA0F357C0BD5D4DE8AAD97 ]

C:\WINDOWS\system32\msctfime.ime
01:33:38.0140 0x0cf4 C:\WINDOWS\system32\msctfime.ime - ok
01:33:38.0203 0x0cf4 [ 976EF073DC1CC5685B5B354A431A66D8,

2185B557CF47A9B5F58FC310A311EBD9A876D3C366D7A2919784F94B743E69D9 ]

C:\WINDOWS\system32\msprivs.dll
01:33:38.0203 0x0cf4 C:\WINDOWS\system32\msprivs.dll - ok
01:33:38.0203 0x0cf4 [ 318FAA70D9B0FB8DD168D4ED628E27B2,

2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ]

C:\WINDOWS\system32\atmfd.dll
01:33:38.0203 0x0cf4 C:\WINDOWS\system32\atmfd.dll - ok
01:33:38.0203 0x0cf4 [ A525C96C51D55111FDF3BEA9FFFFC7AE,

AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ]

C:\WINDOWS\system32\kerberos.dll
01:33:38.0203 0x0cf4 C:\WINDOWS\system32\kerberos.dll - ok
01:33:38.0218 0x0cf4 [ 517561A1113B04E51D936CD018DE1C1F,

A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ]

C:\WINDOWS\system32\msv1_0.dll
01:33:38.0218 0x0cf4 C:\WINDOWS\system32\msv1_0.dll - ok
01:33:38.0218 0x0cf4 [ 9221096E036FE61BF8E00C2BA337E445,

B8A40F103C9CF5049F93A423628E1930A9145961106B8871DEC99815CBD75975 ]

C:\WINDOWS\system32\iphlpapi.dll
01:33:38.0218 0x0cf4 C:\WINDOWS\system32\iphlpapi.dll - ok
01:33:38.0218 0x0cf4 [ 77A2F0D267E6158E4AA53D654547A6C6,

D9BE69A1BDB307AD7DA319224A9180E90879E47897F6C0ECBAC5C459539BDDD5 ]

C:\WINDOWS\system32\netlogon.dll
01:33:38.0218 0x0cf4 C:\WINDOWS\system32\netlogon.dll - ok
01:33:38.0218 0x0cf4 [ DB5633CF64637919A002B5AECC76A9B5,

6EECF5F4CB63791E6BB75228FDE1D236731D129CC7490569489F52646B92A165 ]

C:\WINDOWS\system32\w32time.dll
01:33:38.0218 0x0cf4 C:\WINDOWS\system32\w32time.dll - ok
01:33:38.0234 0x0cf4 [ 3AAF9B35939FF9E58CCD18D41655C2FC,

AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ]

C:\WINDOWS\system32\wdigest.dll
01:33:38.0234 0x0cf4 C:\WINDOWS\system32\wdigest.dll - ok
01:33:38.0234 0x0cf4 [ 63FAE12497EF7AEADDF2DFFC2BF6CF14,

29A52542C77493A5F92E961149920764F710771297C36091D775F933FD44A981 ]

C:\WINDOWS\system32\rsaenh.dll
01:33:38.0234 0x0cf4 C:\WINDOWS\system32\rsaenh.dll - ok
01:33:38.0234 0x0cf4 [ 1C5E2F3907349EDDB0CCFF8073F02AF6,

3338FEAC5DF9FBCDFC6B676782C485034C640FE2565A742A8A0B63F9EF80DDA4 ]

C:\WINDOWS\system32\nwprovau.dll
01:33:38.0234 0x0cf4 C:\WINDOWS\system32\nwprovau.dll - ok
01:33:38.0250 0x0cf4 [ 8AFFB97822CA94DC40F3E2F725199377,

7B78553D6981DE377B5900C0892978E743A7418E3797E16CF2E00B3D29C99EED ]

C:\WINDOWS\system32\winscard.dll
01:33:38.0250 0x0cf4 C:\WINDOWS\system32\winscard.dll - ok
01:33:38.0250 0x0cf4 [ AB903FACB331F43EBC73289EFDBF6514,

4DF5593F8A5ACFFF5BFD8E13922796F9F95EDE22E862B5F86373D9C186641FA4 ]

C:\WINDOWS\system32\wtsapi32.dll
01:33:38.0250 0x0cf4 C:\WINDOWS\system32\wtsapi32.dll - ok
01:33:38.0250 0x0cf4 [ 1FC0B879C83F7E6E5D975617F7A85C5F,

28A9F262C542984206E357748A32E26F20E71F6C5B45B333926F9A773416351E ]

C:\WINDOWS\system32\scecli.dll
01:33:38.0250 0x0cf4 C:\WINDOWS\system32\scecli.dll - ok
01:33:38.0250 0x0cf4 [ 0C54D685CFA1D5054F59F08ADAF71248,

FF342937FD2641A7B56E3AF7901A195A2B647CC1B58655C519CA7652250E802B ]

C:\WINDOWS\system32\svchost.exe
01:33:38.0250 0x0cf4 C:\WINDOWS\system32\svchost.exe - ok
01:33:38.0265 0x0cf4 [ F0E0CF7626912BA131AE75BFBEDC9A4A,

EDB5BF8B381C236C4F53477FBAD95F05E1599A184B96F3E94DB9A0EB28246AD6 ]

C:\WINDOWS\system32\ntmarta.dll
01:33:38.0265 0x0cf4 C:\WINDOWS\system32\ntmarta.dll - ok
01:33:38.0265 0x0cf4 [ 6B27A5C03DFB94B4245739065431322C,

6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ]

C:\WINDOWS\system32\rpcss.dll
01:33:38.0265 0x0cf4 C:\WINDOWS\system32\rpcss.dll - ok
01:33:38.0281 0x0cf4 [ 47D075E6D9592FFCD24089F87D76830B,

CAF900A6B23A4DEF7B4BAEBB1F6769FA64C088E890854288062E566A81F38ACE ]

C:\WINDOWS\system32\xpsp2res.dll
01:33:38.0281 0x0cf4 C:\WINDOWS\system32\xpsp2res.dll - ok
01:33:38.0296 0x0cf4 [ 9FE2545FF4234A165368B6C3EC587E8C,

EDB0A77BBA687CA1752A131D90567196B4ECA079F1F955E6B5F3B5373E9FFC00 ]

C:\WINDOWS\system32\eventlog.dll
01:33:38.0296 0x0cf4 C:\WINDOWS\system32\eventlog.dll - ok
01:33:38.0296 0x0cf4 [ 943337D786A56729263071623BBB9DE5,

B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ]

C:\WINDOWS\system32\mswsock.dll
01:33:38.0296 0x0cf4 C:\WINDOWS\system32\mswsock.dll - ok
01:33:38.0296 0x0cf4 [ 04CF0F38382C273727849EE12A3CC09D,

64955AFE3A771D4E2D4A10826421FF545AFA3E50152A021E671A3D027708B8C9 ]

C:\WINDOWS\system32\hnetcfg.dll
01:33:38.0296 0x0cf4 C:\WINDOWS\system32\hnetcfg.dll - ok
01:33:38.0312 0x0cf4 [ 811BB60991FC03A63F2F844A3F9C6488,

4E26BEBA2B24516B447BFAFC405692C53121F28815B7312F1E4F38D5CBCEA678 ]

C:\WINDOWS\system32\wshisn.dll
01:33:38.0312 0x0cf4 C:\WINDOWS\system32\wshisn.dll - ok
01:33:38.0312 0x0cf4 [ 68EF61CE3AD0615487675462D14E6C9B,

28BB6168FD969C22EC379B5AC47C4399F4233CA37F7C52B3FA9566D029578D6E ]

C:\WINDOWS\system32\wshtcpip.dll
01:33:38.0312 0x0cf4 C:\WINDOWS\system32\wshtcpip.dll - ok
01:33:38.0312 0x0cf4 [ 4C0B5C802738058C533462AD62B1A9E6,

695D9A9B27ED6C8E6E95C8132E9CFB4DE9387DA297BF81E1317440C269D75566 ]

C:\WINDOWS\system32\rasadhlp.dll
01:33:38.0312 0x0cf4 C:\WINDOWS\system32\rasadhlp.dll - ok
01:33:38.0328 0x0cf4 [ 5058FB4E1A27E3D424392519DED2F22C,

C5DEEED3D5A23C40ED85FB5268C5F643610B06966CBFE8DE7A41A582F7AA4043 ]

C:\WINDOWS\system32\winrnr.dll
01:33:38.0328 0x0cf4 C:\WINDOWS\system32\winrnr.dll - ok
01:33:38.0328 0x0cf4 [ 760F1C23AEC41B6D97AEF8C588F73351,

279F36087BEC7215EB6AAB20EDAF24942D86E5A4DB4ECA91BEE409F3716EC9A1 ]

C:\WINDOWS\system32\wsock32.dll
01:33:38.0328 0x0cf4 C:\WINDOWS\system32\wsock32.dll - ok
01:33:38.0328 0x0cf4 [ 736A9F2429BF354E0445D5FCBDE07FD9,

2BA985E99677F98A13EEAFB53E9023F470332E990D2784102361726A31950614 ]

C:\WINDOWS\system32\cscdll.dll
01:33:38.0328 0x0cf4 C:\WINDOWS\system32\cscdll.dll - ok
01:33:38.0343 0x0cf4 [ C5CABEDF677DB6B0D96B8BE62AC25B64,

3C2F98E33C0FDEBC40936DBA60211051CA19D79615384E3CDD5C68453867E43C ]

C:\WINDOWS\system32\dimsntfy.dll
01:33:38.0343 0x0cf4 C:\WINDOWS\system32\dimsntfy.dll - ok
01:33:38.0343 0x0cf4 [ 6F5AD5476EDABE63CFEADC49D2E18659,

840D0164FEE10806217FF16D09528B52F5D3E9759AA12B02CF7A73AA3F8D2F2F ]

C:\WINDOWS\system32\winspool.drv
01:33:38.0343 0x0cf4 C:\WINDOWS\system32\winspool.drv - ok
01:33:38.0343 0x0cf4 [ AF771ABB00FB4D77C44E51A25AE2A665,

C5ABE2B76FB92B606180572FC58C013CB945E15F5D85D4B4CF03C8EC250DE093 ]

C:\WINDOWS\system32\wlnotify.dll
01:33:38.0343 0x0cf4 C:\WINDOWS\system32\wlnotify.dll - ok
01:33:38.0343 0x0cf4 [ 02CF580510234E519736559A7F19EA20,

93DC16678B01DF2E12672AB93778151FDD7FF10C30CEF7A921553D86F97C3819 ]

C:\WINDOWS\system32\WgaLogon.dll
01:33:38.0343 0x0cf4 C:\WINDOWS\system32\WgaLogon.dll - ok
01:33:38.0359 0x0cf4 [ 05231C04253C5BC30B26CBAAE680ED89,

5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ]

C:\WINDOWS\system32\WudfSvc.dll
01:33:38.0359 0x0cf4 C:\WINDOWS\system32\WudfSvc.dll - ok
01:33:38.0359 0x0cf4 [ 5CAF91E865FE0C85048A233E594544D2,

23B16D6CB30E124D37949EFCF261BCD9D9872FE2F3852FC345F32283E3D04178 ]

C:\WINDOWS\system32\WudfPlatform.dll
01:33:38.0359 0x0cf4 C:\WINDOWS\system32\WudfPlatform.dll - ok
01:33:38.0359 0x0cf4 [ 5AD440B71AAF1C64DBAD8E2D1100FD1C,

0DE7CEC01F3C6CBA59C1BF8BB632FE5C1F51DF726580DA25BC6C916B211C6627 ]

C:\WINDOWS\system32\clbcatq.dll
01:33:38.0359 0x0cf4 C:\WINDOWS\system32\clbcatq.dll - ok
01:33:38.0375 0x0cf4 [ B7398412F2F22C44C31290CAFDDCA842,

563CAF01158F9CAF028798429A0BC753B1FC87E9EA990EA9B7E16AEFC9F6E9EA ]

C:\WINDOWS\system32\comres.dll
01:33:38.0375 0x0cf4 C:\WINDOWS\system32\comres.dll - ok
01:33:38.0375 0x0cf4 [ 03A02D5A2D50198BDF6C62AF209438D0,

7A2577BB31B937436689EB8E3F415F71D3744209EFFC110C9B12C42025F36C88 ]

C:\WINDOWS\system32\msxml3.dll
01:33:38.0375 0x0cf4 C:\WINDOWS\system32\msxml3.dll - ok
01:33:38.0390 0x0cf4 [ DBC474CA8EFE2501ED38B688DA94DD08,

D1940127C5E20867190014BE74AA59F38234C9AE9EA1E6BA15EDA98B25B67CDC ]

C:\WINDOWS\system32\drivers\nwlnkipx.sys
01:33:38.0390 0x0cf4 C:\WINDOWS\system32\drivers\nwlnkipx.sys - ok
01:33:38.0390 0x0cf4 [ 4B51239904FFB424BF6ED20EE6860836,

AD67E3333A7D49CB41EAF3B9DC988CF35657A388A0DAF4CB1AB36EABA9FC4F9A ]

C:\WINDOWS\system32\drivers\ndisuio.sys
01:33:38.0390 0x0cf4 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
01:33:38.0390 0x0cf4 [ 56D34A67C05E94E16377C60609741FF8,

ABE48D3E7D38DB20E9D4884FC6FE42FAE0C5FAFD3AC86F1E585A4BB17C6F09C5 ]

C:\WINDOWS\system32\drivers\nwlnknb.sys
01:33:38.0390 0x0cf4 C:\WINDOWS\system32\drivers\nwlnknb.sys - ok
01:33:38.0406 0x0cf4 [ AD5C82A2A8E7B30BDD7C3441BA095243,

2B57855FF5E82B75B4C1A6EF00D18EBED80446A288BBCCAB9B2FE6863BF850C5 ]

C:\WINDOWS\system32\msimg32.dll
01:33:38.0406 0x0cf4 C:\WINDOWS\system32\msimg32.dll - ok
01:33:38.0406 0x0cf4 [ 7EF07645D1AF5ACA0762F95E6F80D27F,

709D168F106876E1F170DB372E28F77AE6DC63F04E1FCA78EFE3AE4E6A9D26F2 ]

C:\WINDOWS\system32\dhcpcsvc.dll
01:33:38.0406 0x0cf4 C:\WINDOWS\system32\dhcpcsvc.dll - ok
01:33:38.0406 0x0cf4 [ 5F7E24FA9EAB896051FFB87F840730D2,

356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ]

C:\WINDOWS\system32\dnsrslvr.dll
01:33:38.0406 0x0cf4 C:\WINDOWS\system32\dnsrslvr.dll - ok
01:33:38.0406 0x0cf4 [ D53F9AED00F107A77D421A82BC8CEA6A,

C17B8D3C3B6794FC761B42B5B6A962AD577FDD1F930111D90E4FD84A147FD910 ]

C:\WINDOWS\system32\lmhsvc.dll
01:33:38.0406 0x0cf4 C:\WINDOWS\system32\lmhsvc.dll - ok
01:33:38.0421 0x0cf4 [ 578F0A329CF1AB10715AB437CFAF8DDA,

D919409126307C89F02BD7165C2123F5452D469751FD4D4954D73CEC7FB89852 ]

C:\WINDOWS\system32\wzcsvc.dll
01:33:38.0421 0x0cf4 C:\WINDOWS\system32\wzcsvc.dll - ok
01:33:38.0421 0x0cf4 [ 09C172317408F9327E368F9E7DFEF752,

A46519061E97DAB173F30DB2479FE778626C48764AACA0767F6597A0FFD936E3 ]

C:\WINDOWS\system32\eapolqec.dll
01:33:38.0421 0x0cf4 C:\WINDOWS\system32\eapolqec.dll - ok
01:33:38.0421 0x0cf4 [ 874E22661AFD3A3FAE1DC5C58E2313DD,

7D2A6A2EB95C80103DC855A4AF18A82B16FB9FC8E2AE6D9500193A822D4C66ED ]

C:\WINDOWS\system32\rtutils.dll
01:33:38.0421 0x0cf4 C:\WINDOWS\system32\rtutils.dll - ok
01:33:38.0437 0x0cf4 [ 4D40D85707FCC530E9E703D8C094AC65,

02D14F69DA4F2C358D5C2E011A27AD8B2051F91B41C0791A784C2FB818F28972 ]

C:\WINDOWS\system32\wmi.dll
01:33:38.0437 0x0cf4 C:\WINDOWS\system32\wmi.dll - ok
01:33:38.0437 0x0cf4 [ 224FB925C641DA16CEB6D60F40CA4C75,

2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ]

C:\WINDOWS\system32\atl.dll
01:33:38.0437 0x0cf4 C:\WINDOWS\system32\atl.dll - ok
01:33:38.0437 0x0cf4 [ 6EB5E03A1C829D4D9043A780F8E36461,

AF12A56F3A5372495DB775A66F566660EDA2BFDBE8D565D1325A076CE060CB2D ]

C:\WINDOWS\system32\dot3api.dll
01:33:38.0437 0x0cf4 C:\WINDOWS\system32\dot3api.dll - ok
01:33:38.0437 0x0cf4 [ B20CF28D96AC54170E777566CFCF0175,

87BC08331F8F75171465B212E5891EF304108195C54F3DAD3E569B1BEBB37432 ]

C:\WINDOWS\system32\esent.dll
01:33:38.0437 0x0cf4 C:\WINDOWS\system32\esent.dll - ok
01:33:38.0453 0x0cf4 [ E750A34D54A7987DDAAE814EDD79903F,

34AE118DB5121758E570C15CAC29E067738F73C1B062329960E16AB005F1DE4F ]

C:\WINDOWS\system32\qutil.dll
01:33:38.0453 0x0cf4 C:\WINDOWS\system32\qutil.dll - ok
01:33:38.0453 0x0cf4 [ 115B7EE1072343A51B94C85B09446739,

1084B3622FFBFCBD066A987FCE31827FE85182A13AA0AB65F18CE7BC5BCBA2DA ]

C:\WINDOWS\system32\qagent.dll
01:33:38.0453 0x0cf4 C:\WINDOWS\system32\qagent.dll - ok
01:33:38.0453 0x0cf4 [ A39BE37C9237DB5F1990D61B268EA555,

ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ]

C:\WINDOWS\system32\rastls.dll
01:33:38.0453 0x0cf4 C:\WINDOWS\system32\rastls.dll - ok
01:33:38.0468 0x0cf4 [ 63EAC479A80D48E1390725AF4E123D52,

C359E66AD76CCD1ECA9414FF6DE6674A01820EA7EB1565EC830B006CE5F502E4 ]

C:\WINDOWS\system32\cryptui.dll
01:33:38.0468 0x0cf4 C:\WINDOWS\system32\cryptui.dll - ok
01:33:38.0468 0x0cf4 [ EB14594F0EB92CA4169081DE6268EB1A,

35E293C87A6B3E42CCC6D9B402ADB9919FE7B5ABB4B967754D4D19E394D3C7A5 ]

C:\WINDOWS\system32\wininet.dll
01:33:38.0468 0x0cf4 C:\WINDOWS\system32\wininet.dll - ok
01:33:38.0468 0x0cf4 [ CDC0E34AD20FB8F2895622928407187C,

8BC38F79927EC1FEB0287B90F51FA5E2D21FE014660A7F5DD8BDEF9598F975F1 ]

C:\WINDOWS\system32\activeds.dll
01:33:38.0468 0x0cf4 C:\WINDOWS\system32\activeds.dll - ok
01:33:38.0468 0x0cf4 [ 25E5395B9F87000F25520B5EA3D86B68,

7D7AD7980093C47554519C58CB6FA09068B7E58B484392C2A423D91D20C8BD61 ]

C:\WINDOWS\system32\iertutil.dll
01:33:38.0468 0x0cf4 C:\WINDOWS\system32\iertutil.dll - ok
01:33:38.0484 0x0cf4 [ B63FA0BDA5109E11AA3ADABF315D462E,

918E2456BDCB88854F118AE2436BE0F01CC5F571037359BC040E0FD6A083D877 ]

C:\WINDOWS\system32\mprapi.dll
01:33:38.0484 0x0cf4 C:\WINDOWS\system32\mprapi.dll - ok
01:33:38.0484 0x0cf4 [ 10753A3ADC3E39A3B10CC3F08E98E6B4,

99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ]

C:\WINDOWS\system32\normaliz.dll
01:33:38.0484 0x0cf4 C:\WINDOWS\system32\normaliz.dll - ok
01:33:38.0484 0x0cf4 [ 3DF8CA56B6AC4CEC3569640889313794,

0548DC366CE9B9ABE476ADCEF77B93724F812C0732D8EC47AEDAEA898F11A290 ]

C:\WINDOWS\system32\adsldpc.dll
01:33:38.0484 0x0cf4 C:\WINDOWS\system32\adsldpc.dll - ok
01:33:38.0484 0x0cf4 [ 157A7865B4C7F99D55A29034184CD413,

2046B70C98D471670349B8E3198836E2C80A67A38A98DDA2716794BFC641E8E7 ]

C:\WINDOWS\system32\rasapi32.dll
01:33:38.0484 0x0cf4 C:\WINDOWS\system32\rasapi32.dll - ok
01:33:38.0500 0x0cf4 [ 20652C2A3C1402FA2529225F8A8CC39A,

45872370C707CA88B5E712085B6FB6AF602AD1B0004F8BCB8F3CAAAE58154F55 ]

C:\WINDOWS\system32\rasman.dll
01:33:38.0500 0x0cf4 C:\WINDOWS\system32\rasman.dll - ok
01:33:38.0500 0x0cf4 [ B0B3FFAE6837A04848533B4BC7ACFED5,

D722C031230C98B3BC1808D335E11E1FA36E774CA6EFC93B8BCAA42F2FC143A2 ]

C:\WINDOWS\system32\tapi32.dll
01:33:38.0500 0x0cf4 C:\WINDOWS\system32\tapi32.dll - ok
01:33:38.0500 0x0cf4 [ B468367E0CBC5E7EA847567BDC81D458,

8B762387EB0C5B7CABD3F8F763B65D1A16D70FF2431EB38DCC5376C89D1CE48E ]

C:\WINDOWS\system32\riched20.dll
01:33:38.0500 0x0cf4 C:\WINDOWS\system32\riched20.dll - ok
01:33:38.0515 0x0cf4 [ 56CE97FF94B7662A300D359CD6F4D601,

D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ]

C:\WINDOWS\system32\raschap.dll
01:33:38.0515 0x0cf4 C:\WINDOWS\system32\raschap.dll - ok
01:33:38.0515 0x0cf4 [ B1AAF8F173BB05E9FF544642D12936F6,

6D3D5976A86530EFC774E75E7A1050FEDDC8F8F18FBCD820E4285E4262D0930B ]

C:\WINDOWS\system32\schedsvc.dll
01:33:38.0515 0x0cf4 C:\WINDOWS\system32\schedsvc.dll - ok
01:33:38.0515 0x0cf4 [ A020A648D9126DEB762058108946D005,

D7951FF192FC8A3076822531D9E5419C80A9D813101090346E7B596CA625621B ]

C:\WINDOWS\system32\msidle.dll
01:33:38.0515 0x0cf4 C:\WINDOWS\system32\msidle.dll - ok
01:33:38.0515 0x0cf4 [ 60784F891563FB1B767F70117FC2428F,

E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ]

C:\WINDOWS\system32\spoolsv.exe
01:33:38.0515 0x0cf4 C:\WINDOWS\system32\spoolsv.exe - ok
01:33:38.0531 0x0cf4 [ 1B66662A027EFBE4541783F0723D71D5,

2B8795B4F61D9FA3A5A7DD2FA2CA93F7DA000EB36B3ADB0243C60FD7E70DD1BE ]

C:\WINDOWS\system32\audiosrv.dll
01:33:38.0531 0x0cf4 C:\WINDOWS\system32\audiosrv.dll - ok
01:33:38.0531 0x0cf4 [ A8888A5327621856C0CEC4E385F69309,

B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ]

C:\WINDOWS\system32\wkssvc.dll
01:33:38.0531 0x0cf4 C:\WINDOWS\system32\wkssvc.dll - ok
01:33:38.0531 0x0cf4 [ 9FB5C83D05AE3EB2B691F574F61F51E3,

5A023D50C7B26B6CD72E17B1A982133E781C57436DCCEF218D32AFCEDC6C9223 ]

C:\WINDOWS\system32\drivers\nwrdr.sys
01:33:38.0531 0x0cf4 C:\WINDOWS\system32\drivers\nwrdr.sys - ok
01:33:38.0546 0x0cf4 [ A60BC1B3D9F704230BC4D6CD4AFDF309,

D9EC00345D4F65953D10F7B4A9284000115416C2B0BEEA1E3AC3FC4B235583F6 ]

C:\WINDOWS\system32\nwapi32.dll
01:33:38.0546 0x0cf4 C:\WINDOWS\system32\nwapi32.dll - ok
01:33:38.0546 0x0cf4 [ BA53B9653D079E32BC8E8737117B5BFC,

2C5784AEA591CFBA392057D90D1460801BCD44EE42A46918ED46EA6DC25A617E ]

C:\WINDOWS\system32\nwwks.dll
01:33:38.0546 0x0cf4 C:\WINDOWS\system32\nwwks.dll - ok
01:33:38.0546 0x0cf4 [ DC60415365C36FABEC85F02510D33A5C,

195B16E98B007F3B7186B413BC3304FECBDB628FE24E36ED612C267D5630B49E ]

C:\WINDOWS\system32\drivers\mrxdav.sys
01:33:38.0546 0x0cf4 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
01:33:38.0546 0x0cf4 [ F98737AD88563DD7A5CEB01A6F14C273,

2D62B880C0A326B993BD76B76DC130E2FDF9CA2F4FC53D159F09C2DE623E7EC8 ]

C:\WINDOWS\system32\webclnt.dll
01:33:38.0546 0x0cf4 C:\WINDOWS\system32\webclnt.dll - ok
01:33:38.0562 0x0cf4 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0,

899905C0EB182ABCDAE0D0D749C0BC39CD231B9FAEE733D5DFDAE86EB8BC755B ]

C:\WINDOWS\system32\drivers\nwlnkspx.sys
01:33:38.0562 0x0cf4 C:\WINDOWS\system32\drivers\nwlnkspx.sys - ok
01:33:38.0562 0x0cf4 [ A7E06854EA2A20AEE8EC32BD8C754298,

C23ACA5939C29C59B0BD6DF247650F0B640E675A759D6C6484D9710BC923515A ]

C:\WINDOWS\system32\mpnotify.exe
01:33:38.0562 0x0cf4 C:\WINDOWS\system32\mpnotify.exe - ok
01:33:38.0562 0x0cf4 [ B5AD83B72553ACDADEBEB36FBF565D99,

1C8C9E6F5CBF402CD22041C833E5F017C4FEAEF655BC1A60A8E6D056EE12A3D3 ]

C:\Program Files\Citrix\ICA Client\pnsson.dll
01:33:38.0562 0x0cf4 C:\Program Files\Citrix\ICA Client\pnsson.dll - ok
01:33:38.0578 0x0cf4 [ C9564CF4976E7E96B4052737AA2492B4,

C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ]

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_

44262b86\msvcr80.dll
01:33:38.0578 0x0cf4

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_

44262b86\msvcr80.dll - ok
01:33:38.0578 0x0cf4 [ 8C22083ED515DC94D575438662F0BE6A,

67DC2A393AE31764C090BE2AEFAD3E20220538152157BAEBF366112166FEAB23 ]

C:\WINDOWS\system32\msi.dll
01:33:38.0578 0x0cf4 C:\WINDOWS\system32\msi.dll - ok
01:33:38.0578 0x0cf4 [ C0BDE89D912B78445D60E20683257D76,

B554B180C9EAB7D23703DF8DB0BC84BEE8B5973C35A63992D6DF5FCC47374A59 ]

C:\Program Files\Citrix\ICA Client\ssoncom.exe
01:33:38.0578 0x0cf4 C:\Program Files\Citrix\ICA Client\ssoncom.exe - ok
01:33:38.0593 0x0cf4 [ 71F3012E3EAAC35A3BDA88330C3962FD,

15F79666B8EA0220DAF7060FD665062CC4E74791E7041EF0A0E702AFC8F914B3 ]

C:\Program Files\Citrix\ICA Client\ssonstub.dll
01:33:38.0593 0x0cf4 C:\Program Files\Citrix\ICA Client\ssonstub.dll - ok
01:33:38.0593 0x0cf4 [ 2215EF9C72AC77E378AE7A5DA29C4630,

1B02DE9C332580F228CD3111B6CB795675FD194EFD70EBEA122D781029B8D264 ]

C:\Program Files\Citrix\ICA Client\ssonsvr.exe
01:33:38.0593 0x0cf4 C:\Program Files\Citrix\ICA Client\ssonsvr.exe - ok
01:33:38.0593 0x0cf4 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC,

372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ]

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_

44262b86\msvcp80.dll
01:33:38.0593 0x0cf4

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_

44262b86\msvcp80.dll - ok
01:33:38.0593 0x0cf4 [ D274FC44B899AE5D103373CD6E5FA3FC,

12372A68B3BD8435E1230023C22872B771531A85573BE561548541669F27F1E0 ]

C:\WINDOWS\system32\cscui.dll
01:33:38.0593 0x0cf4 C:\WINDOWS\system32\cscui.dll - ok
01:33:38.0609 0x0cf4 [ C57B297C446A41FC2C7732F483382553,

99B803C9ECFB4BE963D89B148C9073A8A62B4C5012022A22AB0B876E2C993B01 ]

C:\WINDOWS\system32\netdde.exe
01:33:38.0609 0x0cf4 C:\WINDOWS\system32\netdde.exe - ok
01:33:38.0609 0x0cf4 [ D7E95933BACE768AFFA0FB8577888AE9,

D4CBE5FCD5ECD82014F1EDE0D0A250C10E901BECE2BAAD06F558B911AFEB52CC ]

C:\WINDOWS\system32\nddenb32.dll
01:33:38.0609 0x0cf4 C:\WINDOWS\system32\nddenb32.dll - ok
01:33:38.0609 0x0cf4 [ FA18078DA0F79D1B32D1646431A79171,

91E68CDEE63263712BB9C777FA2BE4509D3F17CA9FD0EEDFB060F286E3EC4A04 ]

C:\WINDOWS\system32\powrprof.dll
01:33:38.0609 0x0cf4 C:\WINDOWS\system32\powrprof.dll - ok
01:33:38.0625 0x0cf4 [ ED873EF1A0C4DC95F879C8A61781C2B5,

408576F9107F753D0A3791BDB9BCA1F1C779ADF2234C17456D3B297713A53422 ]

C:\WINDOWS\system32\dpcdll.dll
01:33:38.0625 0x0cf4 C:\WINDOWS\system32\dpcdll.dll - ok
01:33:38.0625 0x0cf4 [ B85B8A3E8D4B15EAFEB7592333716B96,

E4B5C18B67BAD81F5BAFD53145E01B295431228B52073171C454E345EAFF8567 ]

C:\WINDOWS\system32\wdmaud.drv
01:33:38.0625 0x0cf4 C:\WINDOWS\system32\wdmaud.drv - ok
01:33:38.0625 0x0cf4 [ 76E4B15C066144E711464F72D7B27AF3,

3D91304EBEDEE3788C647697D1082CE7DB5C91F12A7ED46B568BD7BC224A1398 ]

C:\WINDOWS\system32\drivers\wdmaud.sys
01:33:38.0625 0x0cf4 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
01:33:38.0640 0x0cf4 [ 1E993BDA05D911D49FF5531EA6D1B8CD,

8ABAED03EF72C186A40EA54F10F9A8C592F7FA820D26DE2E8F0F4538785E8D8B ]

C:\WINDOWS\system32\drivers\sysaudio.sys
01:33:38.0640 0x0cf4 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
01:33:38.0640 0x0cf4 [ 56D1314C6B52622B7B33F4B5941C07BC,

4F0A9F9A27926597E75B3A08CCB6B27DA5E99C62C47A300D111595FCC4236CE6 ]

C:\WINDOWS\system32\drivers\splitter.sys
01:33:38.0640 0x0cf4 C:\WINDOWS\system32\drivers\splitter.sys - ok
01:33:38.0640 0x0cf4 [ 8BED39E3C35D6A489438B8141717A557,

1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ]

C:\WINDOWS\system32\drivers\aec.sys
01:33:38.0640 0x0cf4 C:\WINDOWS\system32\drivers\aec.sys - ok
01:33:38.0640 0x0cf4 [ E7FA45622EA5F16C9BC7379591262B25,

7266981BD2828F0A79A2DA204ECB75CECDCCFC6EFBDA6F1F51CD6D71909463FA ]

C:\WINDOWS\system32\userinit.exe
01:33:38.0640 0x0cf4 C:\WINDOWS\system32\userinit.exe - ok
01:33:38.0656 0x0cf4 [ B1296D52B0D2096EC4759EEEB806D759,

4F291E1513D5E79BD3EE54E644138468778A80D6C49DF01EA93E291897E433B5 ]

C:\WINDOWS\system32\WgaTray.exe
01:33:38.0656 0x0cf4 C:\WINDOWS\system32\WgaTray.exe - ok
01:33:38.0656 0x0cf4 [ FE2571A8C9FFAB1D45502D6B0BF472AA,

1442FC0180B555BC4F9B97B9A0D7674F75E67A6F61B87A6D690A20AE7D1EF360 ]

C:\WINDOWS\system32\xp_eos.exe
01:33:38.0656 0x0cf4 C:\WINDOWS\system32\xp_eos.exe - ok
01:33:38.0656 0x0cf4 [ 08F31922388CB31D32841690ACA1379A,

3D848BE892BF193DC8BC3BAA00E8E8BDCF16D151DA318ADE1DED580662CE1F08 ]

C:\WINDOWS\system32\drivers\DMusic.sys
01:33:38.0656 0x0cf4 C:\WINDOWS\system32\drivers\DMusic.sys - ok
01:33:38.0671 0x0cf4 [ D0DCD940E9301ADD51DF993313F3115B,

4B2A33658B4873961B6899B8A8B012A6D10354B323624D0CF01F144E6FBE8AB5 ]

C:\WINDOWS\system32\drivers\swmidi.sys
01:33:38.0671 0x0cf4 C:\WINDOWS\system32\drivers\swmidi.sys - ok
01:33:38.0671 0x0cf4 [ 17566366EC1A5E48B9BA024DB7869B3D,

186C118FDCB156B1075BA6A28F3430E6AD19A123B17A0721F2E2210E92FBE6AF ]

C:\WINDOWS\system32\drivers\kmixer.sys
01:33:38.0671 0x0cf4 C:\WINDOWS\system32\drivers\kmixer.sys - ok
01:33:38.0671 0x0cf4 [ 780426DAD0CEB30124A61A85D71E77D3,

4F5B861940E32AA1BE4BFA91432576640858CEC12FF9C98E863EEC20D8F81DFD ]

C:\WINDOWS\system32\drivers\drmkaud.sys
01:33:38.0671 0x0cf4 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
01:33:38.0671 0x0cf4 [ 50B427A34DA2E13C9CF947A33197CBB3,

09931D1E68B5FF2A20DD015ABF0523AD149747D5E8C74F2D25599BBE834D4A0D ]

C:\WINDOWS\system32\mstask.dll
01:33:38.0671 0x0cf4 C:\WINDOWS\system32\mstask.dll - ok
01:33:38.0687 0x0cf4 [ CB7C9E2BA846DA0AFABD19DE6B6F2006,

78E76BD22036F7EBE960534C2A20FC57E245D3C051A6EF334DD1619C7F0FAF07 ]

C:\WINDOWS\explorer.exe
01:33:38.0687 0x0cf4 C:\WINDOWS\explorer.exe - ok
01:33:38.0687 0x0cf4 [ 9A3BD5F55AADFF859539142F6328A66E,

B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ]

C:\WINDOWS\system32\msacm32.drv
01:33:38.0687 0x0cf4 C:\WINDOWS\system32\msacm32.drv - ok
01:33:38.0687 0x0cf4 [ 77FFE8395568F5D1B73972A2C4EC4693,

26ADE4574C914EDF383030ED396EBD191E394144C6F6F366975A4EF03B2BB52E ]

C:\WINDOWS\system32\midimap.dll
01:33:38.0687 0x0cf4 C:\WINDOWS\system32\midimap.dll - ok
01:33:38.0703 0x0cf4 [ 1A044AAD6460265849FFFB95F3C4C690,

39A4B65A05253B045752D428C7F0A056F58D438EC6D8952F1F2AD691C1D435F6 ]

C:\WINDOWS\system32\browseui.dll
01:33:38.0703 0x0cf4 C:\WINDOWS\system32\browseui.dll - ok
01:33:38.0703 0x0cf4 [ FA5BAFC42914E1C50633704C1F14B2FA,

0BCD41D57187210D0EE916829FBDBF68EDEA1CC4949AE4B567ABCF3BD43B3EF8 ]

C:\WINDOWS\system32\shdocvw.dll
01:33:38.0703 0x0cf4 C:\WINDOWS\system32\shdocvw.dll - ok
01:33:38.0703 0x0cf4 [ 3307A07B81206F354F0D4BEFEE922437,

4BB29D65667AE99C923147F0F507CF8E680A5C230AAA6DFC88EC79F7D4408955 ]

C:\WINDOWS\system32\LegitCheckControl.DLL
01:33:38.0703 0x0cf4 C:\WINDOWS\system32\LegitCheckControl.DLL - ok
01:33:38.0703 0x0cf4 [ CF62156FF10FBF7B1675064908AE55CF,

1E8D2D423D52AEED554634844BCCDCA8883860C1C9E29CB30C2623BD9759F98C ]

C:\WINDOWS\system32\wbem\wbemcomn.dll
01:33:38.0703 0x0cf4 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
01:33:38.0718 0x0cf4 [ 1FB0CD53ACC76A083C92F83C3D0A5895,

B936FE34C6ED8D84C4E740708C237B765AD3983A4E8FA60E526E27A967A4B302 ]

C:\WINDOWS\system32\wbem\wbemprox.dll
01:33:38.0718 0x0cf4 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
01:33:38.0718 0x0cf4 [ 30F88258703D26127258F4B23B150D41,

61DA544E19701705B2B9D20BD4CB9C54A2D0648E968F8CE9BFC2EBCEE304A900 ]

C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
01:33:38.0718 0x0cf4 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
01:33:38.0718 0x0cf4 [ CDBE9690CF2B8409FACAD94FAC9479C9,

8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ]

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

31a54e43\msvcr90.dll
01:33:38.0718 0x0cf4

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

31a54e43\msvcr90.dll - ok
01:33:38.0718 0x0cf4 [ 58A14C45A5CD2528F10A889E7B0C3FC2,

81521B27F6DE4F2451C5441DFA93781B6687EE8F9AE62A8FE76D61DE7965E6EF ]

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

92453bb7\atl90.dll
01:33:38.0718 0x0cf4

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

92453bb7\atl90.dll - ok
01:33:38.0734 0x0cf4 [ 4C39358EBDD2FFCD9132A30E1EC31E16,

06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ]

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

31a54e43\msvcp90.dll
01:33:38.0734 0x0cf4

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

31a54e43\msvcp90.dll - ok
01:33:38.0734 0x0cf4 [ 883D87AA9D3C15C3D57B11BABC180B4E,

D1AAC11A9D4145F9DB01386D1B5D048CF052171FFF52AF083288677974F31A0F ]

C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
01:33:38.0734 0x0cf4

C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
01:33:38.0734 0x0cf4 [ 676CCC08D9E9A3F4CA39CB04E97048DF,

AD7361AB05A6169705C57C36AAF015130124737720B13BA6102102299B49D629 ]

C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
01:33:38.0734 0x0cf4 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll -

ok
01:33:38.0750 0x0cf4 [ FAB2565C4959E92E8EED8BD1104C7A1B,

D6F71E48498845877074F14E4551A76CB8E43D2A6CA55EA4CDBACE513F354827 ]

C:\WINDOWS\system32\desk.cpl
01:33:38.0750 0x0cf4 C:\WINDOWS\system32\desk.cpl - ok
01:33:38.0750 0x0cf4 [ EE9710428FFB95FD3845D41E7148AC31,

5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ]

C:\WINDOWS\system32\themeui.dll
01:33:38.0750 0x0cf4 C:\WINDOWS\system32\themeui.dll - ok
01:33:38.0750 0x0cf4 [ 4DCEE7F44B494D6AD8D917074F637FBF,

0EBFB78DC8186C996EF3603CAC6C709359756A1F7EF73E2623381D9F9E486C26 ]

C:\WINDOWS\system32\actxprxy.dll
01:33:38.0765 0x0cf4 C:\WINDOWS\system32\actxprxy.dll - ok
01:33:38.0765 0x0cf4 [ A439D729A44E7C04399A905E37C05CB7,

AD4A2D746A16BD498DAB6B72B986A441A890F2B81ABC0AD649D8157138155637 ]

C:\WINDOWS\system32\urlmon.dll
01:33:38.0765 0x0cf4 C:\WINDOWS\system32\urlmon.dll - ok
01:33:38.0781 0x0cf4 [ 4E3C58B30D49DE501485E444797F4816,

93D314AA8C67AB46342D8FA1ADF65B84131EC76DCF1061B536F6E5E63B74F75D ]

C:\WINDOWS\system32\cmd.exe
01:33:38.0781 0x0cf4 C:\WINDOWS\system32\cmd.exe - ok
01:33:38.0781 0x0cf4 [ 965171D089D48415EA5B607E049ABA68,

73E29B6902F3F37A1D2D6A8DC153352D8048D38F38A54A39E4864CD3D1E7776E ]

C:\WINDOWS\system32\ieframe.dll
01:33:38.0781 0x0cf4 C:\WINDOWS\system32\ieframe.dll - ok
01:33:38.0781 0x0cf4 [ 70E98B3FD8E963A6A46A2E6247E0BEA1,

6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ]

C:\WINDOWS\system32\drivers\parvdm.sys
01:33:38.0781 0x0cf4 C:\WINDOWS\system32\drivers\parvdm.sys - ok
01:33:38.0796 0x0cf4 [ D39C4A6ACB529BE4FFA5E49EECCBBC5B,

7603395B6CD312A5F87E796BD4B1C629430CDCF9ADE6F1C683F179E36A1A37A0 ]

C:\WINDOWS\system32\drivers\serial.sys
01:33:38.0796 0x0cf4 C:\WINDOWS\system32\drivers\serial.sys - ok
01:33:38.0796 0x0cf4 [ A437A28E5B21807583F2CE2AC5F76192,

574FD8B9C79E003D76F00AB1CD3E0ED38EAE94ED1B9BFB65AC07CA47409BEAEC ]

C:\WINDOWS\system32\alrsvc.dll
01:33:38.0796 0x0cf4 C:\WINDOWS\system32\alrsvc.dll - ok
01:33:38.0796 0x0cf4 [ D9FF0A70A51FB61F5ABD0CEA62749E03,

B58EC65F60F37D20CD727DE814A510EC90F5B67E8430F79E0D7D8C9C58DA74E3 ]

C:\WINDOWS\system32\qmgr.dll
01:33:38.0796 0x0cf4 C:\WINDOWS\system32\qmgr.dll - ok
01:33:38.0796 0x0cf4 [ 764609692A63D7EA9B7051B923900301,

6B043466B065BB2DED97B06F0071D86DA044EB4D9FEE4DC08A7D6D12BA28A15E ]

C:\WINDOWS\system32\clipsrv.exe
01:33:38.0796 0x0cf4 C:\WINDOWS\system32\clipsrv.exe - ok
01:33:38.0812 0x0cf4 [ 55194E8FB4E44D23202372C3C7B7D72B,

52FA2BD92CCBA9371F165DAAB51D8200ED9CBD7425C0B01E5A8E7150287E0134 ]

C:\WINDOWS\system32\shfolder.dll
01:33:38.0812 0x0cf4 C:\WINDOWS\system32\shfolder.dll - ok
01:33:38.0812 0x0cf4 [ 684559A03CBC1D05BA120A18B0D8BA5D,

7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ]

C:\WINDOWS\system32\winhttp.dll
01:33:38.0812 0x0cf4 C:\WINDOWS\system32\winhttp.dll - ok
01:33:38.0812 0x0cf4 [ A6F2589CD87CB2C53CA8B7F2BDC855DF,

4C3B247FFBB57F8F0AAC65EA1AB5B20DD5424868823D00CAD0A44A31872A59C1 ]

C:\WINDOWS\system32\netman.dll
01:33:38.0812 0x0cf4 C:\WINDOWS\system32\netman.dll - ok
01:33:38.0828 0x0cf4 [ AFE5D105FC25EB99528BF810F9026C75,

6F2FDBB3F6C5A0B83F7442D5C2B570E591DACCEF836FBA9E69283EE0DB273BBC ]

C:\WINDOWS\system32\netshell.dll
01:33:38.0828 0x0cf4 C:\WINDOWS\system32\netshell.dll - ok
01:33:38.0828 0x0cf4 [ 98B4D196C1E42219F8A65B1AEE612E45,

C67067DF7F5B29BA18015703D0F71F58EFEBE602034B7A499C2B793CC661B0ED ]

C:\WINDOWS\system32\credui.dll
01:33:38.0828 0x0cf4 C:\WINDOWS\system32\credui.dll - ok
01:33:38.0828 0x0cf4 [ 709C600D917BE54798084AE0A8759814,

F39B6A9D628FC7D5E2C4FA0EC3DEB44A49F3AEEA5394317306E441C4E1894760 ]

C:\WINDOWS\system32\dot3dlg.dll
01:33:38.0828 0x0cf4 C:\WINDOWS\system32\dot3dlg.dll - ok
01:33:38.0828 0x0cf4 [ FE712E0DFA25AA5E905195408C453705,

75FC8A3F9ABF0F2F6833EBAF1A0617017B58EEF68100B2548FDB99D2D828E28D ]

C:\WINDOWS\system32\eappcfg.dll
01:33:38.0828 0x0cf4 C:\WINDOWS\system32\eappcfg.dll - ok
01:33:38.0843 0x0cf4 [ E04D374CBE1693A2193953D7952E63CE,

CD5A81418A10435C7F30D26924B406F115D9272E48F20A55550E00F29CC81B5D ]

C:\WINDOWS\system32\onex.dll
01:33:38.0843 0x0cf4 C:\WINDOWS\system32\onex.dll - ok
01:33:38.0843 0x0cf4 [ 3D88DC443F22A52A791FD30E269F896F,

235010BDE4ECBD4855A95EB15E8A85248692814553CD3CB83C7CF654C4E41C73 ]

C:\WINDOWS\system32\eappprxy.dll
01:33:38.0843 0x0cf4 C:\WINDOWS\system32\eappprxy.dll - ok
01:33:38.0843 0x0cf4 [ D141974D6F4752478C3BEB94559F4955,

E8C903BF5FD414757E09B8B9252E9C0428BF093F190E6C712689C4D9A4344EDF ]

C:\WINDOWS\system32\wzcsapi.dll
01:33:38.0843 0x0cf4 C:\WINDOWS\system32\wzcsapi.dll - ok
01:33:38.0859 0x0cf4 [ 2CCE68E6EA824A6DDA99E020370F9A78,

EEDF3FF1BA5360E6FFCF37E2A3F009C97039EC8F28E0B310397FACBDCB750C33 ]

C:\WINDOWS\system32\certcli.dll
01:33:38.0859 0x0cf4 C:\WINDOWS\system32\certcli.dll - ok
01:33:38.0859 0x0cf4 [ F81F67B1ACA9B7473F3DF67B24A66D61,

40C04EE9E460D1B0B36ACB818CFB18F405788A1E01C88D880BB6588D8593AF2A ]

C:\WINDOWS\system32\cryptsvc.dll
01:33:38.0859 0x0cf4 C:\WINDOWS\system32\cryptsvc.dll - ok
01:33:38.0859 0x0cf4 [ 4CFF9FF7E1A6414B23D001100EEA5FF7,

8BE62E94687B39DA7FA7AD63677F999687FFA6CDC62C720F510E2A05D4201DCD ]

C:\WINDOWS\system32\dmserver.dll
01:33:38.0859 0x0cf4 C:\WINDOWS\system32\dmserver.dll - ok
01:33:38.0859 0x0cf4 [ C74E4CAD632295421255781787844C58,

50DAE9EC594FE82F2E5E1BB49F77224EF87A00CCB0E0B2D34A6BAB9143F3A2D7 ]

C:\WINDOWS\system32\ersvc.dll
01:33:38.0859 0x0cf4 C:\WINDOWS\system32\ersvc.dll - ok
01:33:38.0875 0x0cf4 [ D4991D98F2DB73C60D042F1AEF79EFAE,

58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ]

C:\WINDOWS\system32\es.dll
01:33:38.0875 0x0cf4 C:\WINDOWS\system32\es.dll - ok
01:33:38.0875 0x0cf4 [ 02763B58A5FBADC5A5EDED4C4797ADAB,

F58BA7570E8AF5895795E1C03025C0801D9A3B7D8385CDE0B4E0C24A4E79F095 ]

C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
01:33:38.0875 0x0cf4 C:\WINDOWS\system32\FortiSSLVPNdaemon.exe - ok
01:33:38.0875 0x0cf4 [ 779F84028213F2014CEB7131F97FA515,

F31F8A383EFE64BEE840E07424AE26A666D0A2815CB080842DEDFB53D1CB25EA ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{1CE9F49D-309C-4D7E-A2C8-021AB0E3FD16}\{512

B5050-1315-45D4-9D90-CCE887257109}.exe
01:33:38.0875 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{1CE9F49D-309C-4D7E-A2C8-021AB0E3FD16}\{512

B5050-1315-45D4-9D90-CCE887257109}.exe - ok
01:33:38.0890 0x0cf4 [ 605CCC9CE1839BC5583017DF7CAE27A6,

F1F67830FC3531DFBDAF5315F59422438AB9F243D89491AC75D1818E7ED98B5D ]

C:\Program Files\Google\Update\GoogleUpdate.exe
01:33:38.0890 0x0cf4 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
01:33:38.0890 0x0cf4 [ 0E3D30F8CDD82E7E64938459CA90D9F0,

8F84A3D4ED0FCEBD38A952A9ED865D24B1814714DAD3584E89D85D94F5F316D6 ]

C:\PROGRA~1\WINDOW~2\wmpband.dll
01:33:38.0890 0x0cf4 C:\PROGRA~1\WINDOW~2\wmpband.dll - ok
01:33:38.0890 0x0cf4 [ 0C783C8127AFC2F7DAE6A443ECEEA80E,

84BBC8494750395EA5F515616849E78F7CE47A67B5906EE5828CCBD61B8FF0AA ]

C:\WINDOWS\system32\msutb.dll
01:33:38.0890 0x0cf4 C:\WINDOWS\system32\msutb.dll - ok
01:33:38.0890 0x0cf4 [ 463A426DA94FC2418A713CEEBB799E22,

EAF6EDE3CC4EFB047CEDAD32A9B3C2A138AD872991E3BEE4F66DD8FBE08133B2 ]

C:\Program Files\Google\Update\1.3.33.17\goopdate.dll
01:33:38.0890 0x0cf4 C:\Program Files\Google\Update\1.3.33.17\goopdate.dll - ok
01:33:38.0906 0x0cf4 [ B604FE4E8C01FDF4DFABD10F59CC72FA,

9F4F8F3C12E007027C08D8D35CCA140E86268EA12007A018CBDD53951359BEA5 ]

C:\WINDOWS\system32\MSCTF.dll
01:33:38.0906 0x0cf4 C:\WINDOWS\system32\MSCTF.dll - ok
01:33:38.0906 0x0cf4 [ 6CF0030E5351075A8B69501A8FDA6ABF,

77265788588D34F156C2A922CB1FC2A258D054FF4D6281A5E486F46E2D98CC8A ]

C:\WINDOWS\system32\linkinfo.dll
01:33:38.0906 0x0cf4 C:\WINDOWS\system32\linkinfo.dll - ok
01:33:38.0906 0x0cf4 [ 1358ED8ED84017786B196CEF142731E7,

358DAC0AA46B7E2D33C066606C3D641D05320A1586A660085E98F5C64E8C19FC ]

C:\WINDOWS\system32\ntshrui.dll
01:33:38.0906 0x0cf4 C:\WINDOWS\system32\ntshrui.dll - ok
01:33:38.0921 0x0cf4 [ 712246FF455EEE9D17CA623B2A332C2D,

AC4E7901245C3CEA4FFEB429BAD88BF76A3B799044635E0E1B7B09F3D93E7F2A ]

C:\WINDOWS\system32\verclsid.exe
01:33:38.0921 0x0cf4 C:\WINDOWS\system32\verclsid.exe - ok
01:33:38.0921 0x0cf4 [ 81A1A3A6969BDC5D4FC56C7A3D68F2FF,

F0E255BA9E486F18BC8958A788EED9A8C42338BDE6DEB2864AC494DE12AEF694 ]

C:\WINDOWS\system32\dbghelp.dll
01:33:38.0921 0x0cf4 C:\WINDOWS\system32\dbghelp.dll - ok
01:33:38.0921 0x0cf4 [ 9C3B2302B60FB0EFB13BC880A5E3E93E,

16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ]

C:\WINDOWS\system32\HDAShCut.exe
01:33:38.0921 0x0cf4 C:\WINDOWS\system32\HDAShCut.exe - ok
01:33:38.0921 0x0cf4 [ 0D034E8C4F88C5B2B0C1AF3CF438CC4F,

F44F9A6BBA0AE6D350F98CDBF2D5B09D56D9B1CF46F4CB9F50566232B32F8BAE ]

C:\WINDOWS\SoundMan.exe
01:33:38.0921 0x0cf4 C:\WINDOWS\SoundMan.exe - ok
01:33:38.0937 0x0cf4 [ ED7FB962F5EA840C27DF60AE4346A913,

60FE7FD0D5736011BCCAE74E41C5DF05F993600E140058295EB413512001825E ] C:\Program

Files\Citrix\ICA Client\redirector.exe
01:33:38.0937 0x0cf4 C:\Program Files\Citrix\ICA Client\redirector.exe - ok
01:33:38.0937 0x0cf4 [ EAB725D225382A73F1435EF7347CD3FB,

2EF49398BFE78673078AB7F1583DB8C8C3C863396484594B3CCFEAC84629432A ]

C:\WINDOWS\system32\HdAudRes.dll
01:33:38.0937 0x0cf4 C:\WINDOWS\system32\HdAudRes.dll - ok
01:33:38.0937 0x0cf4 [ 4B10675852FE8862521024778E264D5F,

5520A4D16517708807A01954DF977A790DDD1715B0CF90D48DCE490C5AF60455 ]

C:\WINDOWS\system32\igfxpers.exe
01:33:38.0937 0x0cf4 C:\WINDOWS\system32\igfxpers.exe - ok
01:33:38.0953 0x0cf4 [ 42344DDF30337979216EA6AFA58BB42A,

565EB63BE814F959BB0E547218C963B5ECA455A394455D411BD1889A66B31E54 ]

C:\WINDOWS\system32\hkcmd.exe
01:33:38.0953 0x0cf4 C:\WINDOWS\system32\hkcmd.exe - ok
01:33:38.0953 0x0cf4 [ 79B5A7857A31648F946AB82E73C1EA5E,

5BD262AC84B6774BBBC13882CBDB2AC772C8BB1F85E4652D39837E57B29D9194 ]

C:\WINDOWS\system32\hid.dll
01:33:38.0953 0x0cf4 C:\WINDOWS\system32\hid.dll - ok
01:33:38.0953 0x0cf4 [ BF0EE37A14144C88A9F6FDA7B44981BB,

91648E51C6DB3E61B3DFE196C878B33ED493C57218D3BB0374108DDC06990041 ]

C:\Program Files\Epson Software\Event Manager\EEventManager.exe
01:33:38.0953 0x0cf4 C:\Program Files\Epson Software\Event

Manager\EEventManager.exe - ok
01:33:38.0953 0x0cf4 [ F5CADBA8DC2E27D8C6E76E1C5E11B72E,

96368E528F6803EB530A67EC6558B40D1E19728181C70EAD78AC96BF14B3E27A ]

C:\WINDOWS\system32\browselc.dll
01:33:38.0953 0x0cf4 C:\WINDOWS\system32\browselc.dll - ok
01:33:38.0968 0x0cf4 [ 3EA40C03BB20A68F5F49798296112EF9,

7371AD8474007F4589BF08EA73BBDA0433EFA766D8358DDA25745D00415D31EC ]

C:\WINDOWS\system32\hccutils.dll
01:33:38.0968 0x0cf4 C:\WINDOWS\system32\hccutils.dll - ok
01:33:38.0968 0x0cf4 [ 87F20C71E9A429F7E5D1ABE486025F0E,

838873292CA958B2C05CA85ED228538CF46B21CCD83D241458A562BF1F445EFE ]

C:\Program Files\Citrix\ICA Client\CCMSDK.dll
01:33:38.0968 0x0cf4 C:\Program Files\Citrix\ICA Client\CCMSDK.dll - ok
01:33:38.0968 0x0cf4 [ 2C045AAE1F27DED48CECACBB613DB946,

45A184E4639EC51A1038CF639598865CBF1CD5ED492A955229D2EB924088FDB9 ]

C:\WINDOWS\system32\mlang.dll
01:33:38.0968 0x0cf4 C:\WINDOWS\system32\mlang.dll - ok
01:33:38.0968 0x0cf4 [ 9000FA63CFEAFDFD1D39655F8F111903,

866DEB075CDEFD40EA679DAADC97C07891D40392D6B6B34ACDAEF6CE68ED06A7 ]

C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
01:33:38.0968 0x0cf4 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
01:33:38.0984 0x0cf4 [ 56296857059FA06E084AF9D0B1A9325D,

FD0629A486987126E0E47EBD936DECD1D4F50233E4636330875ABE73F6EF6C22 ]

C:\WINDOWS\system32\hidserv.dll
01:33:38.0984 0x0cf4 C:\WINDOWS\system32\hidserv.dll - ok
01:33:38.0984 0x0cf4 [ 0C422D003BB2EF1C98B4733C295B4F04,

DA1F484454D4EC80809AC301ED96683817D3AE4A6C26539B746582FD56C0B268 ]

C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe
01:33:38.0984 0x0cf4 C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe - ok
01:33:38.0984 0x0cf4 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527,

0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ]

C:\WINDOWS\system32\srvsvc.dll
01:33:38.0984 0x0cf4 C:\WINDOWS\system32\srvsvc.dll - ok

01:33:39.0000 0x0cf4 [ 476A0876C16D2CC3F5A46697CF37BEE7,

6860C50217C2E6A938915BC74D64B58A429A0C93410530B899F7F78014A9B714 ]

C:\WINDOWS\system32\igfxsrvc.exe
01:33:39.0000 0x0cf4 C:\WINDOWS\system32\igfxsrvc.exe - ok
01:33:39.0000 0x0cf4 [ 20FD44370267CCD0A64A1B31861C21D2,

D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ]

C:\WINDOWS\system32\netmsg.dll
01:33:39.0000 0x0cf4 C:\WINDOWS\system32\netmsg.dll - ok
01:33:39.0000 0x0cf4 [ F0AD6FB996D4BE1E364934FA7A6BD094,

B747580F2D3211B3350368B59B418D8737F009A6D4D066897F60B670A0C33F4F ] C:\Program

Files\Citrix\ICA Client\concentr.exe
01:33:39.0000 0x0cf4 C:\Program Files\Citrix\ICA Client\concentr.exe - ok
01:33:39.0000 0x0cf4 [ 47DDFC2F003F7F9F0592C6874962A2E7,

17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ]

C:\WINDOWS\system32\drivers\srv.sys
01:33:39.0000 0x0cf4 C:\WINDOWS\system32\drivers\srv.sys - ok
01:33:39.0015 0x0cf4 [ 187F4C75A89E3F412322C94526320074,

D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ]

C:\Program Files\Microsoft Office\Office14\BCSSync.exe
01:33:39.0015 0x0cf4 C:\Program Files\Microsoft Office\Office14\BCSSync.exe - ok
01:33:39.0015 0x0cf4 [ 2031DCC0083A134AF9451CD1402FFCE3,

4E2646A5607C543648F9324A5B59FB389E683F6B652004A736B8FFAC7E0112CD ]

C:\Program Files\Epson Software\Event Manager\LcMgr.dll
01:33:39.0015 0x0cf4 C:\Program Files\Epson Software\Event Manager\LcMgr.dll - ok
01:33:39.0015 0x0cf4 [ EC05E964058693D1F71D1B5506B5CF09,

B1E126AA040800FEC99CAE2C675A225183D50A6F3D24262051A5FB5D96E61012 ]

C:\WINDOWS\alcwzrd.exe
01:33:39.0015 0x0cf4 C:\WINDOWS\alcwzrd.exe - ok
01:33:39.0031 0x0cf4 [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ]

C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
01:33:39.0031 0x0cf4 C:\Program Files\Common

Files\McAfee\Platform\McSvcHost\McSvHost.exe - ok
01:33:39.0031 0x0cf4 [ 08A73B0E7EE6E32983B5F9E540A8E380,

D9FC89B19C9131C2246D82942D5E6A09F20CB488C26EF007695F1CABB53C8F91 ]

C:\WINDOWS\system32\mscoree.dll
01:33:39.0031 0x0cf4 C:\WINDOWS\system32\mscoree.dll - ok
01:33:39.0031 0x0cf4 [ 8B4CBBA1EA526830C7F97E7822E2493A,

1DFD05B1C0050DB44F5B4293E5574BFC292AF804A63FC0A70131BB498C326977 ]

C:\WINDOWS\Alcmtr.exe
01:33:39.0031 0x0cf4 C:\WINDOWS\Alcmtr.exe - ok
01:33:39.0031 0x0cf4 [ FE8DBB071F3868C95A4F88025E188805,

97F349ED243068DC433E5CB4F5F3901388C7B226CB8518ECA79763336CDB2430 ]

C:\WINDOWS\system32\sti.dll
01:33:39.0031 0x0cf4 C:\WINDOWS\system32\sti.dll - ok
01:33:39.0046 0x0cf4 [ DBC8C303281D0D6D5421DB7EE2B200A1,

1B5B8AA57BF3F42370108280805E3BF17FF701552306F8DAB2D667FC8FA225E6 ] C:\Program

Files\Citrix\ICA Client\ctxmui.dll
01:33:39.0046 0x0cf4 C:\Program Files\Citrix\ICA Client\ctxmui.dll - ok
01:33:39.0046 0x0cf4 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4,

D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
01:33:39.0046 0x0cf4 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe -

ok
01:33:39.0046 0x0cf4 [ 900A3701405475E7651E6DCB4A0611DC,

3525764E6B1EE7987FD7512DE807AC3C52B7212FA408A92C3EF1C589B851BD14 ]

C:\WINDOWS\system32\dsound.dll
01:33:39.0046 0x0cf4 C:\WINDOWS\system32\dsound.dll - ok
01:33:39.0062 0x0cf4 [ ABD704750AE964284E8FE9227479F451,

7EA74FB5E59013D03CC49FF23ADDA971CF9675D9EDE2A10573EC8844CD4D0CB7 ]

C:\WINDOWS\system32\cfgmgr32.dll
01:33:39.0062 0x0cf4 C:\WINDOWS\system32\cfgmgr32.dll - ok
01:33:39.0062 0x0cf4 [ 841A401331B3EC5C5662517FFFD3EA12,

73C47415988E597DD31FCF9CEDFC63ACF621DC234BEB258D9908383126E0DC4C ]

C:\WINDOWS\system32\igfxsrvc.dll
01:33:39.0062 0x0cf4 C:\WINDOWS\system32\igfxsrvc.dll - ok
01:33:39.0062 0x0cf4 [ 0D2357A8BDA4790A5294F3F919AC8AB5,

2826644888F46C5D014314B3517E6E49283FE10E5943E8FF38B6BE4605A772DC ]

C:\WINDOWS\system32\cryptnet.dll
01:33:39.0062 0x0cf4 C:\WINDOWS\system32\cryptnet.dll - ok
01:33:39.0062 0x0cf4 [ BFC2A40FE739C453F5D02B7EEF41CA28,

1A28E8A09D494FFEF35385C0F3D0E712C29F698922DCFC038E0E2B2D627E9D78 ]

C:\WINDOWS\system32\igfxdev.dll
01:33:39.0062 0x0cf4 C:\WINDOWS\system32\igfxdev.dll - ok
01:33:39.0078 0x0cf4 [ 2431617F77D591AC79FF02A978C1CAC5,

9EA0CB5B87BE21E70518248AEE2424D3C0D08083E336AEC611761A3BB239F208 ]

C:\WINDOWS\system32\sensapi.dll
01:33:39.0078 0x0cf4 C:\WINDOWS\system32\sensapi.dll - ok
01:33:39.0078 0x0cf4 [ 84E54181481B72144672AF9C044DAC7B,

BCC4A7D3853C08976FA34B57CF3F8A5BB0349ED5B5D00D270610577C3E59DEB6 ]

C:\WINDOWS\system32\igfxres.dll
01:33:39.0078 0x0cf4 C:\WINDOWS\system32\igfxres.dll - ok
01:33:39.0078 0x0cf4 [ 6C718849D436A7CCEBED72538F8BD04B,

617DEF10FB5CD04434532E2803F07489A82494F76DC177E0CE7E8C70F66729C0 ]

C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
01:33:39.0078 0x0cf4 C:\Program

Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe - ok
01:33:39.0093 0x0cf4 [ 5169B13D265645241CBC1A633E35EB07,

826D55CF429A484BC169A2AB7E9B56A61EDB6FA243FB282FDBD109BE7F062C08 ]

C:\Program Files\Epson Software\Event Manager\ScanEngine30.dll
01:33:39.0093 0x0cf4 C:\Program Files\Epson Software\Event Manager\ScanEngine30.dll

- ok
01:33:39.0093 0x0cf4 [ E2A0F8FD51D821D2F0A2B7DFD38F5709,

DCE7A6706E1DC897D4FA5C344B9B7A6C7AE68F93364546A3392DEA63A2896A1C ]

C:\Program Files\Common Files\McAfee\Platform\McSvcHost\LogCntrl.dll
01:33:39.0093 0x0cf4 C:\Program Files\Common

Files\McAfee\Platform\McSvcHost\LogCntrl.dll - ok
01:33:39.0093 0x0cf4 [ 00C608CDFC203846B20EB12E2AB41F3A,

C67279A51C4ACFDF3DBEA0D006DE8DB67DA3F5B61D3B2B7D6F0E6EAB6C180A06 ]

C:\Program Files\McAfee.com\Agent\mcagent.exe
01:33:39.0093 0x0cf4 C:\Program Files\McAfee.com\Agent\mcagent.exe - ok
01:33:39.0093 0x0cf4 [ FCA6749F902E41ED78382FC008210141,

6F2F2E34A1E5C1A62C3D9F41F6081A331254DF143BEF9C8E070B5D450EA95870 ]

C:\Program Files\Epson Software\Event Manager\ScnMgr10.dll
01:33:39.0093 0x0cf4 C:\Program Files\Epson Software\Event Manager\ScnMgr10.dll - ok
01:33:39.0109 0x0cf4 [ 4C422B4954D348099C705E8DE4792D9C,

193BDA9E658BCE479A3EC0D382BAE6015E733816EED1645D90FAE53CA84DDE31 ]

C:\WINDOWS\system32\cabinet.dll
01:33:39.0109 0x0cf4 C:\WINDOWS\system32\cabinet.dll - ok
01:33:39.0109 0x0cf4 [ 55E84058EE13F6A1B43579C3E2F1B7FC,

C09F03EA32AAED8206A81AF924049721F91B617442E076391BBBDAEC9AF984E9 ]

C:\WINDOWS\system32\msftedit.dll
01:33:39.0109 0x0cf4 C:\WINDOWS\system32\msftedit.dll - ok
01:33:39.0109 0x0cf4 [ D3B20160C457F30B26FF3907F2A0FA42,

C18E4ECB8B4CCCCFF50D590C2165F59D0AC67D20C526D80F42A1E85066488F49 ]

C:\PROGRA~1\McAfee\SITEAD~1\SaSSHMod.dll
01:33:39.0109 0x0cf4 C:\PROGRA~1\McAfee\SITEAD~1\SaSSHMod.dll - ok
01:33:39.0125 0x0cf4 [ 31D0F1020BA9B007DC347F27E680AA84,

918C5CAB62C19CAC3DFB0CD8625E64028331218803C07F415AC16D20C6050C41 ]

C:\Program Files\Citrix\ICA Client\resource\en\ctxmuiUI.dll
01:33:39.0125 0x0cf4 C:\Program Files\Citrix\ICA Client\resource\en\ctxmuiUI.dll - ok
01:33:39.0125 0x0cf4 [ A8A86A8EF957899930F77FAC85D7651C,

289E1C0D9873E9D866EA096A8010E7EB780412D17AAA36F28E263318022F776B ]

C:\Program Files\Citrix\ICA Client\resource\en\concenUI.dll
01:33:39.0125 0x0cf4 C:\Program Files\Citrix\ICA Client\resource\en\concenUI.dll - ok
01:33:39.0125 0x0cf4 [ F6D0A852AF986198BF28D2255C71A532,

0A8C2A2E59F001CCD604A13A78F34F352AEB501A1624D4DCBDC441A9F8213037 ]

C:\WINDOWS\twain_32.dll
01:33:39.0125 0x0cf4 C:\WINDOWS\twain_32.dll - ok
01:33:39.0125 0x0cf4 [ F0374DF25BE9E004E29956C85EBAA1B4,

94E164272B8C174F9D64C347145595934F178F300AB882536035ACD651E3F200 ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\mcutil.dll
01:33:39.0125 0x0cf4 C:\PROGRA~1\COMMON~1\McAfee\Platform\mcutil.dll - ok
01:33:39.0140 0x0cf4 [ 06F6DB72ADABC5E858F38EF69014CE52,

B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ]

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
01:33:39.0140 0x0cf4 C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE - ok
01:33:39.0140 0x0cf4 [ A3F00130A3177AF0A263AE640DFCFE4C,

C2577FB798DD7F84505F0F5BBAFE06754DBF69B3D8A07E795DFF2C44B6780653 ]

C:\WINDOWS\system32\ctfmon.exe
01:33:39.0140 0x0cf4 C:\WINDOWS\system32\ctfmon.exe - ok
01:33:39.0140 0x0cf4 [ 20616E7A9E9A1D231FD232FC3ACAE46D,

017D06196BFE0B1D71D4BAA5BDD716E8320C8F64882B512540DA8739B4CD0C4A ]

C:\Documents and Settings\Boss\Local Settings\Application Data\Amazon

Music\Amazon Music Helper.exe
01:33:39.0140 0x0cf4 C:\Documents and Settings\Boss\Local Settings\Application

Data\Amazon Music\Amazon Music Helper.exe - ok
01:33:39.0156 0x0cf4 [ 74557BFD04530E512DBB9C151C4DA110,

D199A72388A7770C37374BDF31D8EA88CDB576FAB62262CC8D3ECD05E70657E8 ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
01:33:39.0156 0x0cf4 C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe - ok
01:33:39.0156 0x0cf4 [ B7E6F9E557905F038D6EFD115B4FF618,

B70B3F452385E7BB845EAD97542C1C6631C7F6DA6DFB3019C477109D4F80B806 ]

C:\WINDOWS\system32\drivers\cdfs.sys
01:33:39.0156 0x0cf4 C:\WINDOWS\system32\drivers\cdfs.sys - ok
01:33:39.0156 0x0cf4 [ C6CB81DA0C5ECA52D83CBB3BCB62ADCA,

072C6B00987310838E306A07DA6C03DD5CFAA29BFA11790B81D081C1C6E70E77 ]

C:\WINDOWS\system32\webcheck.dll
01:33:39.0156 0x0cf4 C:\WINDOWS\system32\webcheck.dll - ok
01:33:39.0156 0x0cf4 [ B53E59A66CE2E2CCEB0897720B5879A8,

D68AE7535B208006B29FDFB8ABB18AD1BFC455C8F17A1F701CC3E2A0969EA5C7 ]

C:\WINDOWS\ime\SPTIP.dll
01:33:39.0156 0x0cf4 C:\WINDOWS\ime\SPTIP.dll - ok
01:33:39.0171 0x0cf4 [ F4F7C86191A981C804326E2EF6F3604F,

1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ]

C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
01:33:39.0171 0x0cf4 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
01:33:39.0171 0x0cf4 [ 317C54DCAB9EE29CD4B9F55D197A90D1,

050B753DD504324CA6F36DD825B588F8DBD586440FCDA438C49BFD11D6F176EA ]

C:\WINDOWS\system32\msisip.dll
01:33:39.0171 0x0cf4 C:\WINDOWS\system32\msisip.dll - ok
01:33:39.0171 0x0cf4 [ FCAFCF99B3FD96A004F54229A5155C46,

1D926FBB111FB4D731F61BCFCBF55C09CBBA28958877668B02FA533C25188BBE ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\mcuifw.dll
01:33:39.0171 0x0cf4 C:\PROGRA~1\COMMON~1\McAfee\Platform\mcuifw.dll - ok
01:33:39.0187 0x0cf4 [ 67FCF51A75E283BA371E881982ACFABF,

C6E531163A533BD64FEA7C68A33A6DC9875C82BAA1DA988799E26490CDA1B6C6 ]

C:\WINDOWS\system32\stobject.dll
01:33:39.0187 0x0cf4 C:\WINDOWS\system32\stobject.dll - ok
01:33:39.0187 0x0cf4 [ F7FD3E11B1FABF54D265F739D121D848,

C4D687536374D9359A6DA583ECE3DE7422CC41D3A2F2A0A767D11DC8E7C7E962 ]

C:\WINDOWS\system32\batmeter.dll
01:33:39.0187 0x0cf4 C:\WINDOWS\system32\batmeter.dll - ok
01:33:39.0187 0x0cf4 [ 20200EE3CFE10E9F0C028D8653BE11C6,

3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ]

C:\WINDOWS\system32\oleacc.dll
01:33:39.0187 0x0cf4 C:\WINDOWS\system32\oleacc.dll - ok
01:33:39.0203 0x0cf4 [ 3A6D465F379E5C815F4AD565391E654C,

EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ]

C:\WINDOWS\system32\wshext.dll
01:33:39.0203 0x0cf4 C:\WINDOWS\system32\wshext.dll - ok
01:33:39.0203 0x0cf4 [ 045E228F71C31901084B64BE59093499,

BA463D9EC2C2D266A34DBAC542CFA0403BFB03DDF3037FBD043BB691A8E493FA ]

C:\WINDOWS\system32\WPDShServiceObj.dll
01:33:39.0203 0x0cf4 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
01:33:39.0203 0x0cf4 [ 55985B314E1AB161AE54D63A732EE0EC,

8F2FD546991BAA324E515676BB07C722E9910811ACD52D99D436A133E4CDD535 ]

C:\WINDOWS\twain_32\escndv\nx130.ds
01:33:39.0203 0x0cf4 C:\WINDOWS\twain_32\escndv\nx130.ds - ok
01:33:39.0203 0x0cf4 [ 8C3885D48AC93E6C1BC33C18C47B66BB,

48320ECE80FBCBACB5B878CCC26A522A20A3A5FB24F1A024CACEE9A237477843 ]

C:\WINDOWS\twain_32\hpsj_0000\hpsj_0000.ds
01:33:39.0203 0x0cf4 C:\WINDOWS\twain_32\hpsj_0000\hpsj_0000.ds - ok
01:33:39.0218 0x0cf4 [ 4664ABADE37F75551CAB943EA6077946,

128493971AE2F0D3F4EE95B21CCC9BD9B33F7478B1936D13BC1704B3C8C42068 ]

C:\Program Files\Microsoft Office\Office14\1033\ospintl.dll
01:33:39.0218 0x0cf4 C:\Program Files\Microsoft Office\Office14\1033\ospintl.dll - ok
01:33:39.0218 0x0cf4 [ 70939CBCFD57DA39B62F925410B92D76,

864579A950F6D39F6B8509B4EA6D98BDD39C2742C7BFACB3849D1FF3883D2A3C ]

C:\Documents and Settings\Boss\Local Settings\Application

Data\Citrix\Receiver\WindowsAppRHelper_concentr.exe.dll
01:33:39.0218 0x0cf4 C:\Documents and Settings\Boss\Local Settings\Application

Data\Citrix\Receiver\WindowsAppRHelper_concentr.exe.dll - ok
01:33:39.0218 0x0cf4 [ 4D197238FDFAA5793D1B0961AAEF649A,

0BD4D2B2FAB316E2B6167CBA5029721EB5848087645EF44F2CCB09F1108383FD ] C:\Program

Files\Epson Software\Event Manager\Mfc42.dll
01:33:39.0218 0x0cf4 C:\Program Files\Epson Software\Event Manager\Mfc42.dll - ok
01:33:39.0218 0x0cf4 [ F3AD8EA144F411A6292775FA2B230DE5,

9494D77B6C1A35B9A39F4EC3AF3E1076CFABDEAF8C8F0FDF7019E9A5D41A6165 ]

C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll
01:33:39.0218 0x0cf4 C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok
01:33:39.0234 0x0cf4 [ D262634491B717793E0113F7581C4A02,

CA3FFDD1C77E9D6ECA9CDC507629844B8C0FCEC15C81760046E9957A832CB858 ]

C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
01:33:39.0234 0x0cf4 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
01:33:39.0234 0x0cf4 [ 7BED8EE6F51C75D9FC335FCB1B155910,

AC368A3C23168F893ACF35D3228202C6325050D2084EDE57D42AFB92E8208A87 ]

C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL
01:33:39.0234 0x0cf4 C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\RICHED20.DLL - ok
01:33:39.0234 0x0cf4 [ B7899C3E21B299D7A3C0DA96CAE340BD,

8F61F7F1397772444A2DAD543230397EDF26FF0C6E92ADB89A0502A2B2156A00 ]

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
01:33:39.0234 0x0cf4 C:\Program Files\Common Files\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll - ok
01:33:39.0250 0x0cf4 [ 29ECDA17BA5E6D98430F698587569ACC,

9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ]

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_

x-ww_f3f35550\GdiPlus.dll
01:33:39.0250 0x0cf4

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_

x-ww_f3f35550\GdiPlus.dll - ok
01:33:39.0250 0x0cf4 [ 944F5A8AD85A77340B0A435A1D50B271,

97936B925C8E690BC45C85C1C324A41513669C4979C74BABBFDE08511AF8471C ]

C:\WINDOWS\twain_32\wiatwain.ds
01:33:39.0250 0x0cf4 C:\WINDOWS\twain_32\wiatwain.ds - ok
01:33:39.0250 0x0cf4 [ 0CCF464CAE4C48EBF4872950BCF3779C,

4BACC49CB116CD4FE024DB8CDFF4BC3D74DE0A0BC446BB2D373ABD022D855224 ]

C:\WINDOWS\system32\wiadss.dll
01:33:39.0250 0x0cf4 C:\WINDOWS\system32\wiadss.dll - ok
01:33:39.0265 0x0cf4 [ 040563206B8B2EC9162C2CAC0DB5A239,

50EB2A4946FB7336D4DC93270DE7F1B7E5A9A55B014CFB7949A97702BD7C7D7F ]

C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
01:33:39.0265 0x0cf4 C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll -

ok
01:33:39.0281 0x0cf4 [ 99304F195EA03F36D18E0EB47F541D8A,

5EC361FE3D5AA80FB54D40046EB2A6E4597CE1E7458243AC247645295FDAE0B7 ]

C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL
01:33:39.0281 0x0cf4 C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\MSPTLS.DLL - ok
01:33:39.0281 0x0cf4 [ 39FDD74DA37A0867C04D4B3EFDE9EF2B,

79BF9E07779E46F3A66A5EE3BBAEC3B1D738C9794736C8DAE53E02422E1F9E5B ]

C:\WINDOWS\system32\mydocs.dll
01:33:39.0281 0x0cf4 C:\WINDOWS\system32\mydocs.dll - ok
01:33:39.0281 0x0cf4 [ 75474DD8ED127828A3A1D4F71C5A497A,

BD7D1B29CBBA739ED8EA061C4FC99276FB6C632F39B6885C9D7E94BA3CD8FBD4 ]

C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll
01:33:39.0281 0x0cf4 C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll - ok
01:33:39.0296 0x0cf4 [ 22358578CB321F3325496A3723029409,

44535E0EFC20714CEF8FFAE51294CFC6AC53F12E464E048ECD92CDC2CA54A312 ]

C:\WINDOWS\system32\PortableDeviceTypes.dll
01:33:39.0296 0x0cf4 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
01:33:39.0296 0x0cf4 [ 39E458524EE1944EC1A5D6166DCF989D,

31DD5A3013BD3DD58F5CD6704EEA70033409C5F70A20B805343F6EB0E556D57D ]

C:\Program Files\McAfee\VirusScan\vsann.dll
01:33:39.0296 0x0cf4 C:\Program Files\McAfee\VirusScan\vsann.dll - ok
01:33:39.0296 0x0cf4 [ 9794492BBF08287A94B427D466D368D3,

0C9BD085603A50E6FD4C4D6CAEFB5F8FB59F3E4C27754059398A6D39CAF7DBC7 ]

C:\Program Files\McAfee\VirusScan\mcvsocfg.dll
01:33:39.0296 0x0cf4 C:\Program Files\McAfee\VirusScan\mcvsocfg.dll - ok
01:33:39.0312 0x0cf4 [ 571F38CFF87053ECEDCA3D2CDA963956,

83FB333B93B06B19FC6F753D1CDF1096966B302E0EE4C06F0E3F509773282A16 ]

C:\WINDOWS\system32\msgsvc.dll
01:33:39.0312 0x0cf4 C:\WINDOWS\system32\msgsvc.dll - ok
01:33:39.0312 0x0cf4 [ 9ECA2FA155897ED17E42AFC70F0CE01D,

D646CA71A99241D3E5C8A9521D5B18B17BB8F85115271C476FB0ED3E4A21987A ]

C:\WINDOWS\system32\mfevtps.exe
01:33:39.0312 0x0cf4 C:\WINDOWS\system32\mfevtps.exe - ok
01:33:39.0312 0x0cf4 [ 24CFF4697702785872313159EC2434A2,

E8181A4E991F8AB33DB4C0378606A10033FEA06115C432C55142699E502D486D ]

C:\Documents and Settings\All Users\Application Data\MobileBrServ\mbbService.exe
01:33:39.0312 0x0cf4 C:\Documents and Settings\All Users\Application

Data\MobileBrServ\mbbService.exe - ok
01:33:39.0312 0x0cf4 [ 9D45B2201D0ECF9F42136C7B99DEB8B2,

0251BE4C23EAACE2A9725243936C5E5AC4C0BCEE10EDE85017D91936FEE8CB31 ]

C:\WINDOWS\system32\PortableDeviceApi.dll
01:33:39.0312 0x0cf4 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
01:33:39.0328 0x0cf4 [ 118931434C850C316C2DCDB1349BB10E,

5C1B368FE813EB0836C8A9B827813C4A961EE863038343769CC52F64A314A46F ]

C:\WINDOWS\system32\ksuser.dll
01:33:39.0328 0x0cf4 C:\WINDOWS\system32\ksuser.dll - ok
01:33:39.0328 0x0cf4 [ 34B480ABF60DC98C0BF3BFD89B7A5D90,

CBE651AF96BFCAB66E03CEB97BF59D06AABCFDD2973F8F2952C421D3C04074AB ]

C:\Program Files\McAfee\VirusScan\mcvsoshl.dll
01:33:39.0328 0x0cf4 C:\Program Files\McAfee\VirusScan\mcvsoshl.dll - ok
01:33:39.0328 0x0cf4 [ D34612C5D02D026535B3095D620626AE,

1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ]

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication

Foundation\SMSvcHost.exe
01:33:39.0328 0x0cf4 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows

Communication Foundation\SMSvcHost.exe - ok
01:33:39.0328 0x0cf4 [ EF22596B7C443716F5F97DCA1ED7A1E2,

A559E0DDD73A643F67297273B23D472EE855D5906E3F6CCBFF195A80F886A067 ]

C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe
01:33:39.0328 0x0cf4 C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe - ok
01:33:39.0343 0x0cf4 [ F2F6B9AFBF78583D17AEE268B18EDD22,

28C8C5C221EB54B66D8BA747E7F62AB1A5606A82A4DC8D0D3413767C7A6677F8 ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\PLATFO~1.DLL
01:33:39.0343 0x0cf4 C:\PROGRA~1\COMMON~1\McAfee\Platform\PLATFO~1.DLL - ok
01:33:39.0343 0x0cf4 [ 72AD40A73635662717B036D51236BE06,

AA406F40D0656A3009F7C23F90F875BD2C0D45F6353D714A96645AB634ECAD5E ]

C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll
01:33:39.0343 0x0cf4 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll

- ok
01:33:39.0343 0x0cf4 [ F18A83298348C2C25D08E5881E2CDD35,

9918519BDF3655BC61F59B209EDCC068F0D61AD4CC6464FDAEEA0A3C3B2AF20F ]

C:\WINDOWS\system32\duser.dll
01:33:39.0343 0x0cf4 C:\WINDOWS\system32\duser.dll - ok
01:33:39.0359 0x0cf4 [ FEB6F2493EB75F0BFCF23D7AD618C3AE,

8D2CA1B318DDCB36BDB8DAE30D577C680D46B4693B0500530941E351049D9F2C ]

C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
01:33:39.0359 0x0cf4 C:\Program Files\Microsoft Office\Office14\GROOVE.EXE - ok
01:33:39.0359 0x0cf4 [ 60F36ED5A02B41F9F60CB29D88A9CD01,

15745EB7355A350C9414BBF2054155EDE054088EB17A8F121632EB3EB8AC72F0 ]

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
01:33:39.0359 0x0cf4 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll -

ok
01:33:39.0359 0x0cf4 [ 2D5AAFECAEE330D8A57C53D5FCC44F5F,

7C17228A65853EFA6268750E44036B63BB9363EA22AEEC16E7594ACB5BC95367 ]

C:\Program Files\Citrix\ICA Client\Receiver\Xerces-c_3_1.dll
01:33:39.0359 0x0cf4 C:\Program Files\Citrix\ICA Client\Receiver\Xerces-c_3_1.dll - ok
01:33:39.0359 0x0cf4 [ 11558DFC11B66284BD132A02DFFEA503,

E99F54C830B815097FE6E32687D703BF25665CC77DA88E8DB451000F70DD2298 ]

C:\PROGRA~1\McAfee\MSC\MCPRTM~1.DLL
01:33:39.0359 0x0cf4 C:\PROGRA~1\McAfee\MSC\MCPRTM~1.DLL - ok
01:33:39.0375 0x0cf4 [ EDC6DC4B25EEC0CDCC60A997BD6C781B,

484992EA5E8376278567DFAD9B106B7DEB9286EE357089997D105268C83311B1 ]

C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL
01:33:39.0375 0x0cf4 C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL - ok
01:33:39.0375 0x0cf4 [ 93D9C3D6D6F6F56F7DD08A19A9FD8951,

855B2288A0C1FC4C3A604F49B843B6DD222A48B859A4B8DE9882EA18A5925850 ]

C:\Program Files\Common Files\McAfee\Platform\McRTMui.dll
01:33:39.0375 0x0cf4 C:\Program Files\Common Files\McAfee\Platform\McRTMui.dll - ok
01:33:39.0375 0x0cf4 [ 944A7A08B0FF1E2720470C5A1CD10A69,

DAB1A9D18158D687271472C36B52EA5BF7B1E09FDB50B4BC4F22B4846E4568A8 ]

C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
01:33:39.0375 0x0cf4 C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
01:33:39.0390 0x0cf4 [ C7A4C339D37BA8FDC7F492E0A4291FCD,

EDCB25C8E14382AEF4ED21C7DFBFDC5FC3973134E2C0E6CB8D145A80FA9E3ECE ]

C:\Program Files\Common Files\McAfee\Platform\LangSel.dll
01:33:39.0390 0x0cf4 C:\Program Files\Common Files\McAfee\Platform\LangSel.dll - ok
01:33:39.0390 0x0cf4 [ EFAAC839BAB1FCA26768913289BD3474,

C8F9F5C6C9AE706FE0C29BE246B7EA50EEAA7D9C50AE864BE9C98A18D8E967BC ]

C:\Program Files\Citrix\ICA Client\Receiver\ResourceKeeper.dll
01:33:39.0390 0x0cf4 C:\Program Files\Citrix\ICA Client\Receiver\ResourceKeeper.dll -

ok
01:33:39.0390 0x0cf4 [ 98AFAA462C5F08F44DC7AC09C6C327F3,

696714FA9C55C28ED274F2EDA3C55289851EBD670E2D933ADAD2E96F8BE5E8E1 ]

C:\Program Files\Citrix\ICA Client\Receiver\NativeMessageBox.dll
01:33:39.0390 0x0cf4 C:\Program Files\Citrix\ICA Client\Receiver\NativeMessageBox.dll -

ok
01:33:39.0406 0x0cf4 [ 09DEF3ABB6A196749299359AC5578DD8,

056D88D5A6E7C3D0C5EB1CB0C3EF3B03AB5E34D48E53121B674040804620A6FB ]

C:\WINDOWS\system32\msxml4.dll
01:33:39.0406 0x0cf4 C:\WINDOWS\system32\msxml4.dll - ok
01:33:39.0406 0x0cf4 [ 6A4BC7CDF2833063F79A9FF2CBD1A3B5,

654FAC4EE060823FEA5E0DC8EEA9EC283C1C0E12B7DA59C0E2BE5D047CE2CB4E ]

C:\Program Files\Citrix\ICA Client\Receiver\NativeSystrayUE.dll
01:33:39.0406 0x0cf4 C:\Program Files\Citrix\ICA Client\Receiver\NativeSystrayUE.dll - ok
01:33:39.0406 0x0cf4 [ D642715F68EFBF35869F8F24AD8E5E14,

4A97E21E9A35773EE07965FCA7D5C7A9C757F5AA2B293D7A5511A5C4539EF55D ]

C:\Program Files\Citrix\ICA Client\Receiver\ProgressNotification.dll
01:33:39.0406 0x0cf4 C:\Program Files\Citrix\ICA Client\Receiver\ProgressNotification.dll

- ok
01:33:39.0406 0x0cf4 [ 70939CBCFD57DA39B62F925410B92D76,

864579A950F6D39F6B8509B4EA6D98BDD39C2742C7BFACB3849D1FF3883D2A3C ]

C:\Program Files\Citrix\ICA Client\Receiver\WindowsAppRHelper.dll
01:33:39.0406 0x0cf4 C:\Program Files\Citrix\ICA

Client\Receiver\WindowsAppRHelper.dll - ok
01:33:39.0421 0x0cf4 [ 409E9E5357DAB450FB3C3A4BF2CE245B,

FC91546755AB3CF917432B9F32190408C35CB137468132D4ACE3FD2EAE05058A ]

C:\Program Files\Citrix\ICA Client\Receiver\Toaster.dll
01:33:39.0421 0x0cf4 C:\Program Files\Citrix\ICA Client\Receiver\Toaster.dll - ok
01:33:39.0421 0x0cf4 [ 5AF575F654377327F7FFB7DA8A1D5F23,

CEEF82AB016E37F8A5F4845467003B0A3682B6B480C688BE24ED9200B874F9EF ]

C:\WINDOWS\system32\dssenh.dll
01:33:39.0421 0x0cf4 C:\WINDOWS\system32\dssenh.dll - ok
01:33:39.0421 0x0cf4 [ 75235B10934331D3D23329B0CD92C85F,

8758E529978F686EA7752494C45FEDDFC0FF87634AFFAC99996CA8949F5E8183 ]

C:\WINDOWS\system32\upnp.dll
01:33:39.0421 0x0cf4 C:\WINDOWS\system32\upnp.dll - ok
01:33:39.0437 0x0cf4 [ A0CCABAD081ADFC1658DD6E1A454F065,

054656FA69FF97C9CA46EEF6F921CB19DCB5B37D0F109261E0371278448AFCC0 ]

C:\WINDOWS\system32\ssdpapi.dll
01:33:39.0437 0x0cf4 C:\WINDOWS\system32\ssdpapi.dll - ok
01:33:39.0437 0x0cf4 [ E027A6E99EF709AFD195FD6329224C47,

B31B85BF369DC36363B0E527AE3B8E95B33699D17D09C6313C43E7373A3E6874 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{09

5CEF93-E357-4223-B54D-3F863BCF8C84}.tmp
01:33:39.0437 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{09

5CEF93-E357-4223-B54D-3F863BCF8C84}.tmp - ok
01:33:39.0437 0x0cf4 [ DDE302BAA0B7F48E0DE796EECBFC1670,

0AA2C03C4E997ADF449456F659AA31F2BE8643B31353B906B72E35872E1E8D0B ]

C:\Program Files\McAfee\MSC\mcoemres.dll
01:33:39.0437 0x0cf4 C:\Program Files\McAfee\MSC\mcoemres.dll - ok
01:33:39.0437 0x0cf4 [ 261B614C3FBFDA520D8BC35DE4335020,

2BFB40B3B48CCF45043D6A42C04DB6813C2A503E29380323C297B4B51BC4EFF2 ]

C:\Program Files\McAfee\MSC\oemui.dll
01:33:39.0437 0x0cf4 C:\Program Files\McAfee\MSC\oemui.dll - ok
01:33:39.0453 0x0cf4 [ 5CF697DECD07DC4858CA05CD55F70598,

8F01B947AAAAD6F3BDE23B3A7896A60A01E6F15763FBDDA2E5AE4B52DBC06BA2 ]

C:\Program Files\McAfee\MSC\mcprlres.dll
01:33:39.0453 0x0cf4 C:\Program Files\McAfee\MSC\mcprlres.dll - ok
01:33:39.0453 0x0cf4 [ AB67816718E5C65CC326BE56AC0B9E73,

D6F19026CB87C9BB5521D668B13347B68F297FCE34C5F1BFE530574B16ADB2D5 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{7B

21440D-ABF7-41CA-A187-F8FF985285F1}.tmp
01:33:39.0453 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{7B

21440D-ABF7-41CA-A187-F8FF985285F1}.tmp - ok
01:33:39.0453 0x0cf4 [ 50D8D8247A966DE019DA9D006C7BB706,

E197FCD9FE7ED1E00194A088EDA39F13CC4D6F3FD6555CEB868B5A849A36CA73 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216c

a83292cb2f21\mscorlib.ni.dll
01:33:39.0453 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216c

a83292cb2f21\mscorlib.ni.dll - ok
01:33:39.0468 0x0cf4 [ DF08B7602218FAE594A2120641DAF5F1,

083CA7BE30F1484B4606F01463514696C94E0006855646AF12672353B81745BD ] C:\Program

Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
01:33:39.0468 0x0cf4 C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\MSO.DLL - ok
01:33:39.0468 0x0cf4 [ 5D1BF8D62D85C962969D661382AF7C49,

4BE876D16BE35ADA3CA45D6843A8CC76560BEAE6383A9478011E71A9E49F08B9 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{FD

54260A-2674-4A8F-BB5F-21F085E7FB91}.tmp
01:33:39.0468 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{FD

54260A-2674-4A8F-BB5F-21F085E7FB91}.tmp - ok
01:33:39.0468 0x0cf4 [ DC6DB08D85337C9675F94B01043279AE,

B09E491113F9E95F4EE00BB51BB21D4967BAC333C0DCD030A10AEA9B9E52032B ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{31

ECE76F-7750-466A-96B2-BA5D53709CC1}.tmp
01:33:39.0468 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{31

ECE76F-7750-466A-96B2-BA5D53709CC1}.tmp - ok
01:33:39.0468 0x0cf4 [ C74D46C1F542F5FEB9B7E1A8EC04986D,

FA83733A81BA8D96EDFD15C1914D5A6056D73C61540C8747E9AE1343DA47A63D ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{51

AE83EB-9EE4-4195-9087-906BD2120478}.tmp
01:33:39.0468 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{51

AE83EB-9EE4-4195-9087-906BD2120478}.tmp - ok
01:33:39.0484 0x0cf4 [ 7CF4CEEEEDF8C1B9F45656C28F594854,

D682C494D944844E3AFCFEA35EB758DC1ED7C7A55DF8630DB46F3FB8700D8985 ]

C:\Program Files\Common Files\McAfee\AMCore\McShieldClient.dll
01:33:39.0484 0x0cf4 C:\Program Files\Common

Files\McAfee\AMCore\McShieldClient.dll - ok
01:33:39.0484 0x0cf4 [ 517ECD823EB9A03368294C6C33A695D0,

7BA4EF2C5E9D15A4EE8ACC169CA233010DF8D1BC7088665E06C9E71BBA0CD40C ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{61

810FF7-FC7D-4BC3-B557-36035C5CD2F2}.tmp
01:33:39.0484 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{61

810FF7-FC7D-4BC3-B557-36035C5CD2F2}.tmp - ok
01:33:39.0484 0x0cf4 [ 3428F170E1953B4C4EA10A5F58B55908,

B554E04021472C3C2BBDED2B4BBB4F6648932356F8DA409A2A7F6AC02E54B306 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{25

398B85-0334-4204-856B-1F4467E7D5F6}.tmp
01:33:39.0484 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{25

398B85-0334-4204-856B-1F4467E7D5F6}.tmp - ok
01:33:39.0484 0x0cf4 [ 67514C4C7C69EB3BCAE48F99EA963DE0,

58E79E0A4D3217A8F761E1D810B670822888E8E01B73EEB35287406A675EEF47 ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\sqlite3.dll
01:33:39.0484 0x0cf4 C:\PROGRA~1\COMMON~1\McAfee\Platform\sqlite3.dll - ok
01:33:39.0500 0x0cf4 [ 8D80F5436BBEA238BD97AA98885D8B21,

8C595FDCB6F2CEA3B8AB26ED146D1A38CBC68C98BDEB40F2F23B5C1E79D68F19 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3

ba8c96828c9\System.ni.dll
01:33:39.0500 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3

ba8c96828c9\System.ni.dll - ok
01:33:39.0500 0x0cf4 [ 09BF8BE6565A61C599A17D8882165F03,

190AD33A5FD36EA5F2A368A2EA18D21027532A203AAEFCAC3DC7CBB62FFB6C1D ]

C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL
01:33:39.0500 0x0cf4 C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\1033\MSOINTL.DLL - ok
01:33:39.0500 0x0cf4 [ 00000000000000000000000000000000,

0000000000000000000000000000000000000000000000000000000000000000 ] C:\Program

Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL
01:33:39.0500 0x0cf4 C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\MSORES.DLL - ok
01:33:39.0515 0x0cf4 [ ADABAB8458E46048BB62FBDD4F7045FB,

D5496D0309D161DDF41B32AC1AE01E393BA71ACDDC0AADBEA67C5A328A08CF63 ]

C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll
01:33:39.0515 0x0cf4 C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll - ok
01:33:39.0515 0x0cf4 [ 96D681B7DE0BA6BFA1DC55915003CD05,

26CDA6A9A67F20A494F0EF3577D14F5DDA1F0D4428891DBD271A757833285939 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{6F

67E945-7206-48C9-B2D2-6AE7322C967C}.tmp
01:33:39.0515 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{6F

67E945-7206-48C9-B2D2-6AE7322C967C}.tmp - ok
01:33:39.0515 0x0cf4 [ 4B334F7C0ECBA7A9F6B5A47D9FFEDD25,

999FFECAAFA6D313E584556B4F673BC53553FDB7239AB928A6F3687B59A4E59C ]

C:\PROGRA~1\McAfee\MSC\mclwapi.dll
01:33:39.0515 0x0cf4 C:\PROGRA~1\McAfee\MSC\mclwapi.dll - ok
01:33:39.0531 0x0cf4 [ 85D8D497E3CFCD66607DAD332378DE8B,

FEB2FF9315B41A7D13C9F3EB4CFDD612C951CA02330BC5A9129881E148769C7F ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{A1

C9F5EF-5EA1-4C6A-B438-51DD1571AAB0}.tmp
01:33:39.0531 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{A1

C9F5EF-5EA1-4C6A-B438-51DD1571AAB0}.tmp - ok
01:33:39.0531 0x0cf4 [ E0D990C3BDEC95F9163C9CEA73BD78CF,

19B97BE23FE7759B1BDA1276142644E036EEBBA6353EE166BA03053406D60F02 ]

C:\WINDOWS\system32\spoolss.dll
01:33:39.0531 0x0cf4 C:\WINDOWS\system32\spoolss.dll - ok
01:33:39.0531 0x0cf4 [ CD0DAF878147B723108C428370FF0355,

A5C3D8A516FD0A15DAAB442DA424E996112C355239B985413EAA4DC1FAB76303 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{9F

769FE4-4FE8-4C21-852C-75842C036957}.tmp
01:33:39.0531 0x0cf4

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{9F

769FE4-4FE8-4C21-852C-75842C036957}.tmp - ok
01:33:39.0531 0x0cf4 [ 5677DFE438EC1F009273FC84FEED6B10,

44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ]

C:\WINDOWS\system32\localspl.dll
01:33:39.0531 0x0cf4 C:\WINDOWS\system32\localspl.dll - ok
01:33:39.0546 0x0cf4 [ 3EA5261F8FE8FF74874819053AC14466,

D2240A7529B3C9CD8F03F883135E67B2B9CE9A50AB2DD9E923510B36542C8613 ]

C:\WINDOWS\system32\cnbjmon.dll
01:33:39.0546 0x0cf4 C:\WINDOWS\system32\cnbjmon.dll - ok
01:33:39.0546 0x0cf4 [ 2D4744FF25906C84E47ED702A14CCEB5,

A344086E59D4AAA65B1EB270B585AA47A0A7EF499B2BF69A19341952F8BFD917 ]

C:\WINDOWS\system32\E_FLBHJE.DLL
01:33:39.0546 0x0cf4 C:\WINDOWS\system32\E_FLBHJE.DLL - ok
01:33:39.0546 0x0cf4 [ 4BCC428872F88E40947C18E6CB6BC273,

BB35CE7A801CDC717236FC3FDF839E6C302C801B8765902330CAD16D640C315B ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMSvcHost\0858a864485f468a88c

becb1c8a5e9fc\SMSvcHost.ni.exe
01:33:39.0546 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMSvcHost\0858a864485f468a88c

becb1c8a5e9fc\SMSvcHost.ni.exe - ok
01:33:39.0562 0x0cf4 [ F69FEE651241D77D5F6BBE89FBFD5F5C,

2EC4466C49639DF3C95127EF4AD3E4A2E5A28A6AB2DB00B519013C0BC355F64D ]

C:\WINDOWS\system32\hpinkstsCE11LM.dll
01:33:39.0562 0x0cf4 C:\WINDOWS\system32\hpinkstsCE11LM.dll - ok
01:33:39.0562 0x0cf4 [ A64F876BC373F97C8AAB613082206C53,

C972B394F8FAB3111151D73F84020E3E5EBDD44678B409D18F4C6AC715D55717 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ff1a0afc7a73669bc

a0ac4dffd8ee7c4\SMDiagnostics.ni.dll
01:33:39.0562 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ff1a0afc7a73669bc

a0ac4dffd8ee7c4\SMDiagnostics.ni.dll - ok
01:33:39.0562 0x0cf4 [ A2973A14FD05F6A5BD61F3528DFAE922,

A4DE8166DC9655D6471B35B35861DF9067FB832046FA33DE7804F7BA3242481D ]

C:\WINDOWS\system32\hpzsnt12.dll
01:33:39.0562 0x0cf4 C:\WINDOWS\system32\hpzsnt12.dll - ok
01:33:39.0562 0x0cf4 [ 7EEF92697C962900B1298F28673D3E0B,

0E78667E3C1A1EFC34E5860AF11FD0C3AFA765A85E6E523C3DA003D2C71C20D7 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f008

48816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
01:33:39.0562 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f008

48816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll - ok
01:33:39.0578 0x0cf4 [ 8431721B2E8DD6668CD36B3F4C6336DB,

281C07F1595D3FA04F46FBC99DCB9A554836B9517A5745998B644C3BA1325D9C ]

C:\WINDOWS\system32\pjlmon.dll
01:33:39.0578 0x0cf4 C:\WINDOWS\system32\pjlmon.dll - ok
01:33:39.0578 0x0cf4 [ E952CC82F0382B1F0AE3433B07A1B470,

21F2633DD09E37574E45CDFE94E400761C658469CE9AFEC284F1A4557372319C ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\80743209bc

c0a3af8305acd51569b483\System.ServiceModel.ni.dll
01:33:39.0578 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\80743209bc

c0a3af8305acd51569b483\System.ServiceModel.ni.dll - ok
01:33:39.0578 0x0cf4 [ 52893E7BAE3BDF35DBC834B7AA19F203,

04476C98F40CABA12480B31CAD31EDCF421532C383FD1D4F75A8B6EE5D6CA5C6 ]

C:\WINDOWS\system32\tcpmon.dll
01:33:39.0578 0x0cf4 C:\WINDOWS\system32\tcpmon.dll - ok
01:33:39.0593 0x0cf4 [ 83ABE6A441DD301AF90CD41EF2A377EB,

7CDBCA03DB57BC6026ED072E4DEF61A1E9BD4ED5F035D0E8F290E3D5414911B8 ]

C:\WINDOWS\system32\usbmon.dll
01:33:39.0593 0x0cf4 C:\WINDOWS\system32\usbmon.dll - ok
01:33:39.0593 0x0cf4 [ EEE7F12D9FF46F68FBC0DA059A359E9E,

1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ]

C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
01:33:39.0593 0x0cf4

C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
01:33:39.0593 0x0cf4 [ 1D9C3D7A1F8838E6280FA3F7D1FE4ED8,

0BD922965118D54D1027CDB628FA0DFB7AD1D6DF0910C80DB3F140C9255101D8 ]

C:\Program Files\Common Files\Microsoft

Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
01:33:39.0593 0x0cf4 C:\Program Files\Common Files\Microsoft

Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL - ok
01:33:39.0609 0x0cf4 [ 8D05E96BEA9A17743BEC4F9DAD967080,

C32BB2DBFB7134F5077592ACB3AAED40BFD9685219D6D1626B37B296A0828D0B ]

C:\WINDOWS\system32\win32spl.dll
01:33:39.0609 0x0cf4 C:\WINDOWS\system32\win32spl.dll - ok
01:33:39.0609 0x0cf4 [ 38C225B607DB9277C5941512A858506C,

14B16BC0E426651B256F17AC540F9E008C4A2928540D1F4518FD8BE2C47FFF94 ]

C:\WINDOWS\system32\netrap.dll
01:33:39.0609 0x0cf4 C:\WINDOWS\system32\netrap.dll - ok
01:33:39.0609 0x0cf4 [ 569C2891D7BFA5DAE2EF466A0DB369CB,

500AF65FA861AFC05D0418DCA33EB2E781261B59592643907FD8B4E43BE67DD5 ]

C:\WINDOWS\system32\inetpp.dll
01:33:39.0609 0x0cf4 C:\WINDOWS\system32\inetpp.dll - ok
01:33:39.0609 0x0cf4 [ 667A1CD2CF247E1F7E17FEF747FADD94,

7B43DCA3A720F0803B96A268E8B8B4ACF181784476353BFD52681C1FDF2BD3D9 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\184f0202841

84651f03aa3cbc2bbccb6\System.IdentityModel.ni.dll
01:33:39.0609 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\184f0202841

84651f03aa3cbc2bbccb6\System.IdentityModel.ni.dll - ok
01:33:39.0625 0x0cf4 [ F75FCFB7AEDD50DAF38EA7F53F751B98,

EC2AE798FFF3288B4CA1B85EA6D4EFFDAA7E10CFBFE337EFF630852DB36D142B ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd

99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
01:33:39.0625 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd

99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll - ok
01:33:39.0625 0x0cf4 [ 9D84376931440F3679BEEF2A414FA493,

C800227A67C3C10A26114DB54F5390D2A475D36BE65E87CB890A6819B0BB4884 ]

C:\WINDOWS\system32\HPZipm12.exe
01:33:39.0625 0x0cf4 C:\WINDOWS\system32\HPZipm12.exe - ok
01:33:39.0625 0x0cf4 [ 4B83FCBBE72AF5F99D109798653E8B78,

E646F6D365392890A3618D54D25EC4E1182400C4FF258158DBA24F814BC8C990 ]

C:\WINDOWS\system32\ipxsap.dll
01:33:39.0625 0x0cf4 C:\WINDOWS\system32\ipxsap.dll - ok
01:33:39.0640 0x0cf4 [ B92A85618A470F4406CEE8785CE89B4F,

AE410CB0DE68E7FA408C3749E55401512F8BAA7414BF6B9042D7ECEC49FFBA04 ]

C:\WINDOWS\system32\rtm.dll
01:33:39.0640 0x0cf4 C:\WINDOWS\system32\rtm.dll - ok
01:33:39.0640 0x0cf4 [ D05AB88927849DF74CF4F1C303DAEB4F,

5E80CFAC3818FF04959BEB6AADCA7CFB5AF477FB917E44C9E5AF4C78299FD154 ]

C:\WINDOWS\system32\adptif.dll
01:33:39.0640 0x0cf4 C:\WINDOWS\system32\adptif.dll - ok
01:33:39.0640 0x0cf4 [ 492EDE030195B1C41B046FB46D30A2C3,

8B7737EC9C4D0A65A8DFFE905533279889AE61849DA5F0F04A2C38C01B865C83 ]

C:\WINDOWS\system32\ipsecsvc.dll
01:33:39.0640 0x0cf4 C:\WINDOWS\system32\ipsecsvc.dll - ok
01:33:39.0640 0x0cf4 [ 584C4DA856450CB22EBBE7A68CC6250F,

56030767CFD2DAFDAE8CC767DC1EED39DD2E6E42152BFAE7904C2C8826B2C3E2 ]

C:\WINDOWS\system32\oakley.dll
01:33:39.0640 0x0cf4 C:\WINDOWS\system32\oakley.dll - ok
01:33:39.0656 0x0cf4 [ 7653843D86E779F4265C68C5E10FA923,

D43936100D5D79C3BC52251338599B106D7824106EECC023EE9AD7DB588DD948 ]

C:\WINDOWS\system32\winipsec.dll
01:33:39.0656 0x0cf4 C:\WINDOWS\system32\winipsec.dll - ok
01:33:39.0656 0x0cf4 [ 68D7E81F8BD290A937A925F99C8DA289,

5472F446969A9647D1443F84BFE2BF6200353672A02ADD0ACB486D46D8E274F1 ]

C:\WINDOWS\system32\pstorsvc.dll
01:33:39.0656 0x0cf4 C:\WINDOWS\system32\pstorsvc.dll - ok
01:33:39.0656 0x0cf4 [ 7A11E5CDF3F6FCDFDEA885B5889B2369,

C1C12852786FDAEA478001E3B2FFE85EB8220C387772DB05BDA8781E9BA412EC ]

C:\WINDOWS\system32\mprdim.dll
01:33:39.0656 0x0cf4 C:\WINDOWS\system32\mprdim.dll - ok
01:33:39.0671 0x0cf4 [ 14EB586446F5A6C17CCC685DDA3B91BE,

707F8F0D8A742A5E6E984C8AC69E115A9A8223ECFBF20929ECF08F1F3BA18CF4 ]

C:\WINDOWS\system32\regsvc.dll
01:33:39.0671 0x0cf4 C:\WINDOWS\system32\regsvc.dll - ok
01:33:39.0671 0x0cf4 [ 625C6AAB87950EA4936C3AADF28263F9,

169BADE8622C435FB7867E4E6F029E4B9297AF42624F1FC65DEAD3089B59AA64 ]

C:\WINDOWS\system32\psbase.dll
01:33:39.0671 0x0cf4 C:\WINDOWS\system32\psbase.dll - ok
01:33:39.0671 0x0cf4 [ F11FD54B991831EE3E64D677008F862F,

EB24675DF3018CE61F560DF555E88A8DC0E63C22F76996DB2D3E72E8428294DD ]

C:\WINDOWS\system32\seclogon.dll
01:33:39.0671 0x0cf4 C:\WINDOWS\system32\seclogon.dll - ok
01:33:39.0671 0x0cf4 [ C48C9775ADF79320DE07A354D3F2FA48,

D6CAE90ED5149DE44071B7D115EE6A686081D0AC519D5613D4E2BDC80D300445 ]

C:\WINDOWS\system32\srsvc.dll
01:33:39.0671 0x0cf4 C:\WINDOWS\system32\srsvc.dll - ok
01:33:39.0687 0x0cf4 [ DA3F1F670F4BFD9258BE48B1B634BBEC,

E9123EA8134027BE3A8F932168E479988462C2C2DF16E9336DF48E0A7D4AC2B1 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb

722edf9e1e738\System.Xml.ni.dll
01:33:39.0687 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb

722edf9e1e738\System.Xml.ni.dll - ok
01:33:39.0687 0x0cf4 [ C9B32143E92AF77211D2D520180C45C0,

F8D9634931D77095B11BC87E3DF65206D3682C1039D3967A38D63350D4C94DF0 ]

C:\WINDOWS\system32\iprtrmgr.dll
01:33:39.0687 0x0cf4 C:\WINDOWS\system32\iprtrmgr.dll - ok
01:33:39.0687 0x0cf4 [ B5247F381EC1E2C568421F182867EC8A,

04F17C68268F581CBFE971E26A137929A7E712BD3B1D9AC4B432EE5D5C27A50D ]

C:\WINDOWS\system32\iprtprio.dll
01:33:39.0687 0x0cf4 C:\WINDOWS\system32\iprtprio.dll - ok
01:33:39.0703 0x0cf4 [ 8A85AE71E0B5B01E565582B8DA6A70B3,

06A2CFB7176FD47DBA7122F2C3DC4FD77FE9E12A0058E2022BC48072FBEBE3EA ]

C:\WINDOWS\system32\sens.dll
01:33:39.0703 0x0cf4 C:\WINDOWS\system32\sens.dll - ok
01:33:39.0703 0x0cf4 [ EB255169EDF1FABC69DF70498C8840E0,

85F2479C4ECD1D7AC0BD9EEB3699F49ABCFAB0F4EFC9CD52425070A0E1CFB3E7 ]

C:\WINDOWS\system32\ipxrtmgr.dll
01:33:39.0703 0x0cf4 C:\WINDOWS\system32\ipxrtmgr.dll - ok
01:33:39.0703 0x0cf4 [ 51FB761031E14B1FA7AFDA9E01C22A1E,

CC3D6F577EB7881D55E957AAD364E4F58433E8D9E4286DF95E9E1EBCA9A87E8A ]

C:\WINDOWS\system32\tlntsvr.exe
01:33:39.0703 0x0cf4 C:\WINDOWS\system32\tlntsvr.exe - ok
01:33:39.0703 0x0cf4 [ CC01384090411493D4F5439D0C70716B,

F4E2B5CE16510AD143E95D384B3308105BAEB6228018A32948F4EF4D119F2771 ]

C:\WINDOWS\system32\wiaservc.dll
01:33:39.0703 0x0cf4 C:\WINDOWS\system32\wiaservc.dll - ok
01:33:39.0718 0x0cf4 [ ACBEC106AFD0BAA406433897AF16DDDB,

2F4A020881DDA1868E8F0924428AB3E2731628B08CADD856E5923D81DE5D8A1A ]

C:\WINDOWS\system32\rasppp.dll
01:33:39.0718 0x0cf4 C:\WINDOWS\system32\rasppp.dll - ok
01:33:39.0718 0x0cf4 [ C59BF15DFEDD6D11A91A0CE7B228F65D,

40AADD4EF9171D8A1D68A946BC839F5B55E26CA70D8475D55AF335A544EF09AE ]

C:\WINDOWS\system32\ntlsapi.dll
01:33:39.0718 0x0cf4 C:\WINDOWS\system32\ntlsapi.dll - ok
01:33:39.0718 0x0cf4 [ 6B76E67D6E1BA202757F9967646AC5CB,

21312D98F9103506D51E02527053E67EF85C154A39B77417A44A7E645490CCCA ]

C:\WINDOWS\system32\regsvr32.exe
01:33:39.0718 0x0cf4 C:\WINDOWS\system32\regsvr32.exe - ok
01:33:39.0734 0x0cf4 [ 1C968E4691B63F5B86C4C65C12D7D206,

55BCF8CC630185793A9DEA39431E3A7514E7B0C33C10D80BD1D14BDA3CE65885 ]

C:\WINDOWS\system32\trkwks.dll
01:33:39.0734 0x0cf4 C:\WINDOWS\system32\trkwks.dll - ok
01:33:39.0734 0x0cf4 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1,

502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ]

C:\WINDOWS\system32\mscms.dll
01:33:39.0734 0x0cf4 C:\WINDOWS\system32\mscms.dll - ok
01:33:39.0734 0x0cf4 [ 01248E6223FEBF6E0D087665C8F0DCDD,

5BEF0DB809B7A173694AD21CA4D1B32B82B05B2B8A898675CFE60784265C1AF4 ]

C:\WINDOWS\system32\ipxwan.dll
01:33:39.0734 0x0cf4 C:\WINDOWS\system32\ipxwan.dll - ok
01:33:39.0734 0x0cf4 [ 6A5011B6CDC97EFB2624DC84CEEE10A0,

78DA902E8EF669ED1C4100734AD8F2F65A37C621F1579078CAF2B5EB67CAAF14 ]

C:\WINDOWS\system32\wbem\wmisvc.dll
01:33:39.0734 0x0cf4 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
01:33:39.0750 0x0cf4 [ 2572A5452E06D761C0BCFFBE1FA417AA,

E326D6C012F5046CEBBAECB361B647F084AE3887113E9B669E08C43352CF7D5B ]

C:\WINDOWS\system32\vssapi.dll
01:33:39.0750 0x0cf4 C:\WINDOWS\system32\vssapi.dll - ok
01:33:39.0750 0x0cf4 [ 16B115E3706F493BE99FCA5D75EE54CF,

CAEC1D17894EBBE303A23BD33B6E9DB9EFB670E31C7393812BCFB8B418FCD816 ]

C:\Program Files\McAfee\MSC\McAPExe.exe
01:33:39.0750 0x0cf4 C:\Program Files\McAfee\MSC\McAPExe.exe - ok
01:33:39.0750 0x0cf4 [ 9DB8A88FAA38E78641C415672158D696,

580FDE63C2CA9AB299F349B1F477BCCC27D804F36C1B1A0A96EC47FBB38259FE ]

C:\WINDOWS\system32\tlntsvrp.dll
01:33:39.0750 0x0cf4 C:\WINDOWS\system32\tlntsvrp.dll - ok
01:33:39.0765 0x0cf4 [ E30103A209E0E0316E9B12B9C43F8063,

4BBA45946AF83BDAF167D43AEA9C8CCBF7F4E5A07E2E431AFB9863D0ECE83171 ]

C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
01:33:39.0765 0x0cf4 C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -

ok
01:33:39.0765 0x0cf4 [ 314DFA40C0A57C45E3AD80EB4DA31DEC,

F85691018259ABA656948321A7E2F2574BE9D510AC20059818DD3F6794846A7D ]

C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll
01:33:39.0765 0x0cf4 C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll -

ok
01:33:39.0765 0x0cf4 [ C3200506FB212A0F4FB736A80E646C40,

19D041704CB052BD52BD0DFD70E66E7A55EDEE56888DEEF56A9739476AF91944 ]

C:\WINDOWS\system32\lz32.dll
01:33:39.0765 0x0cf4 C:\WINDOWS\system32\lz32.dll - ok
01:33:39.0765 0x0cf4 [ 403FE61338A08024118DF2D317E6791A,

36662196F90AC1C3B11390912671AD52A27850C28E58E33F475A205F8D3DF84C ]

C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
01:33:39.0765 0x0cf4 C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll -

ok
01:33:39.0781 0x0cf4 [ BD40B4F2E6282ADABE9D82E963DB42FB,

B35E94445B0178D750F9CFE0A260E576DCB0DD280E8B00F0767568C170690073 ]

C:\WINDOWS\system32\drivers\mfeapfk.sys
01:33:39.0781 0x0cf4 C:\WINDOWS\system32\drivers\mfeapfk.sys - ok
01:33:39.0781 0x0cf4 [ CFD4E51402DA9838B5A04AE680AF54A0,

5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ]

C:\WINDOWS\system32\browser.dll
01:33:39.0781 0x0cf4 C:\WINDOWS\system32\browser.dll - ok
01:33:39.0781 0x0cf4 [ FC3EC24FCE372C89423E015A2AC1A31E,

8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ]

C:\WINDOWS\system32\wuaueng.dll
01:33:39.0781 0x0cf4 C:\WINDOWS\system32\wuaueng.dll - ok
01:33:39.0781 0x0cf4 [ D17E3330856C16B51651F9431FE197AC,

D0DAB5ABED706DDEC7817D7FA8B7D753A69D24BE41FA7CA42C61C2C3FC79735B ]

C:\WINDOWS\system32\wuauserv.dll
01:33:39.0781 0x0cf4 C:\WINDOWS\system32\wuauserv.dll - ok
01:33:39.0796 0x0cf4 [ B32BCECCE79C398E595314EB34352FB4,

6975D1FD8E12C9A8A825548C5872711B82DEA66A1A9E9AA416617A23A5D51EA6 ]

C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll
01:33:39.0796 0x0cf4 C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll -

ok
01:33:39.0796 0x0cf4 [ AFED369B26E5B30B0A9F88BB602D7D26,

1F6C96F1FB583F066CB42E01ADE9EBD6B04BFAAE645B441ADDD8958100F37CD4 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf

0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
01:33:39.0796 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf

0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll - ok
01:33:39.0796 0x0cf4 [ 646B73E3115C6D17AA971D67C5AE6CDF,

9C83212D3EA43FB1E8558C0A55013D38AC03F9D2633D59AA497FE505B00D898D ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\f0b0625c2db624ba9

c97ad1b12490d79\System.Web.ni.dll
01:33:39.0796 0x0cf4

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\f0b0625c2db624ba9

c97ad1b12490d79\System.Web.ni.dll - ok
01:33:39.0812 0x0cf4 [ 8049BD45ED56E2C697D844D299939AB9,

8DD0815A2FBB4A8C7172215F1451884697D6B5D8E02F59E4B765734136DFDDEC ]

C:\Program Files\Common Files\McAfee\AMCore\quarantine.dll
01:33:39.0812 0x0cf4 C:\Program Files\Common Files\McAfee\AMCore\quarantine.dll -

ok
01:33:39.0812 0x0cf4 [ B60E60F5DD93650E77BA2DEC66B9DD02,

EAFF67B3B3B94DD289F05EFD4BBB6A7BB4BA97E0086E35B61DA2810CEA05303A ]

C:\Program Files\Common Files\McAfee\AMCore\mfeunzip.dll
01:33:39.0812 0x0cf4 C:\Program Files\Common Files\McAfee\AMCore\mfeunzip.dll - ok
01:33:39.0812 0x0cf4 [ 416B0FB13CE10D065753C3BB530595CC,

654BDD25E3FC94B6A0F2E1B00E9A9CA2F7ABC2E58860EE48B9CEC4F7BBCE2A10 ]

C:\Program Files\Common Files\McAfee\AMCore\mfezip.dll
01:33:39.0812 0x0cf4 C:\Program Files\Common Files\McAfee\AMCore\mfezip.dll - ok
01:33:39.0812 0x0cf4 [ 8020C7C06B9DDC3372A9A84844C03136,

24C0FCBBDCEEB9A804D6A160C904DBEFD2DF5C576856255CAC2206EC9A6C9809 ]

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
01:33:39.0812 0x0cf4 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -

ok
01:33:39.0828 0x0cf4 [ 2520074EFCE6A705AF997A5E530308B7,

621E60CD81682AB9A43BB3CE5F620F6AAE2EA415ED3AD58976322705C22CDE23 ]

C:\Program Files\Common Files\McAfee\AMCore\MFE_DS.dll
01:33:39.0828 0x0cf4 C:\Program Files\Common Files\McAfee\AMCore\MFE_DS.dll - ok
01:33:39.0828 0x0cf4 [ A544D0F6F3B703026F7F6C8102CEA409,

22BC391CB425352998A7593BE34CA4E33459F6A82083C51C08C01F19172AEAA9 ]

C:\Program Files\Common Files\McAfee\AMCore\lua_lib.dll
01:33:39.0828 0x0cf4 C:\Program Files\Common Files\McAfee\AMCore\lua_lib.dll - ok
01:33:39.0828 0x0cf4 [ 614B353ADE213AE246E68E3613145A7D,

1989D034709DCEB14A7739FBC58F66FBC3F90CF6ACD32747A6698CB9EE51379E ]

C:\Program Files\Common Files\McAfee\AMCore\MFE_CS.dll
01:33:39.0828 0x0cf4 C:\Program Files\Common Files\McAfee\AMCore\MFE_CS.dll - ok
01:33:39.0843 0x0cf4 [ 24D133E4D7AEB337DDC4A3DCD381FA0F,

E2810A170F21F6B33073B366323872957E7CC72F46B1668110E83A4C4D30AFD1 ]

C:\Program Files\Common Files\McAfee\AMCore\ncapi.dll
01:33:39.0843 0x0cf4 C:\Program Files\Common Files\McAfee\AMCore\ncapi.dll - ok
01:33:39.0843 0x0cf4 [ 3649632022709D55E6C6955B64FBC687,

54E0258F495129FDEB8DD44E2DF5C48675B6311A4B79A8FF0CBB81AC3CB89384 ]

C:\Program Files\Common Files\McAfee\AMCore\EMMain.dll
01:33:39.0843 0x0cf4 C:\Program Files\Common Files\McAfee\AMCore\EMMain.dll - ok
01:33:39.0843 0x0cf4 [ 0B6665428850D8A56EB72FF3495885CB,

6BC4C165E2996DB51F3F195785EF113055FED87D3937F778EC237A56C9567ECA ]

C:\PROGRA~1\COMMON~1\McAfee\MHN\HOMENE~3.DLL
01:33:39.0843 0x0cf4 C:\PROGRA~1\COMMON~1\McAfee\MHN\HOMENE~3.DLL - ok
01:33:39.0843 0x0cf4 [ E6D493A61979D2327A35DD1E7F3D6E0C,

3542CFD614C3F86BE4D98E5275C3B600398B15A942468CB0A3342C49004DCD05 ]

C:\WINDOWS\system32\xmllite.dll
01:33:39.0843 0x0cf4 C:\WINDOWS\system32\xmllite.dll - ok
01:33:39.0859 0x0cf4 [ D9FA3D98680125541A6D44F66E6F526D,

11B0E4CF8662AE7A43FD2D14979772986E773B7A43EA8F0C6EFF3CFBD07F20D0 ]

C:\PROGRA~1\McAfee\MPF\MpfSvc.dll
01:33:39.0859 0x0cf4 C:\PROGRA~1\McAfee\MPF\MpfSvc.dll - ok
01:33:39.0859 0x0cf4 [ 7AFA1ECE3D81F540D3C07E16CE5A69BA,

CBACF8063EC4AA66E5885B515F4082D34E92837B51E378B651AD829A657A54E3 ]

C:\Program Files\Common Files\McAfee\McProxy\McProxy.dll
01:33:39.0859 0x0cf4 C:\Program Files\Common Files\McAfee\McProxy\McProxy.dll - ok
01:33:39.0859 0x0cf4 [ E034B0D22AC0AB435F1EF9906DA003E2,

6DDEDCB03646014EE471B55F3FB98615EC7D8C4225BE53C6A1AEC7C8C919B46E ]

C:\WINDOWS\system32\mspatcha.dll
01:33:39.0859 0x0cf4 C:\WINDOWS\system32\mspatcha.dll - ok
01:33:39.0875 0x0cf4 [ CF0E8BD38C8E3FF71E4659B2ED9F7220,

86497B0071FA254D57F69D0E871490C625A01CCADA1C750817545DB181E415E7 ]

C:\WINDOWS\system32\ipnathlp.dll
01:33:39.0875 0x0cf4 C:\WINDOWS\system32\ipnathlp.dll - ok
01:33:39.0875 0x0cf4 [ 91876C6436B8ED54964DE4E464E60221,

FE1D6662CA9DA754FE0D283B0FBB24323F42DB8C77F86F5A05770500E1C3D27D ]

C:\PROGRA~1\McAfee\MPS\mps.dll
01:33:39.0875 0x0cf4 C:\PROGRA~1\McAfee\MPS\mps.dll - ok
01:33:39.0875 0x0cf4 [ E9A9452B5B775D8FB0D89C8EE6ACACF7,

2455D46DEBA0EE37B8E49B24CF3DD029ACE274E7A9EDB769017792885D47F1BE ]

C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll
01:33:39.0875 0x0cf4 C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll -

ok
01:33:39.0890 0x0cf4 [ 7D9199D9006D8FCBCCF3C6416F939B16,

720F29755D1DACF19D640A94FB60CC1E55C6931DC5726DF0A51DD089129AEDA8 ]

C:\WINDOWS\system32\wscsvc.dll
01:33:39.0890 0x0cf4 C:\WINDOWS\system32\wscsvc.dll - ok
01:33:39.0890 0x0cf4 [ D603990D9BDA99D2A4C21B4EA1936A54,

5D6E3E5E3915D6618410AC79F994B5B9E444439998E7C753DC7DAB6E47A2D5CD ]

C:\WINDOWS\system32\netcfgx.dll
01:33:39.0890 0x0cf4 C:\WINDOWS\system32\netcfgx.dll - ok
01:33:39.0890 0x0cf4 [ 4E386317ACDB4C09336BA1E5413335EB,

D66578D891D24380D4C2D9277D68C6DA809F406E8D12DEEE8E87AA7E69666759 ]

C:\WINDOWS\system32\wbem\wbemcore.dll
01:33:39.0890 0x0cf4 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
01:33:39.0890 0x0cf4 [ 427C044B7B5EBB76F4B4D01472F210AF,

3CE156D496536BCA4BEBDA78690399318107EE1630230E54F015A81AB2D36184 ]

C:\PROGRA~1\McAfee\MPS\mpscfg.dll
01:33:39.0890 0x0cf4 C:\PROGRA~1\McAfee\MPS\mpscfg.dll - ok
01:33:39.0906 0x0cf4 [ EA078E44F37C51D3B0B42770C09D0D4E,

D0C97120959483CC8CED95E88A8D20EC8A457FBC00FB1CBDEC3FE6FC7C9B0C60 ]

C:\WINDOWS\system32\wbem\esscli.dll
01:33:39.0906 0x0cf4 C:\WINDOWS\system32\wbem\esscli.dll - ok
01:33:39.0906 0x0cf4 [ 22217AB00FA1D982FC79955E30C455B7,

08990BE77F02A11C93092528E24DB7462B60461D0E5976DB221144CB014EDA78 ]

C:\WINDOWS\system32\clusapi.dll
01:33:39.0906 0x0cf4 C:\WINDOWS\system32\clusapi.dll - ok
01:33:39.0906 0x0cf4 [ 378A0AEFB11D8B0DC8C27B9F7604B88D,

D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ]

C:\WINDOWS\system32\wbem\fastprox.dll
01:33:39.0906 0x0cf4 C:\WINDOWS\system32\wbem\fastprox.dll - ok
01:33:39.0906 0x0cf4 [ 72367B2A960265E4D435B26BF9170418,

6D130C873C736D1FF9AE0C1DD41198C867E6AB31BC1F04A75D7A3F38E0E7B684 ]

C:\Program Files\Common

Files\McAfee\AMContent\scanners\x86\gti\1.32.197.1\amgti.dat
01:33:39.0906 0x0cf4 C:\Program Files\Common

Files\McAfee\AMContent\scanners\x86\gti\1.32.197.1\amgti.dat - ok
01:33:39.0921 0x0cf4 [ 9279C2C99EF72911EE649C061C7C731B,

0E63D01E006C0A609FD0AA3C27D67BCD4CF61F7C4EB76E29050E5B7D796EB1FB ]

C:\WINDOWS\system32\comsvcs.dll
01:33:39.0921 0x0cf4 C:\WINDOWS\system32\comsvcs.dll - ok
01:33:39.0921 0x0cf4 [ 936B3A0F42A2582028F151060B1D4C21,

990B0562115F02B108E5D43275D704303873040A67BE357CC67751575098F0D7 ] C:\Program

Files\Common Files\McAfee\AMContent\scanners\x86\gti\1.32.197.1\ts.dat
01:33:39.0921 0x0cf4 C:\Program Files\Common

Files\McAfee\AMContent\scanners\x86\gti\1.32.197.1\ts.dat - ok
01:33:39.0921 0x0cf4 [ 74F53B37D050405E3F70D9B1A671EFAB,

E0951471BF0903D09CB9D6651B5B8D41DFE02AE944AD55EC23DEE2A21E2B0C35 ]

C:\PROGRA~1\McAfee\MPF\MpfEvt.dll
01:33:39.0921 0x0cf4 C:\PROGRA~1\McAfee\MPF\MpfEvt.dll - ok
01:33:39.0937 0x0cf4 [ D3D912E8CEA72FFB0AC65DEEC27459D4,

82D759671BCF4A6A8171706792117B5765D08F80BA576430FE659B7B82DDD37F ]

C:\WINDOWS\system32\colbact.dll
01:33:39.0937 0x0cf4 C:\WINDOWS\system32\colbact.dll - ok
01:33:39.0937 0x0cf4 [ 36795A645EAA47FE31D2A8F136A2C69B,

D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ]

C:\WINDOWS\system32\mtxclu.dll
01:33:39.0937 0x0cf4 C:\WINDOWS\system32\mtxclu.dll - ok
01:33:39.0937 0x0cf4 [ 6D21F73F3E41F67AD5979785E6363372,

8475440157EDFFBC231B62DD211A46C8DFC54146C921E131C22C8D5FFB3AD6B5 ]

C:\WINDOWS\system32\resutils.dll
01:33:39.0937 0x0cf4 C:\WINDOWS\system32\resutils.dll - ok
01:33:39.0937 0x0cf4 [ 841551C5B5A18ED8873AF0016CEFCDB8,

4C7A122C6628540E12A94AED98D11653F320BB443CA8103272C0A94352C41524 ]

C:\Program Files\Common

Files\McAfee\AMContent\scanners\x86\avengine\5900.7806\mcscan32.dat
01:33:39.0953 0x0cf4 C:\Program Files\Common

Files\McAfee\AMContent\scanners\x86\avengine\5900.7806\mcscan32.dat - ok
01:33:39.0968 0x0cf4 [ 687B7E2FD5B6A4F77B696EE419934123,

49F7A2A1054A973A163B7C3A0F4CAC62FBF2644F5D8BA019E8D13DFA9AE02F25 ]

C:\WINDOWS\system32\wbem\wbemsvc.dll
01:33:39.0968 0x0cf4 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
01:33:39.0968 0x0cf4 [ 3458EDA96E30FBD0477A2800D3FB1909,

BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ]

C:\WINDOWS\system32\wups.dll
01:33:39.0968 0x0cf4 C:\WINDOWS\system32\wups.dll - ok
01:33:39.0984 0x0cf4 [ BDC0C99E472176C8C2C853A68ADC5073,

9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ]

C:\WINDOWS\system32\wups2.dll
01:33:39.0984 0x0cf4 C:\WINDOWS\system32\wups2.dll - ok
01:33:39.0984 0x0cf4 [ E539155149B4C6A66B94C64824D71D10,

4BF0C61B301E6D1674102E7DC464C3F25BCA3623D60BC06ADEE3E2F4A3526870 ]

C:\WINDOWS\system32\wbem\wmiutils.dll
01:33:39.0984 0x0cf4 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
01:33:39.0984 0x0cf4 [ 82AEFEA06D8EB10D8C7F134A5CA4B74C,

1D5DB8B01BC663F292736B6798E2F7AD259AD54B9CC66A4AA249872D65A04E9A ]

C:\WINDOWS\system32\wbem\repdrvfs.dll
01:33:39.0984 0x0cf4 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
01:33:39.0984 0x0cf4 [ 071143F687B4F887E21461CA6CC7EB29,

92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ]

C:\WINDOWS\system32\wbem\wmiprvsd.dll
01:33:39.0984 0x0cf4 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
01:33:40.0000 0x0cf4 [ A1435CD8121BE0FBE34FA12F9062053F,

91381A75B2B8F89CAFF9F3921FF27588117277A7415B5EEF78C7761FD9E734EE ]

C:\WINDOWS\system32\wbem\wbemess.dll
01:33:40.0000 0x0cf4 C:\WINDOWS\system32\wbem\wbemess.dll - ok
01:33:40.0000 0x0cf4 [ 2E0B0A051FFAA86E358465BB0880D453,

493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ]

C:\WINDOWS\system32\wuauclt.exe
01:33:40.0000 0x0cf4 C:\WINDOWS\system32\wuauclt.exe - ok
01:33:40.0000 0x0cf4 [ 917A85C7B0F221CBF778D1F62F846434,

DCC0431EA3E5F222D209246A1726A7A483021E0E9E295838DF02D1F1C52216CF ]

C:\WINDOWS\system32\mobsync.exe
01:33:40.0000 0x0cf4 C:\WINDOWS\system32\mobsync.exe - ok
01:33:40.0015 0x0cf4 [ 1A617835452EEE5060976C9B9F5FE635,

DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ]

C:\WINDOWS\system32\wuapi.dll
01:33:40.0015 0x0cf4 C:\WINDOWS\system32\wuapi.dll - ok
01:33:40.0015 0x0cf4 [ D61331CD7D6A3BE088E7C4D8C931874A,

9B867E7CF9B4949A58443C9BD32FABFAE823B9740BE1FD43517C6F909E508AA5 ]

C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll
01:33:40.0015 0x0cf4 C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll - ok
01:33:40.0015 0x0cf4 [ 39DA4E7E8B14E0E7504400BA70A6DCAA,

41640CA941EC2EA54FDC010846E95B3435BC774ECECAB12F53045D10C5630D65 ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\Core\McEvtBrk.dll
01:33:40.0015 0x0cf4 C:\PROGRA~1\COMMON~1\McAfee\Platform\Core\McEvtBrk.dll -

ok
01:33:40.0031 0x0cf4 [ B28D8EF0442EE84ED09A74C7807B37C8,

B4A42F22125C0F9C4D414A53987B29FC61F43664E83B9F380C431A79D418457E ]

C:\WINDOWS\system32\wbem\ncprov.dll
01:33:40.0031 0x0cf4 C:\WINDOWS\system32\wbem\ncprov.dll - ok
01:33:40.0031 0x0cf4 [ DC21A4E064E86D61F1AC9FCF8069013D,

C12D3C3FF6E7935E4E1FE21CCDF1872FC40B60329B9C7F9DB0C6B5A6AD526C08 ]

C:\Program Files\Common Files\McAfee\VSCore_3_8\Lockdown.dll
01:33:40.0031 0x0cf4 C:\Program Files\Common Files\McAfee\VSCore_3_8\Lockdown.dll

- ok
01:33:40.0031 0x0cf4 [ D6AE1857232261C3272EA4BF4386808C,

7B7AB1DA74A676F3ECF5AB72834EEF36236935B8B76F381D563A66EE2ED9B223 ]

C:\WINDOWS\system32\mmc.exe
01:33:40.0031 0x0cf4 C:\WINDOWS\system32\mmc.exe - ok
01:33:40.0031 0x0cf4 [ 9482289261EE59D00736D8DF81498327,

E19C8A4DB300B261F9D964FC2EEE408D960CC729A35113BEAA7A39DB1A13AB1E ]

C:\WINDOWS\system32\mobsync.dll
01:33:40.0031 0x0cf4 C:\WINDOWS\system32\mobsync.dll - ok
01:33:40.0046 0x0cf4 [ F6F2BFC17069EB335ACCEEF7595F9302,

7434C4353DD2B2E5C8F3690CEF2E1F7E234C2402E6E3BFCBF29DCB1494125F8A ]

C:\WINDOWS\system32\mfc42u.dll
01:33:40.0046 0x0cf4 C:\WINDOWS\system32\mfc42u.dll - ok
01:33:40.0046 0x0cf4 [ 4C431AAA4B735355D26CD38B51ABF3E5,

FF629DDAF24FF42870D32FB0BB104947CAD08F256FE814ABD8E3D8FA7BCA7E95 ]

C:\Program Files\McAfee\MPF\L10N.dll
01:33:40.0046 0x0cf4 C:\Program Files\McAfee\MPF\L10N.dll - ok
01:33:40.0046 0x0cf4 [ 0D2003473E4D1B8A704685D2AFAEDD29,

308B01D8F6280955A64CBEC50A9FF8A4DD5BDD6F322874AADC05BF0D1325D6C1 ]

C:\WINDOWS\system32\drprov.dll
01:33:40.0046 0x0cf4 C:\WINDOWS\system32\drprov.dll - ok
01:33:40.0062 0x0cf4 [ D8D11AA424F4A024229BA10FBEC611EB,

FB5E69C0858A4E031CEEC1A2C021C26AB6FAE618AD9D767BB6C41AACD8A57906 ]

C:\WINDOWS\system32\mmcbase.dll
01:33:40.0062 0x0cf4 C:\WINDOWS\system32\mmcbase.dll - ok
01:33:40.0062 0x0cf4 [ B4B5D90E57F4047D61FB23C08CA9B57D,

515B90CA64EB2C847883518EBE332AD5FF25A5D03843771A9AA4F4C9DAF4EA0E ]

C:\WINDOWS\system32\ntlanman.dll
01:33:40.0062 0x0cf4 C:\WINDOWS\system32\ntlanman.dll - ok
01:33:40.0062 0x0cf4 [ A2DDDE878AAB55B50CAE01E4FEFF666D,

25BC3634DD535B4871D49316D0162676DE23D60225DE7E1F9C4E88D19E4977FA ]

C:\WINDOWS\system32\netui0.dll
01:33:40.0062 0x0cf4 C:\WINDOWS\system32\netui0.dll - ok
01:33:40.0062 0x0cf4 [ E3BB1A144FAAE3018E18694E3661CCA3,

0033121B405C60319A8003C570D84B8FBE8D20BF65D9B34380E00D744096D0DE ]

C:\WINDOWS\system32\netui1.dll
01:33:40.0062 0x0cf4 C:\WINDOWS\system32\netui1.dll - ok
01:33:40.0078 0x0cf4 [ B4B66E743BE3997AB7C17DA03EA11A6F,

25654F0EE70D9DF0CD701B3BD928F77125E0F8A366172141506547A4113ED792 ]

C:\WINDOWS\system32\davclnt.dll
01:33:40.0078 0x0cf4 C:\WINDOWS\system32\davclnt.dll - ok
01:33:40.0078 0x0cf4 [ 88F380E2BC857E227D746AB19D3CF253,

ABB72DB450CE5688BE51365CA23CEA22AD8185964C9F83501B2CD41121F9692A ]

C:\WINDOWS\system32\mmcndmgr.dll
01:33:40.0078 0x0cf4 C:\WINDOWS\system32\mmcndmgr.dll - ok
01:33:40.0078 0x0cf4 [ 798A9E6828997EEF4517ADA8A2259831,

64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ]

C:\WINDOWS\system32\wbem\wmiprvse.exe
01:33:40.0078 0x0cf4 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
01:33:40.0093 0x0cf4 [ F784184DB39C84950C87B7C2438AA0D7,

E5E856ADAAABBC93296B33A7160B2D006BB907DD99D294CA1CD2597939C351E7 ]

C:\WINDOWS\system32\wbem\cimwin32.dll
01:33:40.0093 0x0cf4 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
01:33:40.0093 0x0cf4 [ FBA8573905059AC03349270989528E66,

2AA8A402FBE80F7BD671CA5ED79D073F263F0BAD4302632CFB2B0137676BE06C ]

C:\WINDOWS\system32\wbem\framedyn.dll
01:33:40.0093 0x0cf4 C:\WINDOWS\system32\wbem\framedyn.dll - ok
01:33:40.0093 0x0cf4 [ 9E049D0A4F2D1712C0BEA12060F10489,

22A12E316DF58013BD2ED3F65B64701C0748D3BD191D5B0E1541740F565C83CA ]

C:\Program Files\Citrix\ICA Client\wfcrun32.exe
01:33:40.0093 0x0cf4 C:\Program Files\Citrix\ICA Client\wfcrun32.exe - ok
01:33:40.0093 0x0cf4 ================ Scan generic autorun

======================
01:33:40.0187 0x0cf4 [ 9C3B2302B60FB0EFB13BC880A5E3E93E,

16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ]

C:\WINDOWS\system32\HDAShCut.exe
01:33:40.0484 0x0cf4 Ярлык для страницы свойств High Definition Audio - detected

UnsignedFile.Multi.Generic ( 1 )
01:33:42.0968 0x0cf4 Detect skipped due to KSN trusted
01:33:42.0968 0x0cf4 Ярлык для страницы свойств High Definition Audio - ok
01:33:43.0093 0x0cf4 [ 917A85C7B0F221CBF778D1F62F846434,

DCC0431EA3E5F222D209246A1726A7A483021E0E9E295838DF02D1F1C52216CF ]

C:\WINDOWS\system32\mobsync.exe
01:33:44.0734 0x0cf4 Synchronization Manager - ok
01:33:44.0812 0x0cf4 [ 0D034E8C4F88C5B2B0C1AF3CF438CC4F,

F44F9A6BBA0AE6D350F98CDBF2D5B09D56D9B1CF46F4CB9F50566232B32F8BAE ]

C:\WINDOWS\SOUNDMAN.EXE
01:33:47.0109 0x0cf4 SoundMan - ok
01:33:48.0937 0x0cf4 [ ED7FB962F5EA840C27DF60AE4346A913,

60FE7FD0D5736011BCCAE74E41C5DF05F993600E140058295EB413512001825E ] C:\Program

Files\Citrix\ICA Client\redirector.exe
01:33:49.0156 0x0cf4 Redirector - ok
01:33:49.0234 0x0cf4 [ 4B10675852FE8862521024778E264D5F,

5520A4D16517708807A01954DF977A790DDD1715B0CF90D48DCE490C5AF60455 ]

C:\WINDOWS\system32\igfxpers.exe
01:33:51.0312 0x0cf4 igfxpers - ok
01:33:51.0359 0x0cf4 [ 42344DDF30337979216EA6AFA58BB42A,

565EB63BE814F959BB0E547218C963B5ECA455A394455D411BD1889A66B31E54 ]

C:\WINDOWS\system32\hkcmd.exe
01:33:51.0562 0x0cf4 igfxhkcmd - ok
01:33:52.0078 0x0cf4 [ BF0EE37A14144C88A9F6FDA7B44981BB,

91648E51C6DB3E61B3DFE196C878B33ED493C57218D3BB0374108DDC06990041 ]

C:\Program Files\Epson Software\Event Manager\EEventManager.exe
01:33:52.0453 0x0cf4 EEventManager - ok
01:33:52.0609 0x0cf4 [ F0AD6FB996D4BE1E364934FA7A6BD094,

B747580F2D3211B3350368B59B418D8737F009A6D4D066897F60B670A0C33F4F ] C:\Program

Files\Citrix\ICA Client\concentr.exe
01:33:52.0906 0x0cf4 ConnectionCenter - ok
01:33:53.0390 0x0cf4 [ 187F4C75A89E3F412322C94526320074,

D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ]

C:\Program Files\Microsoft Office\Office14\BCSSync.exe
01:33:53.0718 0x0cf4 BCSSync - ok
01:33:54.0625 0x0cf4 [ EC05E964058693D1F71D1B5506B5CF09,

B1E126AA040800FEC99CAE2C675A225183D50A6F3D24262051A5FB5D96E61012 ]

C:\WINDOWS\ALCWZRD.EXE
01:33:56.0046 0x0cf4 AlcWzrd - ok
01:33:56.0156 0x0cf4 [ 8B4CBBA1EA526830C7F97E7822E2493A,

1DFD05B1C0050DB44F5B4293E5574BFC292AF804A63FC0A70131BB498C326977 ]

C:\WINDOWS\ALCMTR.EXE
01:33:56.0406 0x0cf4 Alcmtr - ok
01:33:57.0281 0x0cf4 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4,

D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
01:33:57.0562 0x0cf4 Adobe ARM - ok
01:33:57.0765 0x0cf4 [ 00C608CDFC203846B20EB12E2AB41F3A,

C67279A51C4ACFDF3DBEA0D006DE8DB67DA3F5B61D3B2B7D6F0E6EAB6C180A06 ]

C:\Program Files\McAfee.com\Agent\mcagent.exe
01:33:58.0171 0x0cf4 mcpltui_exe - ok
01:33:58.0406 0x0cf4 [ 06F6DB72ADABC5E858F38EF69014CE52,

B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ]

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
01:33:59.0921 0x0cf4 OfficeSyncProcess - ok
01:34:00.0062 0x0cf4 [ A3F00130A3177AF0A263AE640DFCFE4C,

C2577FB798DD7F84505F0F5BBAFE06754DBF69B3D8A07E795DFF2C44B6780653 ]

C:\WINDOWS\system32\ctfmon.exe
01:34:05.0125 0x0cf4 ctfmon.exe - ok
01:34:05.0125 0x0cf4 SRSHDAudioLab - ok
01:34:06.0890 0x0cf4 [ 20616E7A9E9A1D231FD232FC3ACAE46D,

017D06196BFE0B1D71D4BAA5BDD716E8320C8F64882B512540DA8739B4CD0C4A ]

C:\Documents and Settings\Boss\Local Settings\Application Data\Amazon

Music\Amazon Music Helper.exe
01:34:09.0968 0x0cf4 Amazon Music - ok
01:34:10.0015 0x0cf4 Waiting for KSN requests completion. In queue: 2
01:34:11.0015 0x0cf4 Waiting for KSN requests completion. In queue: 2
01:34:12.0015 0x0cf4 Waiting for KSN requests completion. In queue: 2
01:34:15.0859 0x0cf4 AV detected via SS1: McAfee Anti-Virus and Anti-Spyware, ,

enabled, updated
01:34:15.0859 0x0cf4 FW detected via SS1: McAfee Firewall, , enabled
01:34:18.0375 0x0cf4

============================================================
01:34:18.0375 0x0cf4 Scan finished
01:34:18.0375 0x0cf4

============================================================
01:34:20.0671 0x0cec Detected object count: 4
01:34:20.0671 0x0cec Actual detected object count: 4
01:34:30.0687 0x0cec

C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - copied to

quarantine
01:34:30.0750 0x0cec AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User

select action: Quarantine
01:34:32.0406 0x0cec C:\WINDOWS\system32\FsUsbExDisk.SYS - copied to quarantine
01:34:32.0812 0x0cec FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action:

Quarantine
01:34:34.0000 0x0cec C:\WINDOWS\system32\HPZipm12.exe - copied to quarantine
01:34:34.0000 0x0cec Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action:

Quarantine
01:34:34.0906 0x0cec \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
01:34:35.0265 0x0cec \Device\Harddisk0\DR0\TDLFS\tdlcmd.dll - copied to quarantine
01:34:35.0296 0x0cec \Device\Harddisk0\DR0\TDLFS\tdlwsp.dll - copied to quarantine
01:34:35.0296 0x0cec \Device\Harddisk0\DR0 ( TDSS File System ) - User select action:

Quarantine

#6 KerryJo2712

Topic Starter

Members
27 posts
OFFLINE

Gender:Female
Location:Manchester
Local time:06:04 AM

Posted 30 May 2018 - 07:46 PM

Again sorry for the delay, as I've found a virus using TDSS I think that could be why it wouldn't let me run it until now, my desktop has also turned black and I've got the warniong about counterfit copy of windows at bottom right of screen also asks me to resolve on login

Thanks again will try run other logs now

#7 KerryJo2712

Topic Starter

Members
27 posts
OFFLINE

Gender:Female
Location:Manchester
Local time:06:04 AM

Posted 30 May 2018 - 07:54 PM

Ok so I've tried downloading and running ADW cleaner at least 10 times now and I get the following "Unable to locate component..... dwmapi.dll was not found.reinstalling the application may fix this problem"

#8 KerryJo2712

Topic Starter

Members
27 posts
OFFLINE

Gender:Female
Location:Manchester
Local time:06:04 AM

Posted 02 June 2018 - 12:17 PM

These are all the logs I am able to run....adw cleaner won't download and the online scanner stops a quarter of the way through

#9 boopme

To Insanity and Beyond

Helper Emeritus
85,296 posts
OFFLINE

Gender:Male
Location:NJ USA
Local time:01:04 AM

Posted 04 June 2018 - 01:31 PM

Ok, we need one n one help for you.. Please make a new topic by doing steps 6 and 7....
"cannot run malware Tools"

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well..