PC-HELP.CZ

Prosím o kontrolu a pomoc


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:00:35, on 15.11.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\IObit\Advanced SystemCare 7\RealTimeProtector.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Documents and Settings\Administrator\Plocha\msert.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\SpyDig\spydig.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
E:\Windows utility 32bit\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.piriform.com/go/app_releasen ... 33&b=1&a=0
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O3 - Toolbar: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [spydig.exe] C:\Program Files\SpyDig\spydig.exe
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /auto
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{31F4FE2C-CB39-4D78-8339-81ED4509BA6D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{31F4FE2C-CB39-4D78-8339-81ED4509BA6D}: NameServer = 8.26.56.26,156.154.70.22
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--
End of file - 4841 bytes

Odinstaluj:
SpyDig
Spybot - Search & Destroy 2


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

ATF cleaner nemůžu použít, protože nemám operu, ani firefox :) Používám comodo prohlížeč v incognito režimu. Ale mám CCleaner, to by mělo udělat to samé, tak jsem ho použil a pokračoval podle tvého návodu dál.


Log z TFC

Getting user folders.

Stopping running processes.

Emptying Temp folders.


User: Administrator
->Temp folder emptied: 35161119 bytes
->Temporary Internet Files folder emptied: 49152 bytes
->Flash cache emptied: 506 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Guest
->Temp folder emptied: 41245341 bytes
->Temporary Internet Files folder emptied: 65670 bytes
->Flash cache emptied: 492 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 40555202 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 130120 bytes
%systemroot%\System32 .tmp files removed: 13768 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26819692 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 0 bytes
Process complete!

Total Files Cleaned = 137,00 mb

Toto je log z ADWCleaner:

# AdwCleaner v3.012 - Report created 15/11/2013 at 12:46:32
# Updated 11/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Administrator - DK-D595C5267E89
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180


*************************

AdwCleaner[R0].txt - [884 octets] - [13/11/2013 17:18:02]
AdwCleaner[R1].txt - [943 octets] - [13/11/2013 17:55:13]
AdwCleaner[R2].txt - [827 octets] - [13/11/2013 17:59:47]
AdwCleaner[R3].txt - [886 octets] - [13/11/2013 18:05:44]
AdwCleaner[R4].txt - [945 octets] - [13/11/2013 18:21:03]
AdwCleaner[R5].txt - [1004 octets] - [13/11/2013 19:21:28]
AdwCleaner[R6].txt - [888 octets] - [15/11/2013 12:46:32]
AdwCleaner[S0].txt - [1007 octets] - [13/11/2013 17:56:04]

########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [1007 octets] ##########





btw mám tu ještě jeden log z dřívějška, úplně první





# AdwCleaner v3.003 - Report created 13/11/2013 at 17:18:02
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Administrator - DK-D595C5267E89
# Running from : D:\Windows utility 32bit\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180


*************************

AdwCleaner[R0].txt - [746 octets] - [13/11/2013 17:18:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [805 octets] ##########



Log z malwarebytes zde:

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.15.03

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Administrator :: DK-D595C5267E89 [administrátor]

Ochrana: Zakázána

15.11.2013 12:53:39
mbam-log-2013-11-15 (12-53-39).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 205146
Uplynulý čas: 3 minut, 52 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

V tom adw to nech smazat a dodej log

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Rogue killer mi něco, našel(více než obvykle)

RogueKiller V8.7.3 [Oct 15 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : Administrator [Práva správce]
Mód : Kontrola -- Datum : 11/15/2013 18:29:22
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (localhost:8080) -> NALEZENO
[DNS][PUM] HKLM\[...]\CCSet\[...]\{31F4FE2C-CB39-4D78-8339-81ED4509BA6D} : NameServer (8.26.56.26,156.154.70.22) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{31F4FE2C-CB39-4D78-8339-81ED4509BA6D} : NameServer (8.26.56.26,156.154.70.22) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS003\[...]\{31F4FE2C-CB39-4D78-8339-81ED4509BA6D} : NameServer (8.26.56.26,156.154.70.22) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ][PUM] HKLM\[...]\SystemRestore : DisableSR (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD800JB-00FMA0 +++++
--- User ---
[MBR] 20a70dac25fbade108c972b641ab5c71
[BSP] 4fc4ba8c8a54b127f3bea824abc7945f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38146 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 78124095 | Size: 38162 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) (Standardní diskové jednotky) - SAMSUNG HM321HI USB Device +++++
--- User ---
[MBR] 2d142180b6cdaafb6afd2886a77ae2ec
[BSP] f881d677e12cc099aea874b401865ccd : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305234 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_11152013_182922.txt >>




Čištění jsem zatím neprovedl...


a tady je log z jrt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on p  15.11.2013 at 18:31:30,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  15.11.2013 at 18:37:06,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

RogueKiller V8.7.3 [Oct 15 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : Administrator [Práva správce]
Mód : Odebrat -- Datum : 11/16/2013 03:43:32
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ][PUM] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD800JB-00FMA0 +++++
--- User ---
[MBR] 20a70dac25fbade108c972b641ab5c71
[BSP] 4fc4ba8c8a54b127f3bea824abc7945f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38146 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 78124095 | Size: 38162 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_11162013_034332.txt >>
RKreport[0]_S_11152013_182922.txt;RKreport[0]_S_11162013_034330.txt



03:45:46.0078 0x077c TDSS rootkit removing tool 3.0.0.17 Nov 12 2013 19:54:52
03:45:46.0453 0x077c ============================================================
03:45:46.0453 0x077c Current date / time: 2013/11/16 03:45:46.0453
03:45:46.0453 0x077c SystemInfo:
03:45:46.0453 0x077c
03:45:46.0453 0x077c OS Version: 5.1.2600 ServicePack: 2.0
03:45:46.0453 0x077c Product type: Workstation
03:45:46.0453 0x077c ComputerName: DK-D595C5267E89
03:45:46.0453 0x077c UserName: Administrator
03:45:46.0453 0x077c Windows directory: C:\WINDOWS
03:45:46.0453 0x077c System windows directory: C:\WINDOWS
03:45:46.0453 0x077c Processor architecture: Intel x86
03:45:46.0453 0x077c Number of processors: 1
03:45:46.0453 0x077c Page size: 0x1000
03:45:46.0453 0x077c Boot type: Normal boot
03:45:46.0453 0x077c ============================================================
03:45:46.0453 0x077c BG loaded
03:45:46.0640 0x077c System UUID: {57AC1D69-A3DC-12A6-112D-E154C6EE940E}
03:45:47.0531 0x077c Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
03:45:47.0531 0x077c ============================================================
03:45:47.0531 0x077c \Device\Harddisk0\DR0:
03:45:47.0531 0x077c MBR partitions:
03:45:47.0531 0x077c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A81400
03:45:47.0562 0x077c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4A8147E, BlocksNum 0x4A89182
03:45:47.0562 0x077c ============================================================
03:45:47.0578 0x077c C: <-> \Device\Harddisk0\DR0\Partition1
03:45:47.0625 0x077c E: <-> \Device\Harddisk0\DR0\Partition2
03:45:47.0625 0x077c ============================================================
03:45:47.0625 0x077c Initialize success
03:45:47.0625 0x077c ============================================================
03:46:28.0171 0x0444 ============================================================
03:46:28.0171 0x0444 Scan started
03:46:28.0171 0x0444 Mode: Manual;
03:46:28.0171 0x0444 ============================================================
03:46:28.0171 0x0444 KSN ping started
03:46:50.0437 0x0444 KSN ping finished: true
03:46:51.0953 0x0444 ================ Scan system memory ========================
03:46:51.0953 0x0444 System memory - ok
03:46:51.0968 0x0444 ================ Scan services =============================
03:46:52.0906 0x0444 Abiosdsk - ok
03:46:52.0921 0x0444 abp480n5 - ok
03:46:53.0000 0x0444 [ FA2FBCDA96D2385F773B059FE5A125A6, 247ADDAF3E318342F4DEA0234560AE4252738194563584D66C1E5AD44DFF182F ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
03:46:53.0015 0x0444 ACPI - ok
03:46:53.0421 0x0444 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
03:46:53.0421 0x0444 ACPIEC - ok
03:46:53.0437 0x0444 adpu160m - ok
03:46:53.0656 0x0444 [ ED72E454DED2FF380B7DA4B09C2F0EC8, 79B17FEF370D31A30C5050D3B26D8F7D36CC30B86097D209CB4A5BB9E7D997FE ] AdvancedSystemCareService7 C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
03:46:53.0687 0x0444 AdvancedSystemCareService7 - ok
03:46:53.0796 0x0444 [ 841F385C6CFAF66B58FBD898722BB4F0, 0DA17CCA27DF5C7245959249162A5393B2E36B7C9A3A3525AE1371DE6AE698A3 ] aec C:\WINDOWS\system32\drivers\aec.sys
03:46:53.0796 0x0444 aec - ok
03:46:53.0859 0x0444 [ 5AC495F4CB807B2B98AD2AD591E6D92E, F645FAD628EC81C3D2555862BEE8DF3975FD9EAE326885528E773B2F148D70FB ] AFD C:\WINDOWS\System32\drivers\afd.sys
03:46:53.0859 0x0444 AFD - ok
03:46:53.0875 0x0444 Aha154x - ok
03:46:53.0890 0x0444 aic78u2 - ok
03:46:53.0906 0x0444 aic78xx - ok
03:46:53.0968 0x0444 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1, 2982A70AF1C9DD7A86B104D1A86ECA08753ED06D68FAE74FAE232828A80BF88C ] Alerter C:\WINDOWS\system32\alrsvc.dll
03:46:53.0968 0x0444 Alerter - ok
03:46:54.0000 0x0444 [ B3F690BF43F93A012A52F28F234FAA1B, 72B520D2F1F0A510AC49170CECC909F01FB550683C6740726F11B5BE96E610CF ] ALG C:\WINDOWS\System32\alg.exe
03:46:54.0000 0x0444 ALG - ok
03:46:54.0015 0x0444 AliIde - ok
03:46:54.0062 0x0444 [ EFBB0956BAED786E137351B5CA272AEF, 613E34D31C21F5CA9AEDC4BF64B8EE365DA355F914738C4FD638DB3EBE75FBB5 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
03:46:54.0062 0x0444 AmdK8 - ok
03:46:54.0078 0x0444 amsint - ok
03:46:54.0125 0x0444 [ 421184F91EAE5C6E78E653C6B32AAE84, 63D2B2953EFDC612B8D029175C1B6B68DB41C66B177322D5B08F90E584E1B220 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
03:46:54.0140 0x0444 AppMgmt - ok
03:46:54.0156 0x0444 asc - ok
03:46:54.0171 0x0444 asc3350p - ok
03:46:54.0187 0x0444 asc3550 - ok
03:46:54.0234 0x0444 [ 02000ABF34AF4C218C35D257024807D6, FDE21F7FCB198A44A6F2BCAF5EB11C9D90A094B4A2F8C307244A7655848954DA ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
03:46:54.0234 0x0444 AsyncMac - ok
03:46:54.0281 0x0444 [ CDFE4411A69C224BD1D11B2DA92DAC51, 0E6B23A80F171550575BEBC56F7500CD87A5CF03B2B9FDC49BC3DE96282CD69D ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
03:46:54.0281 0x0444 atapi - ok
03:46:54.0312 0x0444 Atdisk - ok
03:46:54.0343 0x0444 [ EC88DA854AB7D7752EC8BE11A741BB7F, 91FAF224CB4B44608C85CC25C3A82A3EC83F379D14A119A60A75505A30043255 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
03:46:54.0343 0x0444 Atmarpc - ok
03:46:54.0390 0x0444 [ 40D78F514C8588EF12EC718D2AF0FC4E, E8ABE9E67D6E35D53387B8F6EF11284EC330B8E94784A506F3756D4A39E4F184 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
03:46:54.0390 0x0444 AudioSrv - ok
03:46:54.0437 0x0444 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
03:46:54.0437 0x0444 audstub - ok
03:46:54.0484 0x0444 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
03:46:54.0484 0x0444 Beep - ok
03:46:54.0546 0x0444 [ E774A26610EC92674273486612C11CFC, 10BF77510872A4E1262FCE42F1254313E193D0804C90DC334C4249D477CB9A08 ] BITS C:\WINDOWS\system32\qmgr.dll
03:46:54.0609 0x0444 BITS - ok
03:46:54.0656 0x0444 [ F219E27E88107A50544153898DD8178E, 4E48E64AAF302F1FAF66F8F14BC22D2DA2E0C62E4C7E6CEE6F9705A04D75E0F6 ] Browser C:\WINDOWS\System32\browser.dll
03:46:54.0656 0x0444 Browser - ok
03:46:54.0671 0x0444 catchme - ok
03:46:54.0718 0x0444 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
03:46:54.0718 0x0444 cbidf2k - ok
03:46:54.0750 0x0444 cd20xrnt - ok
03:46:54.0812 0x0444 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
03:46:54.0812 0x0444 Cdaudio - ok
03:46:54.0906 0x0444 [ CD7D5152DF32B47F4E36F710B35AAE02, 7382890CC1B27FC66C3E94E064562BBD87B3C75577CB0FD10860B8E2CE07D12E ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
03:46:54.0906 0x0444 Cdfs - ok
03:46:54.0968 0x0444 [ AF9C19B3100FE010496B1A27181FBF72, 64E9E4461F631EED2B2A1FC80DCC9C31DCECB5738289D322E6A6428C840DC621 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
03:46:54.0968 0x0444 Cdrom - ok
03:46:54.0984 0x0444 Changer - ok
03:46:55.0015 0x0444 [ 9E21229E04E1D301BB40222FE4641CB2, 4D2CFD04DB9A71A3DE9159A4514BDD59884556EFF137D43C98FD322A63BF86DA ] CiSvc C:\WINDOWS\system32\cisvc.exe
03:46:55.0015 0x0444 CiSvc - ok
03:46:55.0046 0x0444 [ D3DC45553C8025338E08A60E95B1B91D, 03F90660E6AF758A32A15172E00D25CB3804EBC4264628DC2FDCF5ACB4E2C6A7 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
03:46:55.0046 0x0444 ClipSrv - ok
03:46:55.0062 0x0444 CmdIde - ok
03:46:55.0078 0x0444 COMSysApp - ok
03:46:55.0140 0x0444 Cpqarray - ok
03:46:55.0187 0x0444 [ 70D2A1756F4B2067658A186C963FCABD, 3B80C01D40C32F6ACD6394A7B4D47341251D5ECDA4E71707B98154A71BFA4563 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
03:46:55.0187 0x0444 CryptSvc - ok
03:46:55.0203 0x0444 dac2w2k - ok
03:46:55.0218 0x0444 dac960nt - ok
03:46:55.0359 0x0444 [ C72C15EE57E248C66E57C76CAB086CF2, 2CDFC82E31E58B4BF80F33DFB69D62ED55EAB118AD7BFEE5138DE0DF3F8F2543 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
03:46:55.0375 0x0444 DcomLaunch - ok
03:46:55.0406 0x0444 [ 562830EFB7CF367FB773FEA5256E67C8, FFB284845FF636D8C0BF77AEEAEF5E9E560A65943D6C456B731E455B35D2531A ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
03:46:55.0406 0x0444 Dhcp - ok
03:46:55.0437 0x0444 [ 00CA44E4534865F8A3B64F7C0984BFF0, 3FD73CCD9892F6CFEE776CB384C2E35FA15F4101D308A67E1358F85299501E3D ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
03:46:55.0453 0x0444 Disk - ok
03:46:55.0468 0x0444 dmadmin - ok
03:46:56.0062 0x0444 [ E1968EDEC81C430108FEB23AB07BDB14, 2FF6FF66826ECF3F921C45339DB9FE5C31855BB65A68F3392A96D054127584AA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
03:46:56.0109 0x0444 dmboot - ok
03:46:56.0171 0x0444 [ 1B1520A82E396E46B9AE9FA6B03FF6C6, 13E7D812B775F2CE29CC55090E47D43546B027610042839E5E7F5F1643B683F7 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
03:46:56.0187 0x0444 dmio - ok
03:46:56.0218 0x0444 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
03:46:56.0218 0x0444 dmload - ok
03:46:56.0234 0x0444 [ 7B3CA72885923EB947221F17F3E3AC59, 4C01BF4C9CF1A976C0A37AD97ED2D6C782AE6231B3B63B3749ABA76228DE2182 ] dmserver C:\WINDOWS\System32\dmserver.dll
03:46:56.0250 0x0444 dmserver - ok
03:46:56.0281 0x0444 [ A6F881284AC1150E37D9AE47FF601267, 6C07654CF21637E527FC727EB50F4138BF0EFF0680000AC94001063B436389DB ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
03:46:56.0281 0x0444 DMusic - ok
03:46:56.0312 0x0444 [ F605B3F5674D67587C4B6C9E92A3E025, B48339F570467AA5E7FB4256A14280963A37EDC38D5C9D7097C9172420E48572 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
03:46:56.0343 0x0444 Dnscache - ok
03:46:56.0359 0x0444 dpti2o - ok
03:46:56.0546 0x0444 [ DC94357F990759316423D021AEEAAF45, 4069639E73F1F9D6C7D49C4A875EFC13283EE5070D9ECBB1937E2B08B7EF1055 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
03:46:56.0781 0x0444 DragonUpdater - ok
03:46:56.0843 0x0444 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E, B941AB5D9D504486083E0D1539B1A96E27721C9EFD7A67CA1DB7258B0D33AB78 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
03:46:56.0843 0x0444 drmkaud - ok
03:46:56.0859 0x0444 efavdrv - ok
03:46:56.0921 0x0444 [ D6F7428B201E33BC80066B47144CB568, 8E9E90D4D6DCE7F006A6904E86A2559B263D19A4F921F44E97079EF9C9C220F9 ] ERSvc C:\WINDOWS\System32\ersvc.dll
03:46:56.0937 0x0444 ERSvc - ok
03:46:56.0984 0x0444 [ 6E401E61F952FBBF708AFBECEFAFAE81, 31D7A402BE7997F0BF902CB8A150DB54C7309C882DE3D8A8E74338CF1BD268D7 ] Eventlog C:\WINDOWS\system32\services.exe
03:46:56.0984 0x0444 Eventlog - ok
03:46:57.0015 0x0444 [ 972378B907070F64932A87C90A035487, 7D0F6FD6CBF285C517F05B168394676ADE83FB80434128002ADD90328AFDEACA ] EventSystem C:\WINDOWS\system32\es.dll
03:46:57.0031 0x0444 EventSystem - ok
03:46:57.0062 0x0444 [ 3117F595E9615E04F05A54FC15A03B20, 4708E8F1CDE6E9663B5DBEBAB8C684B16E45D41AEF20E4071D0A2931B305BD76 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
03:46:57.0078 0x0444 Fastfat - ok
03:46:57.0125 0x0444 [ 8BA76BD2A943F642F267A296A15776D2, 6338382F0C17E4F6454298D19FDF05CA5E22A63586A3D8E37B7E24478E35DF51 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
03:46:57.0125 0x0444 FastUserSwitchingCompatibility - ok
03:46:57.0187 0x0444 [ CED2E8396A8838E59D8FD529C680E02C, 8542AE6A2D65D3F843EA70F5FFBC150B773C5CFA3FE6388FA68A95416FAD0F6E ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
03:46:57.0187 0x0444 Fdc - ok
03:46:57.0203 0x0444 [ 266DAB58619B17BDF37FABBD48D875CA, 33B6E2AF9B78B6B47768102321868B8A75C49B66849DAEEA2F8E6753BBE28F2D ] Fips C:\WINDOWS\system32\drivers\Fips.sys
03:46:57.0203 0x0444 Fips - ok
03:46:57.0234 0x0444 [ 0DD1DE43115B93F4D85E889D7A86F548, D50F7AAE5416C6D41845960BDDA24E97226F609AA726E4F88601ADC9ED50E872 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
03:46:57.0234 0x0444 Flpydisk - ok
03:46:57.0281 0x0444 [ 157754F0DF355A9E0A6F54721914F9C6, 1EB1424D98000FE80901287F9D51DDD18132B7C2CFEC4C7767F32F71DC2F64F9 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
03:46:57.0296 0x0444 FltMgr - ok
03:46:57.0328 0x0444 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
03:46:57.0328 0x0444 Fs_Rec - ok
03:46:57.0359 0x0444 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
03:46:57.0375 0x0444 Ftdisk - ok
03:46:57.0406 0x0444 [ C0F1D4A21DE5A415DF8170616703DEBF, 3E21AAD06CF6EB95662B568671B1DBD129CED481761BCDB67088E965E5C0BC5B ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
03:46:57.0406 0x0444 Gpc - ok
03:46:57.0453 0x0444 [ 2A013E7530BEAB6E569FAA83F517E836, 481390EE00AF49BB54B8C885801FCAC0F87F4EF3D935ABBBA42B7C063EFDDB8F ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
03:46:57.0468 0x0444 HdAudAddService - ok
03:46:57.0500 0x0444 [ 3FCC124B6E08EE0E9351F717DD136939, EBFE0FB51E14570A1A1D64C8E5383F3FF28509361D13945B79A9C551EB522012 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
03:46:57.0515 0x0444 HDAudBus - ok
03:46:57.0593 0x0444 [ F59152272782FED8A8197FA788287F68, BB4E79979FD8F68C9F7061C06E9300120DCDC3B74BAD20300ECF8A7D4F48CE3C ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
03:46:57.0625 0x0444 helpsvc - ok
03:46:57.0640 0x0444 hpn - ok
03:46:57.0703 0x0444 [ C19B522A9AE0BBC3293397F3055E80A1, C04F067E06798E50AE90743F6ACB53FEB83DC749C76F97C962B14616A49E15CE ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
03:46:57.0750 0x0444 HTTP - ok
03:46:57.0812 0x0444 [ DA826826C5C9116F47E0CD0CA8CC7C11, 4360B34629C7267D9298F42F29940CE78A33674CD7F2F74B400A40D4683BD274 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
03:46:57.0812 0x0444 HTTPFilter - ok
03:46:57.0828 0x0444 i2omgmt - ok
03:46:57.0843 0x0444 i2omp - ok
03:46:57.0875 0x0444 [ 0F42DE9909B5DBF2C48DD1A79D491AF5, 0846D23DC158F5AE4585596A3BF4F5CC8C2BB4DA30CC7C627A0C47C73BAD7726 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
03:46:57.0875 0x0444 i8042prt - ok
03:46:57.0937 0x0444 [ F8AA320C6A0409C0380E5D8A99D76EC6, A848B9C489DDFBD48BDA140CB9DD43097686115042745F6444F803739168D391 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
03:46:57.0937 0x0444 Imapi - ok
03:46:58.0000 0x0444 [ CF9D286B34CB4912F3B28B4972D5CB33, EB8B65842D6767511956BFF4FD32F4B1098D23EBC34B11ABB9CAEE0A2846F012 ] ImapiService C:\WINDOWS\system32\imapi.exe
03:46:58.0015 0x0444 ImapiService - ok
03:46:58.0046 0x0444 ini910u - ok
03:46:58.0437 0x0444 [ 876B77CB27D91CDE0775ACF4FFB8ABC2, C8355EFD21B8B682F724F1B961F44C52B95DF8F719C92FDFAE662498683F113D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
03:46:58.0625 0x0444 IntcAzAudAddService - ok
03:46:58.0671 0x0444 IntelIde - ok
03:46:58.0718 0x0444 [ 4448006B6BC60E6C027932CFC38D6855, C377235EBE475C281ACB6A3267F12D8FE623433F05134A6CE50562414F94D7B1 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
03:46:58.0718 0x0444 Ip6Fw - ok
03:46:58.0781 0x0444 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
03:46:58.0796 0x0444 IpFilterDriver - ok
03:46:58.0812 0x0444 [ E1EC7F5DA720B640CD8FB8424F1B14BB, E5CF9F43D8C8028E8F29CAF8AD1E2179E5B02DCAA430900672FCB4C4EE288EF0 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
03:46:58.0812 0x0444 IpInIp - ok
03:46:58.0890 0x0444 [ B5A8E215AC29D24D60B4D1250EF05ACE, D1D47DCF9F35325549833710BD9B1C431698819914212FF6A328DD338FBA0E1D ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
03:46:58.0906 0x0444 IpNat - ok
03:46:58.0953 0x0444 [ 64537AA5C003A6AFEEE1DF819062D0D1, 5A6C11317DEF14B8C34A8C669EB75F7A8D46F05090C43D3DFF602CFA13CC504E ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
03:46:58.0953 0x0444 IPSec - ok
03:46:59.0031 0x0444 [ 50708DAA1B1CBB7D6AC1CF8F56A24410, A5657038A66B83472B456246E58884D5DF2E5B63BD176AE3DFFB6D5B6998E8B7 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
03:46:59.0031 0x0444 IRENUM - ok
03:46:59.0078 0x0444 [ 1091528512E4DD7ED5FDDCC4DF1C53D7, 81F1AFFD064E783BE5F2377C580612C9D8FEA05D792078452BD6BCC0FE04B1A4 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
03:46:59.0093 0x0444 isapnp - ok
03:46:59.0171 0x0444 [ 6F877BF8DC01A550CD666F3BEDB2213C, F48BDC5E300D5598F585D9698F1884D86006938240521512B21C59213ADCDE2A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
03:46:59.0171 0x0444 Kbdclass - ok
03:46:59.0218 0x0444 [ D93CAD07C5683DB066B0B2D2D3790EAD, 4C96F68F9914DCCDAFB5D6FC1A765ADFF37C6E4675AF0EF20AA1EDFF04CE27AD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
03:46:59.0234 0x0444 kmixer - ok
03:46:59.0250 0x0444 [ EB7FFE87FD367EA8FCA0506F74A87FBB, 5D318CD7DB88473A6FFB74939FF62EB8DD0E6C79847844212D7168095F635531 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
03:46:59.0250 0x0444 KSecDD - ok
03:46:59.0296 0x0444 [ 6D6BDD68B775986577C48A8DF961A05C, D6D2B5BC2707E39848BE7B03DFD14F1D1E52BBFE24AC54247D520B00468B084E ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
03:46:59.0312 0x0444 lanmanserver - ok
03:46:59.0359 0x0444 [ 69B0569AAE33F0D5057CA0E8577AAF07, A0D9FB370A259E50EE4BF89CD8EA7AE2A81283DE146087D064BCAC5F0BBFEB50 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
03:46:59.0359 0x0444 lanmanworkstation - ok
03:46:59.0390 0x0444 lbrtfdc - ok
03:46:59.0562 0x0444 [ 6797CA7A4A76BFF14DFF3165651657AF, 1169A03CAE5F50323989F3870B0053ADF3B2081CBF7F780A610ABCF39CB7D934 ] LiveUpdateSvc C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
03:46:59.0640 0x0444 LiveUpdateSvc - ok
03:46:59.0671 0x0444 [ F9EE6D2AAB0690B34AE35BA9921A1414, 7FD7397E9B8F23D00E060462AA8DE4E4E7D786602D7BD95EE0685142F46DA6F2 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
03:46:59.0703 0x0444 LmHosts - ok
03:46:59.0734 0x0444 [ 805C6F337968C7271F0421D0A386C8EE, 1FAB99BA07A4B1012857EC2F1E38696BBBE1E494AF6E165A76FE41E46BDC463A ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
03:46:59.0765 0x0444 mbamchameleon - ok
03:46:59.0781 0x0444 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
03:46:59.0781 0x0444 MBAMProtector - ok
03:46:59.0921 0x0444 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
03:46:59.0968 0x0444 MBAMScheduler - ok
03:47:00.0078 0x0444 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
03:47:00.0109 0x0444 MBAMService - ok
03:47:00.0140 0x0444 [ 8B2FCBD881879B55BE40B41F12FFC431, D79E98D5209CB94F6AFC7CFCB1ABAF7525E124B05F339B6B4AC49B57812745C9 ] Messenger C:\WINDOWS\System32\msgsvc.dll
03:47:00.0140 0x0444 Messenger - ok
03:47:00.0171 0x0444 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
03:47:00.0171 0x0444 mnmdd - ok
03:47:00.0218 0x0444 [ 7D137132D6A9B41EF800E59A771ED48C, 822337861F3002175AA183260C14C176206CE08C4341D4D801474054D19CB7E7 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
03:47:00.0234 0x0444 mnmsrvc - ok
03:47:00.0281 0x0444 [ 60210DEB037846AFE521EBF349964F6B, B52B64508B318FEDC18BAE31D9C17BCB981F247767EC49C886E9A79F1254D64A ] Modem C:\WINDOWS\system32\drivers\Modem.sys
03:47:00.0296 0x0444 Modem - ok
03:47:00.0312 0x0444 [ B160EC94114715675509115986400FD9, C2623AE479C01849AEE3CCBF9896C2DD619BF1C95CEAAC639B65AF9C740C11D4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
03:47:00.0312 0x0444 Mouclass - ok
03:47:00.0390 0x0444 [ 65653F3B4477F3C63E68A9659F85EE2E, 32A34B22A4C1F50A966F321FD228C6B85F0F0315ABF3D40FC416618E786A4024 ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
03:47:00.0390 0x0444 MountMgr - ok
03:47:00.0406 0x0444 mraid35x - ok
03:47:00.0437 0x0444 [ 46EDCC8F2DB2F322C24F48785CB46366, 0300EC19CAAEEC52001EBB7F3BE6DE314B42FE7F8BA072905070FEA75CC06E3B ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
03:47:00.0468 0x0444 MRxDAV - ok
03:47:00.0531 0x0444 [ 1FD607FC67F7F7C633C3DA65BFC53D18, 0FDD53C72F3158283306892A57A2687D5358A468380E8BE6EB58EAE100D813C1 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
03:47:00.0546 0x0444 MRxSmb - ok
03:47:00.0562 0x0444 [ 944A24032AED84C59455B981F6CA1C1A, 4FC03E27AF2F19BDB9810B364D3CDF8E1D91AFC950B3458E18A3B25602C72191 ] MSDTC C:\WINDOWS\system32\msdtc.exe
03:47:00.0562 0x0444 MSDTC - ok
03:47:00.0609 0x0444 [ 561B3A4333CA2DBDBA28B5B956822519, 5B53906A29B9AA55A399F880CA989F9878BD943D3E97FB10A25BFD723654AF49 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
03:47:00.0609 0x0444 Msfs - ok
03:47:00.0625 0x0444 MSIServer - ok
03:47:00.0671 0x0444 [ AE431A8DD3C1D0D0610CDBAC16057AD0, 8B3BCAC3DA71778DC8B863E6DEF10F02F65D1BDD3381802DDC0B2980F4F1FBB9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
03:47:00.0750 0x0444 MSKSSRV - ok
03:47:00.0781 0x0444 [ 13E75FEF9DFEB08EEDED9D0246E1F448, 69D4CF483753FF253431656E1CB680F6702375696F94E259729BD11C25004031 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
03:47:00.0796 0x0444 MSPCLOCK - ok
03:47:00.0812 0x0444 [ 1988A33FF19242576C3D0EF9CE785DA7, 9E1C07F364DA7EF0D859BB7A3A06F849A153722E27E872640120CC6855D9FC51 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
03:47:00.0812 0x0444 MSPQM - ok
03:47:00.0859 0x0444 [ 469541F8BFD2B32659D5D463A6714BCE, 46AA7D2442DCC4C51C08BA0C00136F058F9160E6D6EDE78B2FD82545AE4FD10B ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
03:47:00.0875 0x0444 mssmbios - ok
03:47:00.0890 0x0444 [ 82035E0F41C2DD05AE41D27FE6CF7DE1, 6111D330E7ACB77E23EA6A9E001FC651DE1DC49D772DC6FDD3C4B8EDA57E1C7A ] Mup C:\WINDOWS\system32\drivers\Mup.sys
03:47:00.0890 0x0444 Mup - ok
03:47:00.0921 0x0444 [ 558635D3AF1C7546D26067D5D9B6959E, 8C1802908DF35E442575969D29F4B22019A2B3E4C309B8E193F98F75AE81F013 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
03:47:00.0937 0x0444 NDIS - ok
03:47:00.0968 0x0444 [ 08D43BBDACDF23F34D79E44ED35C1B4C, F72CB8FA67C361C40B4C83F08302D7B2FD9178C1C60A7C236AF08B9CB5162591 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
03:47:00.0968 0x0444 NdisTapi - ok
03:47:01.0000 0x0444 [ 34D6CD56409DA9A7ED573E1C90A308BF, DE2060F57C913272524AFB0D472714ABF6F7E49A01534F23D95EE67F207CC6CF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
03:47:01.0000 0x0444 Ndisuio - ok
03:47:01.0062 0x0444 [ 0B90E255A9490166AB368CD55A529893, 90EB17422BF52FE6D0CC6ADA4262D605806C5B583DE04EDEC95FD47EE9697865 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
03:47:01.0062 0x0444 NdisWan - ok
03:47:01.0078 0x0444 [ 59FC3FB44D2669BC144FD87826BB571F, B3C8CEFB09D5C85CBF12AED8CDB1FE455679D3436337263EFDABDC5116D92453 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
03:47:01.0078 0x0444 NDProxy - ok
03:47:01.0093 0x0444 [ 3A2ACA8FC1D7786902CA434998D7CEB4, ECE218DCDCB4D0A5CA8CBD14E931BAA3B5F381B70BBACB65B0EBBB46D2D31683 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
03:47:01.0093 0x0444 NetBIOS - ok
03:47:01.0125 0x0444 [ 0C80E410CD2F47134407EE7DD19CC86B, 2A1D0CE9797F4AB7A24873947A26DD6413B8DBB5A82C24CF28D1FC243AEFC5C8 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
03:47:01.0140 0x0444 NetBT - ok
03:47:01.0156 0x0444 [ 818053225BF4AAC5F0F718001E492F70, D1A884DBCABF20D5FD1EA98E51B0F17353EA4419CAE9D8F91FABED69D45B7BAF ] NetDDE C:\WINDOWS\system32\netdde.exe
03:47:01.0171 0x0444 NetDDE - ok
03:47:01.0234 0x0444 [ 818053225BF4AAC5F0F718001E492F70, D1A884DBCABF20D5FD1EA98E51B0F17353EA4419CAE9D8F91FABED69D45B7BAF ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
03:47:01.0250 0x0444 NetDDEdsdm - ok
03:47:01.0265 0x0444 [ 82A362FE1D4980B71B588D9C10748511, 8DD84B9D55734B5C25DDB97693071BF782B6774E962477C22E4D7DBCDC053F35 ] Netlogon C:\WINDOWS\system32\lsass.exe
03:47:01.0281 0x0444 Netlogon - ok
03:47:01.0312 0x0444 [ AF342D2781225A8769686E0D47E3123E, 3ADB58F9B2694E12C17818CD3711946FDC4BEF3C318BC6E00136D0CBBEB3C9E6 ] Netman C:\WINDOWS\System32\netman.dll
03:47:01.0312 0x0444 Netman - ok
03:47:01.0343 0x0444 [ 64C078BD4EFD441C3F159EDC5EA4420A, 0535A4FFC77AB4F02136B40FA6488E6C4FBE92C8EC8AE40ED6B383DF84E87C5F ] Nla C:\WINDOWS\System32\mswsock.dll
03:47:01.0359 0x0444 Nla - ok
03:47:01.0375 0x0444 [ 4F601BCB8F64EA3AC0994F98FED03F8E, D9D6783B970CB871DE0C6EDD8BE42F30CD1DCD55D4DF006922D9CFC0CF020D27 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
03:47:01.0375 0x0444 Npfs - ok
03:47:01.0546 0x0444 [ B78BE402C3F63DD55521F73876951CDD, 020D75527B4814C544820D29CA064E94F2FCB7B1BA011D63E9D2BFD4CF91BA61 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
03:47:01.0578 0x0444 Ntfs - ok
03:47:01.0609 0x0444 [ 82A362FE1D4980B71B588D9C10748511, 8DD84B9D55734B5C25DDB97693071BF782B6774E962477C22E4D7DBCDC053F35 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
03:47:01.0609 0x0444 NtLmSsp - ok
03:47:01.0687 0x0444 [ D8D2B13BA93AE830B1A637DF571D1195, F07D8C6369F2CE0C7D71627FA39B51C3317538079301571412020B40BEFC90AE ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
03:47:01.0921 0x0444 NtmsSvc - ok
03:47:01.0968 0x0444 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
03:47:01.0968 0x0444 Null - ok
03:47:02.0359 0x0444 [ B19C2AAE0922072FF4A467F2A37620AD, E3A53DA5C3058CBA850D2C78D2A777585DCA3D50C17428E5E1382CB4CC97C990 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
03:47:02.0500 0x0444 nv - ok
03:47:02.0562 0x0444 [ C61927D27B75ED56723F2508F1A6B1BE, 519CB698A0AF0A4DD6FA33F708CC8FA4D358F351950F6D2C279E6B9437C01718 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
03:47:02.0562 0x0444 NVENETFD - ok
03:47:02.0578 0x0444 [ 52DCE3B30C9D61C8E20FE3C6DA4BDFB7, 6C07CE4EEF4EF0E52DE85650D77FCEBE944807D0D520C5AC0BB13A254492152D ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
03:47:02.0593 0x0444 nvgts - ok
03:47:02.0640 0x0444 [ C529B614EF88BE0F62B886C67B516550, 885EE2D9ED6939BDCDF08BCE2AF7244E54C16F4E9E56B69BF4A86139D4AB4AC6 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
03:47:02.0640 0x0444 nvnetbus - ok
03:47:02.0671 0x0444 [ 9F40402087B6D4A428571DD6CA83AC1E, 4E3DCE262E91F4806A43C77557A75AC16C997EA5C1C24A4E6B651BA674DB8665 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
03:47:02.0687 0x0444 NVSvc - ok
03:47:02.0750 0x0444 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
03:47:02.0765 0x0444 NwlnkFlt - ok
03:47:02.0796 0x0444 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
03:47:02.0812 0x0444 NwlnkFwd - ok
03:47:02.0843 0x0444 [ 76A18CAA2FEFB28A4CED38D76837E86E, D2A1AF6D871AD3E40EEA36E4AD9DADE8EC5F5EEADBAB22DA973619C6240178D8 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
03:47:02.0843 0x0444 Parport - ok
03:47:02.0875 0x0444 [ 3334430C29DC338092F79C38EF7B4CD0, B54989B46D77F124D66741A939FF2033F73854FC39AF13C8165D01203A94A94E ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
03:47:02.0890 0x0444 PartMgr - ok
03:47:02.0921 0x0444 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
03:47:02.0921 0x0444 ParVdm - ok
03:47:02.0953 0x0444 [ B7979F37BB7B9DF2230046134955E6E7, 93AA1A5616823B9B6E67363052CB8EE1DE93DB0083B182572AF3DEC1E945E810 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
03:47:02.0953 0x0444 PCI - ok
03:47:02.0984 0x0444 PCIDump - ok
03:47:03.0000 0x0444 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
03:47:03.0015 0x0444 PCIIde - ok
03:47:03.0046 0x0444 [ 90505755634407D4EF4C6DEA60FC1DF9, 2A47FB25BB958E43D3D4E5EA8C29859B04BD8D537E2AD80A619791C892AEDDB5 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
03:47:03.0062 0x0444 Pcmcia - ok
03:47:03.0078 0x0444 PDCOMP - ok
03:47:03.0093 0x0444 PDFRAME - ok
03:47:03.0109 0x0444 PDRELI - ok
03:47:03.0125 0x0444 PDRFRAME - ok
03:47:03.0171 0x0444 perc2 - ok
03:47:03.0187 0x0444 perc2hib - ok
03:47:03.0250 0x0444 [ 6E401E61F952FBBF708AFBECEFAFAE81, 31D7A402BE7997F0BF902CB8A150DB54C7309C882DE3D8A8E74338CF1BD268D7 ] PlugPlay C:\WINDOWS\system32\services.exe
03:47:03.0265 0x0444 PlugPlay - ok
03:47:03.0281 0x0444 [ 82A362FE1D4980B71B588D9C10748511, 8DD84B9D55734B5C25DDB97693071BF782B6774E962477C22E4D7DBCDC053F35 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
03:47:03.0296 0x0444 PolicyAgent - ok
03:47:03.0328 0x0444 [ 1C5CC65AAC0783C344F16353E60B72AC, 7786CFE970A79B327DB57AEBADA8B0B94B4DE07CE8AF285E9835B2AADD597296 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
03:47:03.0328 0x0444 PptpMiniport - ok
03:47:03.0375 0x0444 [ 9A10E4FD13824823DA50D4758BD0A645, C249D15404800673D292C3D1418AC7B5EED0222AEDECB30A895B44EECF1060DC ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
03:47:03.0375 0x0444 Processor - ok
03:47:03.0390 0x0444 [ 82A362FE1D4980B71B588D9C10748511, 8DD84B9D55734B5C25DDB97693071BF782B6774E962477C22E4D7DBCDC053F35 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
03:47:03.0390 0x0444 ProtectedStorage - ok
03:47:03.0406 0x0444 [ 48671F327553DCF1D27F6197F622A668, CB34A17BC36E8F8BB5F87F9EE21311C50DE9AE156513D682581DE47C93EC155D ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
03:47:03.0406 0x0444 PSched - ok
03:47:03.0421 0x0444 PSKMAD - ok
03:47:03.0437 0x0444 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
03:47:03.0484 0x0444 Ptilink - ok
03:47:03.0500 0x0444 ql1080 - ok
03:47:03.0515 0x0444 Ql10wnt - ok
03:47:03.0531 0x0444 ql12160 - ok
03:47:03.0546 0x0444 ql1240 - ok
03:47:03.0562 0x0444 ql1280 - ok
03:47:03.0578 0x0444 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
03:47:03.0578 0x0444 RasAcd - ok
03:47:03.0625 0x0444 [ E68B6F9A726A444059705AB43B5656D1, D5232F7209F4AA459DBE4BF7FC216D6E221623FE78ECD18251C6BB63E91CE545 ] RasAuto C:\WINDOWS\System32\rasauto.dll
03:47:03.0625 0x0444 RasAuto - ok
03:47:03.0656 0x0444 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C, F59974A2A3C21071BC72CA4DAF5D2DDF93471EC16FD1A34DE9DC1A50027F6835 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
03:47:03.0656 0x0444 Rasl2tp - ok
03:47:03.0687 0x0444 [ 6E519D777C91E90592403C9F981FDF03, EC20A1DBB20B1F508007FD150171B802307560CE1AEDAB743C1CB7EDD233207F ] RasMan C:\WINDOWS\System32\rasmans.dll
03:47:03.0703 0x0444 RasMan - ok
03:47:03.0734 0x0444 [ 7306EEED8895454CBED4669BE9F79FAA, DC6874ECAD9105BC9EAB007291958911D7D4D3649124472070B3496B36C45200 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
03:47:03.0734 0x0444 RasPppoe - ok
03:47:03.0750 0x0444 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
03:47:03.0765 0x0444 Raspti - ok
03:47:03.0796 0x0444 [ 29D66245ADBA878FFF574CD66ABD2884, E85710229E61DB37BAB291E2E13ABD99FA8DFF7C8245853253BE540D8741990E ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
03:47:03.0812 0x0444 Rdbss - ok
03:47:03.0828 0x0444 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
03:47:03.0828 0x0444 RDPCDD - ok
03:47:03.0875 0x0444 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD, 586900D30F44E132AC75520EFF4FF615AA46283F1F050AC93FF9C235AC0F1D75 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
03:47:03.0875 0x0444 rdpdr - ok
03:47:03.0921 0x0444 [ D4F5643D7714EF499AE9527FDCD50894, 6D9EDD9DE3B21324FBDEF074F815A4925F656E06BD15B73B53CD255FD8F0D63F ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
03:47:03.0937 0x0444 RDPWD - ok
03:47:04.0031 0x0444 [ 125ACF258DA9633F748131A0E0185AF3, 536868246D0563E8137BEBCDD4ECDCB9872A12B50B1ADE5D6447CC4AD66E0F40 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
03:47:04.0031 0x0444 RDSessMgr - ok
03:47:04.0093 0x0444 [ ABA13D33E1F888C9A68599A48A8840D6, 4CCD4431537CDD38C586E0C85412D380A75903115068B603B14FE3905772B421 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
03:47:04.0093 0x0444 redbook - ok
03:47:04.0218 0x0444 [ EB5E1A601E5A1908A87E4D5A41803D98, 5BC0FEC8E607C3EAD92D9A082C7371C26C20FEAD24811ADE736314C2040643EB ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
03:47:04.0218 0x0444 RemoteAccess - ok
03:47:04.0265 0x0444 [ 5B21208FCF8970BB61FE98E19D828714, 8CFAA5E47D9CF4B1D99D1147D4F5751EBFB7E2074FA66F3F7EE88D57864F7A4E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
03:47:04.0281 0x0444 RemoteRegistry - ok
03:47:04.0296 0x0444 RkHit - ok
03:47:04.0343 0x0444 [ C8A3B668985D61249F2DC71716C58DE8, A1C10E28BC82514ACA24BBD81E61F68A3BD9E3ADCB0F086752DE85E45895A1E5 ] RpcLocator C:\WINDOWS\system32\locator.exe
03:47:04.0359 0x0444 RpcLocator - ok
03:47:04.0437 0x0444 [ C72C15EE57E248C66E57C76CAB086CF2, 2CDFC82E31E58B4BF80F33DFB69D62ED55EAB118AD7BFEE5138DE0DF3F8F2543 ] RpcSs C:\WINDOWS\System32\rpcss.dll
03:47:04.0453 0x0444 RpcSs - ok
03:47:04.0593 0x0444 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
03:47:04.0609 0x0444 RSVP - ok
03:47:04.0640 0x0444 [ 82A362FE1D4980B71B588D9C10748511, 8DD84B9D55734B5C25DDB97693071BF782B6774E962477C22E4D7DBCDC053F35 ] SamSs C:\WINDOWS\system32\lsass.exe
03:47:04.0640 0x0444 SamSs - ok
03:47:04.0890 0x0444 [ C177354E995CC1AA1F767BCD9980434A, C84FEA9E2F4244C293F6C2C44F0CAF8C988FC5ACD521A5C7C14F1B213E2AD4FA ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
03:47:04.0890 0x0444 SCardSvr - ok
03:47:04.0937 0x0444 [ 29AC93307C6182DBE336BCA314947F28, DAAAC0FE86EA59C43B91F5FD8462B9BB3DAC50008BCEBF0240A7A36F134C6D60 ] Schedule C:\WINDOWS\system32\schedsvc.dll
03:47:04.0953 0x0444 Schedule - ok
03:47:05.0000 0x0444 [ D26E26EA516450AF9D072635C60387F4, C78D26B2E6343176EA9E09DD96CDAE108F832B7973FABF756D05E24392FEF388 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
03:47:05.0000 0x0444 Secdrv - ok
03:47:05.0015 0x0444 [ C76CB8A133374FAC6805F83FF7B7DA03, 858E9CCB7D045D63A3AF01529C8B7D821ADEF8D59D0131997D2D5A6115C25E55 ] seclogon C:\WINDOWS\System32\seclogon.dll
03:47:05.0015 0x0444 seclogon - ok
03:47:05.0046 0x0444 [ 220AD85BA9C5B3011296354011B901CC, 410871EFE3549DD776FC492F8FB46AB870AD0CC30B196774632533C23683A0A8 ] SENS C:\WINDOWS\system32\sens.dll
03:47:05.0046 0x0444 SENS - ok
03:47:05.0078 0x0444 [ A2D868AEEFF612E70E213C451A70CAFB, 25CBB9E26CDCBD8E221ACF4364E82E8F811C3144E0EEF9DF9DAEC8534243BD3B ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
03:47:05.0078 0x0444 serenum - ok
03:47:05.0109 0x0444 [ C1DDBC85251551A840212999DA3D95F3, 27A8B1E3C4553DB5F355EF2B07054A336AE6189733991F05A2FB985927861A9A ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
03:47:05.0109 0x0444 Serial - ok
03:47:05.0125 0x0444 [ 0D13B6DF6E9E101013A7AFB0CE629FE0, 2214EA0F16BB33970E299CE457EB50AEE0BEF7959BC1EBD3C06C78A46B42B808 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
03:47:05.0125 0x0444 Sfloppy - ok
03:47:05.0171 0x0444 [ 6A93501BCDEBF159109429B022C0FF83, C909277147FEC307FAFFB4D1938CDAD706A3EEDEF1267A35A95774DC280197EC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
03:47:05.0187 0x0444 SharedAccess - ok
03:47:05.0218 0x0444 [ 8BA76BD2A943F642F267A296A15776D2, 6338382F0C17E4F6454298D19FDF05CA5E22A63586A3D8E37B7E24478E35DF51 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
03:47:05.0218 0x0444 ShellHWDetection - ok
03:47:05.0234 0x0444 Simbad - ok
03:47:05.0250 0x0444 Sparrow - ok
03:47:05.0296 0x0444 [ 8E186B8F23295D1E42C573B82B80D548, C418568C2071E2761CD26F736443BD7BF9C6914D47D171A5AC990278E855A74F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
03:47:05.0296 0x0444 splitter - ok
03:47:05.0328 0x0444 [ 21B6FAA88044A41640E03EBB68BE93E8, 4AFDC909787A5B0F848A714972FC42E3385E6A4D3E97A0498C9ED69B9C3D75C1 ] Spooler C:\WINDOWS\system32\spoolsv.exe
03:47:05.0328 0x0444 Spooler - ok
03:47:05.0406 0x0444 [ A74035EA526DB97D9D50D2143A55F5CF, 041AA0E0BDFE8CDDC29F620747B57E5FBF1B2A0A903A42F0A5D3BB4B602D913B ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
03:47:05.0406 0x0444 sr - ok
03:47:05.0453 0x0444 [ 3CD57F31A64D32FDB28918B16D1E6AAC, F9502B99D6BBCCBB2C67C2B4C1D94877F125A27B90122D378B73793D42A7673D ] srservice C:\WINDOWS\system32\srsvc.dll
03:47:05.0453 0x0444 srservice - ok
03:47:05.0515 0x0444 [ 20B7E396720353E4117D64D9DCB926CA, 55E35EBA5792DC42BE2F10A4FAD4BE5721C05C134C153E37AC4D5E68982DED6C ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
03:47:05.0531 0x0444 Srv - ok
03:47:05.0562 0x0444 [ 88C28F53F53438DAFCD95E99C837C61E, E7C0B02F00742631D74358B12CF99793F33DB10887406249AB52DEFB56B73785 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
03:47:05.0562 0x0444 SSDPSRV - ok
03:47:05.0625 0x0444 [ 0645CCDDDD27F96EEA3534C1DEF736D9, FADBF1990750C76019CC85176A7A978B45C44A87E9F8FE0534C88B442EFF8E38 ] stisvc C:\WINDOWS\system32\wiaservc.dll
03:47:05.0640 0x0444 stisvc - ok
03:47:05.0687 0x0444 [ 03C1BAE4766E2450219D20B993D6E046, 0D8E5B141EAA9E2C8D1F8BFD522F57EE8074216A336CBE37FE77B8ADDB791DBE ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
03:47:05.0687 0x0444 swenum - ok
03:47:05.0734 0x0444 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D, EEF6DB9EDD8C273A6595675A7A12B9D440FA4E178BA7C69FB1942D97E291F989 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
03:47:05.0734 0x0444 swmidi - ok
03:47:05.0750 0x0444 SwPrv - ok
03:47:05.0781 0x0444 symc810 - ok
03:47:05.0843 0x0444 symc8xx - ok
03:47:05.0859 0x0444 sym_hi - ok
03:47:05.0875 0x0444 sym_u3 - ok
03:47:05.0921 0x0444 [ 650AD082D46BAC0E64C9C0E0928492FD, 6A587A55418A3A7867602D92B99FE393152DED191F27992C4BA909BD268AC43C ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
03:47:05.0921 0x0444 sysaudio - ok
03:47:05.0953 0x0444 [ D9C9ECFF4904E6151525C533AEEDF8F4, 76CA6D597FF62335D710CB8FAC7052CDAE2F15B644ADE4211FDAD3D7FA909086 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
03:47:05.0953 0x0444 SysmonLog - ok
03:47:06.0000 0x0444 [ 37162D29CD61519E6F5EA0DE99786FF6, 8B94018FC03707D16E1678212FF5F4AFD3231CCB5C88C92BD0042D14BC8F45CD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
03:47:06.0046 0x0444 TapiSrv - ok
03:47:06.0093 0x0444 [ 9F4B36614A0FC234525BA224957DE55C, 56766EF576479367C29B2EE16CF232EDE2569CEB0A72BF8E38FBABC9BF7C1BEC ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
03:47:06.0109 0x0444 Tcpip - ok
03:47:06.0140 0x0444 [ 38D437CF2D98965F239B0ABCD66DCB0F, CC497A25C7AC1FF1E07CEE25FB0C5A5E6C4005C1CB244601FE620884A5C26506 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
03:47:06.0140 0x0444 TDPIPE - ok
03:47:06.0171 0x0444 [ ED0580AF02502D00AD8C4C066B156BE9, 41AA6C88CF48CAF0DA8E374F37E74206E4F558332075304A28983D04E08B3154 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
03:47:06.0171 0x0444 TDTCP - ok
03:47:06.0390 0x0444 [ A540A99C281D933F3D69D55E48727F47, CC430FA0E0F1745E167877003FDCC35FE940AF8CAD05387ECBA880CC3A3F6709 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
03:47:06.0390 0x0444 TermDD - ok
03:47:06.0468 0x0444 [ 2F5919F2F6EE7A845893D9C3AA2BC56A, 7A33E761C76004573324AF8D8D8F3067535A9F100D832AF60D96508600BAE35C ] TermService C:\WINDOWS\System32\termsrv.dll
03:47:06.0484 0x0444 TermService - ok
03:47:06.0515 0x0444 [ 8BA76BD2A943F642F267A296A15776D2, 6338382F0C17E4F6454298D19FDF05CA5E22A63586A3D8E37B7E24478E35DF51 ] Themes C:\WINDOWS\System32\shsvcs.dll
03:47:06.0515 0x0444 Themes - ok
03:47:06.0531 0x0444 [ 535C2FB97336BAFA509F4783DD1E5746, C89211700C33243482E611B01E23F7044197EEE214658C4E8412E0832426438C ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
03:47:06.0546 0x0444 TlntSvr - ok
03:47:06.0562 0x0444 TosIde - ok
03:47:06.0593 0x0444 [ 4DCE17221B1A87FB47E36842F3E38753, 67309D290E36DE38727E5AA21E7736C65EBBAD5A5C092E243D0F8EE9AFD67EF4 ] TrkWks C:\WINDOWS\system32\trkwks.dll
03:47:06.0593 0x0444 TrkWks - ok
03:47:06.0640 0x0444 [ 12F70256F140CD7D52C58C7048FDE657, F2E3E645AA713A520452F5E17513D258D3900E93F65013551FC2B542BFA15BB3 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
03:47:06.0640 0x0444 Udfs - ok
03:47:06.0656 0x0444 ultra - ok
03:47:06.0859 0x0444 [ AFF2E5045961BBC0A602BB6F95EB1345, FEEF47B9683B0F26355AC0947019DE9AE27002A7019C1C4A2D22FA0046E9F07B ] Update C:\WINDOWS\system32\DRIVERS\update.sys
03:47:06.0875 0x0444 Update - ok
03:47:06.0937 0x0444 [ 984FC1518B0D5B31D76F0E63608E0500, 9E61C32032192C0A720A9ED98CCE4CF48E4BB25BAAC11DE9960538704B91E01C ] upnphost C:\WINDOWS\System32\upnphost.dll
03:47:06.0953 0x0444 upnphost - ok
03:47:06.0968 0x0444 [ 6148A3BA4D9CC628357FC92014FEA30E, BA317DA185BAEE6A01B7C004E3DE89BD2459428FF9AEE07E70BD90B2B0110212 ] UPS C:\WINDOWS\System32\ups.exe
03:47:06.0968 0x0444 UPS - ok
03:47:07.0000 0x0444 [ 15E993BA2F6946B2BFBBFCD30398621E, 10AD5B133C9C68B8E11DF702C50BDE5162693C5A9F132DFE1823D03D70D4EB89 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
03:47:07.0000 0x0444 usbehci - ok
03:47:07.0015 0x0444 [ C72F40947F92CEA56A8FB532EDF025F1, EBB9E235C973574B835B1FD22D813E9215029B3FC5030591D6F7971C9A23AEF7 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
03:47:07.0015 0x0444 usbhub - ok
03:47:07.0203 0x0444 [ BDFE799A8531BAD8A5A985821FE78760, CDF194BA160146C329D4911A6573FE47E93BC1F5594C7D3B6C9F44105B90BD26 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
03:47:07.0203 0x0444 usbohci - ok
03:47:07.0218 0x0444 [ 6CD7B22193718F1D17A47A1CD6D37E75, CFD74FE06819DA488654F88BFCCBF29994FE7F04EC6CD5CD41552B0C95A8130F ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
03:47:07.0218 0x0444 usbstor - ok
03:47:07.0250 0x0444 [ 8A60EDD72B4EA5AEA8202DAF0E427925, ED0624B285E4F64E07E30C12490873A2090F9DFD6A91A2EDA7A1082B88A8199E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
03:47:07.0250 0x0444 VgaSave - ok
03:47:07.0265 0x0444 ViaIde - ok
03:47:07.0281 0x0444 [ CD8CCE067F7E9CBD762C00BDDDECAA34, 6BE26533354A876DC5E5BE1B8DB28A995A6255CD9E50ED48EE14BF17243CBC0F ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
03:47:07.0296 0x0444 VolSnap - ok
03:47:07.0343 0x0444 [ 043539881667BB37B07524032D6FFC3E, 79D6DE32F3B91F57461407913E52184FEC83CA0D7A509275B0656770128FF574 ] VSS C:\WINDOWS\System32\vssvc.exe
03:47:07.0375 0x0444 VSS - ok
03:47:07.0421 0x0444 [ 2CEEBB402187AE56B585701F3D191FB3, F08AF3FEA80EB7E1DECD0592ED4A50E0AE78F01A586BA3A6B4D98374726899AF ] W32Time C:\WINDOWS\system32\w32time.dll
03:47:07.0437 0x0444 W32Time - ok
03:47:07.0593 0x0444 [ 984EF0B9788ABF89974CFED4BFBAACBC, 8178888E3A1AA3BD3BE34456118BB76AF2DD04EC575E4880F97A8EFB182C9E92 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
03:47:07.0593 0x0444 Wanarp - ok
03:47:07.0609 0x0444 WDICA - ok
03:47:07.0656 0x0444 [ 2797F33EBF50466020C430EE4F037933, F134F8C091D944880714E4D193D2753BE4F1C18757D5274A892195C4EC9C4D08 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
03:47:07.0671 0x0444 wdmaud - ok
03:47:07.0859 0x0444 [ 3791ADF1D3466AC6B4B662D3F79CBFEC, 35C7EEA00A59E60EA213040D8119B0BC4BA74EA8DADBAEFD4B818C3CC6A62457 ] WebClient C:\WINDOWS\System32\webclnt.dll
03:47:07.0875 0x0444 WebClient - ok
03:47:07.0953 0x0444 [ E12084EA622BDF2262C637BEF15DD85C, C6A5A1D60D3ED3C429B2B57B8F731E9CCC7517F71B91CDC5673AAA862CB32B63 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
03:47:07.0953 0x0444 winmgmt - ok
03:47:08.0109 0x0444 [ E02E913B3841717A890A644EE167B9A5, A4F6845C01DEBFAC8AD28D42C128384C52DD2E7729E53A415F8C55EFB1ACDA13 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
03:47:08.0109 0x0444 WmdmPmSN - ok
03:47:08.0187 0x0444 [ 0CDC4A0C6B820FAD99FB4CA74CD0C476, 9996D4A85B4D1D02689EA5E23502287D5F46A517026990E8BCCF365885F54493 ] Wmi C:\WINDOWS\System32\advapi32.dll
03:47:08.0218 0x0444 Wmi - ok
03:47:08.0265 0x0444 [ BCD21B989F0FD4ACE78287FC01B4693D, 108D864F82B43403E97EF58766F9829DD5E9B129B1E924495A45945C0AF638F3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
03:47:08.0281 0x0444 WmiApSrv - ok
03:47:08.0421 0x0444 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
03:47:08.0421 0x0444 WS2IFSL - ok
03:47:08.0453 0x0444 [ 4ADED1ADEF25041D9827F9A79C0FDA13, DF708C74E330438719911B7E9F06E4152A3138FD401C0C9CC6C9B3608FA9EB40 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
03:47:08.0453 0x0444 wscsvc - ok
03:47:08.0500 0x0444 [ 21F5169CA14E0B25C757644456F637DF, 762BD8AF92E5D41E1B685A8F1B2A7CB9223120CB6D6AAC31B02D3277FC4C700B ] wuauserv C:\WINDOWS\system32\wuauserv.dll
03:47:08.0500 0x0444 wuauserv - ok
03:47:08.0671 0x0444 [ 325CEDEF696EF4B649DDCD3968D085C9, 0414BB4845D839D65F99022585ABEFDE4DD22E412C12D3DE2CE83F5B7431041F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
03:47:08.0687 0x0444 WZCSVC - ok
03:47:08.0734 0x0444 [ 9B835D4C64860B155A1701D5092EC9E4, 28E97DB3CF98C4748AAEE696F88FBA8C8229692F0618B63AA782ABB859B09B8F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
03:47:08.0921 0x0444 xmlprov - ok
03:47:08.0953 0x0444 ================ Scan global ===============================
03:47:08.0984 0x0444 [ F642F3368D2839798DA79E7BA9218481, 33E91CD6594F4651255D2AB18F6EB7D1BCBA71511B2ED7B753E0FFA50FA137EE ] C:\WINDOWS\system32\basesrv.dll
03:47:09.0015 0x0444 [ E4E57FBA176F2752527B1D53A663D2D7, 154CDA622FB92298FC5D48D86F6A780154925F6C81B15E655E8ED52B83E2F892 ] C:\WINDOWS\system32\winsrv.dll
03:47:09.0046 0x0444 [ E4E57FBA176F2752527B1D53A663D2D7, 154CDA622FB92298FC5D48D86F6A780154925F6C81B15E655E8ED52B83E2F892 ] C:\WINDOWS\system32\winsrv.dll
03:47:09.0078 0x0444 [ 6E401E61F952FBBF708AFBECEFAFAE81, 31D7A402BE7997F0BF902CB8A150DB54C7309C882DE3D8A8E74338CF1BD268D7 ] C:\WINDOWS\system32\services.exe
03:47:09.0093 0x0444 [ Global ] - ok
03:47:09.0093 0x0444 ================ Scan MBR ==================================
03:47:09.0109 0x0444 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
03:47:09.0750 0x0444 \Device\Harddisk0\DR0 - ok
03:47:09.0750 0x0444 ================ Scan VBR ==================================
03:47:09.0765 0x0444 [ 84ED9E088472A1498F1BF383AB81B0DF ] \Device\Harddisk0\DR0\Partition1
03:47:09.0765 0x0444 \Device\Harddisk0\DR0\Partition1 - ok
03:47:09.0781 0x0444 [ ED52E3EA167392AB35F0F13B35505FF5 ] \Device\Harddisk0\DR0\Partition2
03:47:09.0781 0x0444 \Device\Harddisk0\DR0\Partition2 - ok
03:47:09.0796 0x0444 ================ Scan active images ========================
03:47:09.0796 0x0444 [ EFBB0956BAED786E137351B5CA272AEF, 613E34D31C21F5CA9AEDC4BF64B8EE365DA355F914738C4FD638DB3EBE75FBB5 ] C:\WINDOWS\system32\drivers\AmdK8.sys
03:47:09.0796 0x0444 C:\WINDOWS\system32\drivers\AmdK8.sys - ok
03:47:09.0812 0x0444 [ 2034CA78F9C6E787B4B76D81AC888351, DF04A1C19D5E4A62122DBD57A9D3D5190CA15930AB6D13CA6085657B1AFC6F50 ] C:\WINDOWS\system32\drivers\usbport.sys
03:47:09.0812 0x0444 C:\WINDOWS\system32\drivers\usbport.sys - ok
03:47:09.0828 0x0444 [ BDFE799A8531BAD8A5A985821FE78760, CDF194BA160146C329D4911A6573FE47E93BC1F5594C7D3B6C9F44105B90BD26 ] C:\WINDOWS\system32\drivers\usbohci.sys
03:47:09.0828 0x0444 C:\WINDOWS\system32\drivers\usbohci.sys - ok
03:47:09.0843 0x0444 [ AF9C19B3100FE010496B1A27181FBF72, 64E9E4461F631EED2B2A1FC80DCC9C31DCECB5738289D322E6A6428C840DC621 ] C:\WINDOWS\system32\drivers\cdrom.sys
03:47:09.0843 0x0444 C:\WINDOWS\system32\drivers\cdrom.sys - ok
03:47:09.0859 0x0444 [ 3FCC124B6E08EE0E9351F717DD136939, EBFE0FB51E14570A1A1D64C8E5383F3FF28509361D13945B79A9C551EB522012 ] C:\WINDOWS\system32\drivers\Hdaudbus.sys
03:47:09.0859 0x0444 C:\WINDOWS\system32\drivers\Hdaudbus.sys - ok
03:47:09.0859 0x0444 [ 15E993BA2F6946B2BFBBFCD30398621E, 10AD5B133C9C68B8E11DF702C50BDE5162693C5A9F132DFE1823D03D70D4EB89 ] C:\WINDOWS\system32\drivers\usbehci.sys
03:47:09.0859 0x0444 C:\WINDOWS\system32\drivers\usbehci.sys - ok
03:47:09.0875 0x0444 [ B9540E258F952650DE8DEC68719A5C97, C4706B09AAC1D3585F1E4207B0A5287BF9752ED7B427DF378AC8CAC826F8837F ] C:\WINDOWS\system32\drivers\ks.sys
03:47:09.0875 0x0444 C:\WINDOWS\system32\drivers\ks.sys - ok
03:47:09.0906 0x0444 [ C529B614EF88BE0F62B886C67B516550, 885EE2D9ED6939BDCDF08BCE2AF7244E54C16F4E9E56B69BF4A86139D4AB4AC6 ] C:\WINDOWS\system32\drivers\nvnetbus.sys
03:47:09.0906 0x0444 C:\WINDOWS\system32\drivers\nvnetbus.sys - ok
03:47:09.0906 0x0444 [ ABA13D33E1F888C9A68599A48A8840D6, 4CCD4431537CDD38C586E0C85412D380A75903115068B603B14FE3905772B421 ] C:\WINDOWS\system32\drivers\redbook.sys
03:47:09.0906 0x0444 C:\WINDOWS\system32\drivers\redbook.sys - ok
03:47:09.0921 0x0444 [ D5A9D123F5ED7C9965A481BD20CF66D8, E89C49FF047F85728D69C83E3F544F035FA1672BA08E6D78CB454877D0F4C281 ] C:\WINDOWS\system32\drivers\videoprt.sys
03:47:09.0921 0x0444 C:\WINDOWS\system32\drivers\videoprt.sys - ok
03:47:09.0937 0x0444 [ B19C2AAE0922072FF4A467F2A37620AD, E3A53DA5C3058CBA850D2C78D2A777585DCA3D50C17428E5E1382CB4CC97C990 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
03:47:09.0937 0x0444 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
03:47:09.0953 0x0444 [ CED2E8396A8838E59D8FD529C680E02C, 8542AE6A2D65D3F843EA70F5FFBC150B773C5CFA3FE6388FA68A95416FAD0F6E ] C:\WINDOWS\system32\drivers\fdc.sys
03:47:09.0953 0x0444 C:\WINDOWS\system32\drivers\fdc.sys - ok
03:47:09.0968 0x0444 [ 76A18CAA2FEFB28A4CED38D76837E86E, D2A1AF6D871AD3E40EEA36E4AD9DADE8EC5F5EEADBAB22DA973619C6240178D8 ] C:\WINDOWS\system32\drivers\parport.sys
03:47:09.0968 0x0444 C:\WINDOWS\system32\drivers\parport.sys - ok
03:47:09.0984 0x0444 [ A2D868AEEFF612E70E213C451A70CAFB, 25CBB9E26CDCBD8E221ACF4364E82E8F811C3144E0EEF9DF9DAEC8534243BD3B ] C:\WINDOWS\system32\drivers\serenum.sys
03:47:09.0984 0x0444 C:\WINDOWS\system32\drivers\serenum.sys - ok
03:47:09.0984 0x0444 [ C1DDBC85251551A840212999DA3D95F3, 27A8B1E3C4553DB5F355EF2B07054A336AE6189733991F05A2FB985927861A9A ] C:\WINDOWS\system32\drivers\serial.sys
03:47:09.0984 0x0444 C:\WINDOWS\system32\drivers\serial.sys - ok
03:47:10.0000 0x0444 [ 0F42DE9909B5DBF2C48DD1A79D491AF5, 0846D23DC158F5AE4585596A3BF4F5CC8C2BB4DA30CC7C627A0C47C73BAD7726 ] C:\WINDOWS\system32\drivers\i8042prt.sys
03:47:10.0000 0x0444 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
03:47:10.0015 0x0444 [ 6F877BF8DC01A550CD666F3BEDB2213C, F48BDC5E300D5598F585D9698F1884D86006938240521512B21C59213ADCDE2A ] C:\WINDOWS\system32\drivers\kbdclass.sys
03:47:10.0015 0x0444 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
03:47:10.0031 0x0444 [ B160EC94114715675509115986400FD9, C2623AE479C01849AEE3CCBF9896C2DD619BF1C95CEAAC639B65AF9C740C11D4 ] C:\WINDOWS\system32\drivers\mouclass.sys
03:47:10.0031 0x0444 C:\WINDOWS\system32\drivers\mouclass.sys - ok
03:47:10.0046 0x0444 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys
03:47:10.0046 0x0444 C:\WINDOWS\system32\drivers\audstub.sys - ok
03:47:10.0062 0x0444 [ 08D43BBDACDF23F34D79E44ED35C1B4C, F72CB8FA67C361C40B4C83F08302D7B2FD9178C1C60A7C236AF08B9CB5162591 ] C:\WINDOWS\system32\drivers\ndistapi.sys
03:47:10.0062 0x0444 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
03:47:10.0062 0x0444 [ 0B90E255A9490166AB368CD55A529893, 90EB17422BF52FE6D0CC6ADA4262D605806C5B583DE04EDEC95FD47EE9697865 ] C:\WINDOWS\system32\drivers\ndiswan.sys
03:47:10.0062 0x0444 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
03:47:10.0078 0x0444 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C, F59974A2A3C21071BC72CA4DAF5D2DDF93471EC16FD1A34DE9DC1A50027F6835 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
03:47:10.0078 0x0444 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
03:47:10.0093 0x0444 [ 7306EEED8895454CBED4669BE9F79FAA, DC6874ECAD9105BC9EAB007291958911D7D4D3649124472070B3496B36C45200 ] C:\WINDOWS\system32\drivers\raspppoe.sys
03:47:10.0093 0x0444 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
03:47:10.0109 0x0444 [ 6891B74AB9A016064E82A419388D0601, EB4C813D551D73ADA539946AB1BDF2D1DABF8EE27BD8E94A0DACA75CC117E6C1 ] C:\WINDOWS\system32\drivers\tdi.sys
03:47:10.0109 0x0444 C:\WINDOWS\system32\drivers\tdi.sys - ok
03:47:10.0125 0x0444 [ C0F1D4A21DE5A415DF8170616703DEBF, 3E21AAD06CF6EB95662B568671B1DBD129CED481761BCDB67088E965E5C0BC5B ] C:\WINDOWS\system32\drivers\msgpc.sys
03:47:10.0125 0x0444 C:\WINDOWS\system32\drivers\msgpc.sys - ok
03:47:10.0140 0x0444 [ 48671F327553DCF1D27F6197F622A668, CB34A17BC36E8F8BB5F87F9EE21311C50DE9AE156513D682581DE47C93EC155D ] C:\WINDOWS\system32\drivers\psched.sys
03:47:10.0140 0x0444 C:\WINDOWS\system32\drivers\psched.sys - ok
03:47:10.0156 0x0444 [ 1C5CC65AAC0783C344F16353E60B72AC, 7786CFE970A79B327DB57AEBADA8B0B94B4DE07CE8AF285E9835B2AADD597296 ] C:\WINDOWS\system32\drivers\raspptp.sys
03:47:10.0156 0x0444 C:\WINDOWS\system32\drivers\raspptp.sys - ok
03:47:10.0171 0x0444 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
03:47:10.0171 0x0444 C:\WINDOWS\system32\drivers\ptilink.sys - ok
03:47:10.0187 0x0444 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
03:47:10.0187 0x0444 C:\WINDOWS\system32\drivers\raspti.sys - ok
03:47:10.0187 0x0444 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD, 586900D30F44E132AC75520EFF4FF615AA46283F1F050AC93FF9C235AC0F1D75 ] C:\WINDOWS\system32\drivers\rdpdr.sys
03:47:10.0187 0x0444 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
03:47:10.0203 0x0444 [ A540A99C281D933F3D69D55E48727F47, CC430FA0E0F1745E167877003FDCC35FE940AF8CAD05387ECBA880CC3A3F6709 ] C:\WINDOWS\system32\drivers\termdd.sys
03:47:10.0203 0x0444 C:\WINDOWS\system32\drivers\termdd.sys - ok
03:47:10.0218 0x0444 [ 03C1BAE4766E2450219D20B993D6E046, 0D8E5B141EAA9E2C8D1F8BFD522F57EE8074216A336CBE37FE77B8ADDB791DBE ] C:\WINDOWS\system32\drivers\swenum.sys
03:47:10.0218 0x0444 C:\WINDOWS\system32\drivers\swenum.sys - ok
03:47:10.0234 0x0444 [ 469541F8BFD2B32659D5D463A6714BCE, 46AA7D2442DCC4C51C08BA0C00136F058F9160E6D6EDE78B2FD82545AE4FD10B ] C:\WINDOWS\system32\drivers\mssmbios.sys
03:47:10.0234 0x0444 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
03:47:10.0250 0x0444 [ AFF2E5045961BBC0A602BB6F95EB1345, FEEF47B9683B0F26355AC0947019DE9AE27002A7019C1C4A2D22FA0046E9F07B ] C:\WINDOWS\system32\drivers\update.sys
03:47:10.0250 0x0444 C:\WINDOWS\system32\drivers\update.sys - ok
03:47:10.0265 0x0444 [ 59FC3FB44D2669BC144FD87826BB571F, B3C8CEFB09D5C85CBF12AED8CDB1FE455679D3436337263EFDABDC5116D92453 ] C:\WINDOWS\system32\drivers\ndproxy.sys

03:47:10.0265 0x0444 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
03:47:10.0265 0x0444 [ 596EB39B50D6EBD9B734DC4AE0544693, EFCA2CFFFB8467BAC63F5174F125FEEFFA1F29491285C5BF99B3A2B2A6A25934 ] C:\WINDOWS\system32\drivers\usbd.sys
03:47:10.0265 0x0444 C:\WINDOWS\system32\drivers\usbd.sys - ok
03:47:10.0281 0x0444 [ C72F40947F92CEA56A8FB532EDF025F1, EBB9E235C973574B835B1FD22D813E9215029B3FC5030591D6F7971C9A23AEF7 ] C:\WINDOWS\system32\drivers\usbhub.sys
03:47:10.0281 0x0444 C:\WINDOWS\system32\drivers\usbhub.sys - ok
03:47:10.0296 0x0444 [ FF86422268DE771D571E123EB7092C6A, 4F1D9BBA2C1B36EA114F8D88EA8BEBA0A18236913B9233CB794BFB048B9E831B ] C:\WINDOWS\system32\drivers\drmk.sys
03:47:10.0296 0x0444 C:\WINDOWS\system32\drivers\drmk.sys - ok
03:47:10.0312 0x0444 [ 5B0F00E43A7094C0B7E433CB42C79164, 8150D03BCA28EF012D2E8E2AF8F6849C0664998FCBDAD0D48AEE44D5CAA9B668 ] C:\WINDOWS\system32\drivers\portcls.sys
03:47:10.0312 0x0444 C:\WINDOWS\system32\drivers\portcls.sys - ok
03:47:10.0328 0x0444 [ 876B77CB27D91CDE0775ACF4FFB8ABC2, C8355EFD21B8B682F724F1B961F44C52B95DF8F719C92FDFAE662498683F113D ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
03:47:10.0328 0x0444 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
03:47:10.0343 0x0444 [ 93929FD32C37FCD47C89A10AA35C2ECD, 4F826D7B30E2537B8128F8CBB2EE9AC2CC5BF1C5326DFEB5ECCC556B78990D29 ] C:\WINDOWS\system32\drivers\nvnrm.sys
03:47:10.0343 0x0444 C:\WINDOWS\system32\drivers\nvnrm.sys - ok
03:47:10.0359 0x0444 [ C61927D27B75ED56723F2508F1A6B1BE, 519CB698A0AF0A4DD6FA33F708CC8FA4D358F351950F6D2C279E6B9437C01718 ] C:\WINDOWS\system32\drivers\NVENETFD.sys
03:47:10.0359 0x0444 C:\WINDOWS\system32\drivers\NVENETFD.sys - ok
03:47:10.0359 0x0444 [ 0DD1DE43115B93F4D85E889D7A86F548, D50F7AAE5416C6D41845960BDDA24E97226F609AA726E4F88601ADC9ED50E872 ] C:\WINDOWS\system32\drivers\flpydisk.sys
03:47:10.0359 0x0444 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
03:47:10.0375 0x0444 [ 0D13B6DF6E9E101013A7AFB0CE629FE0, 2214EA0F16BB33970E299CE457EB50AEE0BEF7959BC1EBD3C06C78A46B42B808 ] C:\WINDOWS\system32\drivers\sfloppy.sys
03:47:10.0375 0x0444 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
03:47:10.0390 0x0444 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
03:47:10.0390 0x0444 C:\WINDOWS\system32\drivers\beep.sys - ok
03:47:10.0406 0x0444 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
03:47:10.0406 0x0444 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
03:47:10.0421 0x0444 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
03:47:10.0421 0x0444 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
03:47:10.0437 0x0444 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
03:47:10.0437 0x0444 C:\WINDOWS\system32\drivers\null.sys - ok
03:47:10.0453 0x0444 [ 8A60EDD72B4EA5AEA8202DAF0E427925, ED0624B285E4F64E07E30C12490873A2090F9DFD6A91A2EDA7A1082B88A8199E ] C:\WINDOWS\system32\drivers\vga.sys
03:47:10.0453 0x0444 C:\WINDOWS\system32\drivers\vga.sys - ok
03:47:10.0468 0x0444 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys
03:47:10.0468 0x0444 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
03:47:10.0484 0x0444 [ 561B3A4333CA2DBDBA28B5B956822519, 5B53906A29B9AA55A399F880CA989F9878BD943D3E97FB10A25BFD723654AF49 ] C:\WINDOWS\system32\drivers\msfs.sys
03:47:10.0484 0x0444 C:\WINDOWS\system32\drivers\msfs.sys - ok
03:47:10.0484 0x0444 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
03:47:10.0484 0x0444 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
03:47:10.0500 0x0444 [ 64537AA5C003A6AFEEE1DF819062D0D1, 5A6C11317DEF14B8C34A8C669EB75F7A8D46F05090C43D3DFF602CFA13CC504E ] C:\WINDOWS\system32\drivers\ipsec.sys
03:47:10.0500 0x0444 C:\WINDOWS\system32\drivers\ipsec.sys - ok
03:47:10.0515 0x0444 [ 4F601BCB8F64EA3AC0994F98FED03F8E, D9D6783B970CB871DE0C6EDD8BE42F30CD1DCD55D4DF006922D9CFC0CF020D27 ] C:\WINDOWS\system32\drivers\npfs.sys
03:47:10.0515 0x0444 C:\WINDOWS\system32\drivers\npfs.sys - ok
03:47:10.0531 0x0444 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
03:47:10.0531 0x0444 C:\WINDOWS\system32\drivers\rasacd.sys - ok
03:47:10.0546 0x0444 [ 9F4B36614A0FC234525BA224957DE55C, 56766EF576479367C29B2EE16CF232EDE2569CEB0A72BF8E38FBABC9BF7C1BEC ] C:\WINDOWS\system32\drivers\tcpip.sys
03:47:10.0546 0x0444 C:\WINDOWS\system32\drivers\tcpip.sys - ok
03:47:10.0562 0x0444 [ 0C80E410CD2F47134407EE7DD19CC86B, 2A1D0CE9797F4AB7A24873947A26DD6413B8DBB5A82C24CF28D1FC243AEFC5C8 ] C:\WINDOWS\system32\drivers\netbt.sys
03:47:10.0562 0x0444 C:\WINDOWS\system32\drivers\netbt.sys - ok
03:47:10.0578 0x0444 [ B5A8E215AC29D24D60B4D1250EF05ACE, D1D47DCF9F35325549833710BD9B1C431698819914212FF6A328DD338FBA0E1D ] C:\WINDOWS\system32\drivers\ipnat.sys
03:47:10.0578 0x0444 C:\WINDOWS\system32\drivers\ipnat.sys - ok
03:47:10.0578 0x0444 [ 984EF0B9788ABF89974CFED4BFBAACBC, 8178888E3A1AA3BD3BE34456118BB76AF2DD04EC575E4880F97A8EFB182C9E92 ] C:\WINDOWS\system32\drivers\wanarp.sys
03:47:10.0578 0x0444 C:\WINDOWS\system32\drivers\wanarp.sys - ok
03:47:10.0593 0x0444 [ 5AC495F4CB807B2B98AD2AD591E6D92E, F645FAD628EC81C3D2555862BEE8DF3975FD9EAE326885528E773B2F148D70FB ] C:\WINDOWS\system32\drivers\afd.sys
03:47:10.0593 0x0444 C:\WINDOWS\system32\drivers\afd.sys - ok
03:47:10.0609 0x0444 [ 3A2ACA8FC1D7786902CA434998D7CEB4, ECE218DCDCB4D0A5CA8CBD14E931BAA3B5F381B70BBACB65B0EBBB46D2D31683 ] C:\WINDOWS\system32\drivers\netbios.sys
03:47:10.0609 0x0444 C:\WINDOWS\system32\drivers\netbios.sys - ok
03:47:10.0625 0x0444 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
03:47:10.0625 0x0444 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
03:47:10.0640 0x0444 [ 9A10E4FD13824823DA50D4758BD0A645, C249D15404800673D292C3D1418AC7B5EED0222AEDECB30A895B44EECF1060DC ] C:\WINDOWS\system32\drivers\processr.sys
03:47:10.0640 0x0444 C:\WINDOWS\system32\drivers\processr.sys - ok
03:47:10.0656 0x0444 [ 29D66245ADBA878FFF574CD66ABD2884, E85710229E61DB37BAB291E2E13ABD99FA8DFF7C8245853253BE540D8741990E ] C:\WINDOWS\system32\drivers\rdbss.sys
03:47:10.0656 0x0444 C:\WINDOWS\system32\drivers\rdbss.sys - ok
03:47:10.0671 0x0444 [ 1FD607FC67F7F7C633C3DA65BFC53D18, 0FDD53C72F3158283306892A57A2687D5358A468380E8BE6EB58EAE100D813C1 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
03:47:10.0671 0x0444 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
03:47:10.0687 0x0444 [ F8AA320C6A0409C0380E5D8A99D76EC6, A848B9C489DDFBD48BDA140CB9DD43097686115042745F6444F803739168D391 ] C:\WINDOWS\system32\drivers\imapi.sys
03:47:10.0687 0x0444 C:\WINDOWS\system32\drivers\imapi.sys - ok
03:47:10.0687 0x0444 [ 266DAB58619B17BDF37FABBD48D875CA, 33B6E2AF9B78B6B47768102321868B8A75C49B66849DAEEA2F8E6753BBE28F2D ] C:\WINDOWS\system32\drivers\fips.sys
03:47:10.0687 0x0444 C:\WINDOWS\system32\drivers\fips.sys - ok
03:47:10.0703 0x0444 [ 24B856F2FA9CBA678E067B398EAC1BED, 8D1A9F75DA1BD89E64C1B40E53C0EAB201299FCD9FC903777BE4D7C42FF73BCC ] C:\WINDOWS\system32\ntdll.dll
03:47:10.0703 0x0444 C:\WINDOWS\system32\ntdll.dll - ok
03:47:10.0718 0x0444 [ 04B69D49D7FC3358A372E97DB6D39447, 21FE5A69117E31D924433EB71968DCCC5746E4F20965F7A90A7E9DB198E3C383 ] C:\WINDOWS\system32\smss.exe
03:47:10.0718 0x0444 C:\WINDOWS\system32\smss.exe - ok
03:47:10.0734 0x0444 [ CEA8636EC12F062C1ED8A7CB4E75324F, E0F92C4AE7D7AAC2C927F85002E7583A9C9EA22819573ACDA11039E0C96287B5 ] C:\WINDOWS\system32\autochk.exe
03:47:10.0734 0x0444 C:\WINDOWS\system32\autochk.exe - ok
03:47:10.0750 0x0444 [ 5CA2E2BA624D6F2C7A581C91E70394CB, 8FB65C9C2CAFA81A9CDF2B5E81C1F1D609C354A6A8B57DD7FA39135750C96EA7 ] C:\WINDOWS\system32\sfcfiles.dll
03:47:10.0750 0x0444 C:\WINDOWS\system32\sfcfiles.dll - ok
03:47:10.0765 0x0444 [ CD7D5152DF32B47F4E36F710B35AAE02, 7382890CC1B27FC66C3E94E064562BBD87B3C75577CB0FD10860B8E2CE07D12E ] C:\WINDOWS\system32\drivers\cdfs.sys
03:47:10.0765 0x0444 C:\WINDOWS\system32\drivers\cdfs.sys - ok
03:47:10.0781 0x0444 [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
03:47:10.0781 0x0444 C:\WINDOWS\system32\drivers\wmilib.sys - ok
03:47:10.0781 0x0444 [ CDFE4411A69C224BD1D11B2DA92DAC51, 0E6B23A80F171550575BEBC56F7500CD87A5CF03B2B9FDC49BC3DE96282CD69D ] C:\WINDOWS\system32\drivers\atapi.sys
03:47:10.0781 0x0444 C:\WINDOWS\system32\drivers\atapi.sys - ok
03:47:10.0796 0x0444 [ C9BF2F12C4E6C12F8A85FBA4B6BC6208, 711E5874F15E4125ED521382F0BBE71C4A21FB96E3ECAAF7A95F8F2C6E551B96 ] C:\WINDOWS\system32\watchdog.sys
03:47:10.0796 0x0444 C:\WINDOWS\system32\watchdog.sys - ok
03:47:10.0812 0x0444 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
03:47:10.0812 0x0444 C:\WINDOWS\system32\drivers\dxapi.sys - ok
03:47:10.0828 0x0444 [ F935B816A5B3D08E519D9EEBD65A6672, 7B3C759925A3BA315436FE174650241B596B857BB731DC5A5E0D97931DB38BD6 ] C:\WINDOWS\system32\win32k.sys
03:47:10.0828 0x0444 C:\WINDOWS\system32\win32k.sys - ok
03:47:10.0843 0x0444 [ F642F3368D2839798DA79E7BA9218481, 33E91CD6594F4651255D2AB18F6EB7D1BCBA71511B2ED7B753E0FFA50FA137EE ] C:\WINDOWS\system32\basesrv.dll
03:47:10.0843 0x0444 C:\WINDOWS\system32\basesrv.dll - ok
03:47:10.0859 0x0444 [ ED0BB61F31DA099F6ABD48025156601B, 2139996E67F069507FD50569F1CA601556EE638CB2F06B39ABB4A7301BD338A5 ] C:\WINDOWS\system32\csrsrv.dll
03:47:10.0859 0x0444 C:\WINDOWS\system32\csrsrv.dll - ok
03:47:10.0859 0x0444 [ 490E6E57E54FAF5F23F658EA188405A1, 73364937DD0F8D25C2D328FF8DCF706E4155C5B63ABF62F44BED479BC357AF2A ] C:\WINDOWS\system32\csrss.exe
03:47:10.0859 0x0444 C:\WINDOWS\system32\csrss.exe - ok
03:47:10.0875 0x0444 [ E4E57FBA176F2752527B1D53A663D2D7, 154CDA622FB92298FC5D48D86F6A780154925F6C81B15E655E8ED52B83E2F892 ] C:\WINDOWS\system32\winsrv.dll
03:47:10.0875 0x0444 C:\WINDOWS\system32\winsrv.dll - ok
03:47:10.0890 0x0444 [ 1B4CCC59980DA34E75F20E42B283B027, 22AD0B2601C002D64550E3FF51A7C071DFC46D71AA4157952657C584496479D4 ] C:\WINDOWS\system32\user32.dll
03:47:10.0890 0x0444 C:\WINDOWS\system32\user32.dll - ok
03:47:10.0906 0x0444 [ 98DA079F61265BC26D4587E280B79F30, D181D70D34E0051FF13CA1A963EA23FABE61FC56F9562A0B50DFA10B65DD4AF5 ] C:\WINDOWS\system32\kernel32.dll
03:47:10.0906 0x0444 C:\WINDOWS\system32\kernel32.dll - ok
03:47:10.0921 0x0444 [ 41D8ADC476E1A1DB0628280774904243, 86656E38B26B3D41977B1C982FF7A4F83D61A868D678AD3FB5D0F14FDE422319 ] C:\WINDOWS\system32\gdi32.dll
03:47:10.0921 0x0444 C:\WINDOWS\system32\gdi32.dll - ok
03:47:10.0937 0x0444 [ D3DAC8432110AAD0B02A58B4459AB835, CA44B2A02554E76CCBE95623AD129EDAB3AADFA5E675CB528E62F6440DFC295D ] C:\WINDOWS\system32\drivers\dxg.sys
03:47:10.0937 0x0444 C:\WINDOWS\system32\drivers\dxg.sys - ok
03:47:10.0953 0x0444 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
03:47:10.0953 0x0444 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
03:47:10.0953 0x0444 [ CE2411A7186F617EAF04759EBE211BF7, AB3FB753DCC399BC983D99FD372804AFA78073D8FE1A5D740E762EEC49F7DC4B ] C:\WINDOWS\system32\nv4_disp.dll
03:47:10.0953 0x0444 C:\WINDOWS\system32\nv4_disp.dll - ok
03:47:10.0984 0x0444 [ 1BD2076C717CB48967D5078EC9650891, CDB4C84ACBFAA98AE5B2282E99662E5DBCE81631C76368219EB29D12F8307F6C ] C:\WINDOWS\system32\vga.dll
03:47:10.0984 0x0444 C:\WINDOWS\system32\vga.dll - ok
03:47:10.0984 0x0444 [ 221C29AE1B4CC61D11D8B27DE78B2307, 70F824164FC862AAAF740DEE7D6F77F78D51A27EE1CAEC344A203F58B7DDDBAA ] C:\WINDOWS\system32\winlogon.exe
03:47:10.0984 0x0444 C:\WINDOWS\system32\winlogon.exe - ok
03:47:11.0000 0x0444 [ 0CDC4A0C6B820FAD99FB4CA74CD0C476, 9996D4A85B4D1D02689EA5E23502287D5F46A517026990E8BCCF365885F54493 ] C:\WINDOWS\system32\advapi32.dll
03:47:11.0000 0x0444 C:\WINDOWS\system32\advapi32.dll - ok
03:47:11.0015 0x0444 [ F0DC396DE971A9A23C780DD8D0EFBF1A, 98F62C89AFC48670E1CD7B36831341C8108E415EE63D27DE344EC33D70FB367D ] C:\WINDOWS\system32\rpcrt4.dll
03:47:11.0015 0x0444 C:\WINDOWS\system32\rpcrt4.dll - ok
03:47:11.0031 0x0444 [ B2370507BF7228B0238709885C628728, 9B18067B168C4913E61922E0F4EE9022823F1EE6B49DA913AA020A438CF5C517 ] C:\WINDOWS\system32\authz.dll
03:47:11.0031 0x0444 C:\WINDOWS\system32\authz.dll - ok
03:47:11.0046 0x0444 [ 91CC3E4CCDBBF8E224182C76C87E454F, BB7BA88D3FA1AC22F631D2C43FCC7693877F1FA33D7ACD14D249043EBC4CE568 ] C:\WINDOWS\system32\msvcrt.dll
03:47:11.0046 0x0444 C:\WINDOWS\system32\msvcrt.dll - ok
03:47:11.0062 0x0444 [ 6BDB36E60A2514A5A1927BDECAA9911E, BD913AD325CF7FDC95D78B0D878EC39C8426823D5F3ED53FA2C302FB823452C7 ] C:\WINDOWS\system32\crypt32.dll
03:47:11.0062 0x0444 C:\WINDOWS\system32\crypt32.dll - ok
03:47:11.0062 0x0444 [ 6EEBFFB5C24C88863A509533D9E25525, BC8CE9CB6258427F412B3FFA734884F4A59DB0943A60199FCDEAA8A7F89E96F3 ] C:\WINDOWS\system32\msasn1.dll
03:47:11.0062 0x0444 C:\WINDOWS\system32\msasn1.dll - ok
03:47:11.0078 0x0444 [ C686934B723A49E4ADCCC66254D4BB3B, 1EE6AB7983794E340BFC3ACAFBE42B9B2969839B6BB028A7DB2FB486B8238327 ] C:\WINDOWS\system32\nddeapi.dll
03:47:11.0078 0x0444 C:\WINDOWS\system32\nddeapi.dll - ok
03:47:11.0093 0x0444 [ 50A18E377DE034C4B6FBD5233B603794, AE21BF2877659D853B40083FB9B19CFA1EFA4A07FB75B6B40CE44DB1DB98B353 ] C:\WINDOWS\system32\netapi32.dll
03:47:11.0093 0x0444 C:\WINDOWS\system32\netapi32.dll - ok
03:47:11.0109 0x0444 [ 354B33931AA885C40F80EB75302E1B8F, C2B07A17106B9D67779A02FBA8D134ACA9C94C08FB847F7543057CFFBF4DAF31 ] C:\WINDOWS\system32\profmap.dll
03:47:11.0109 0x0444 C:\WINDOWS\system32\profmap.dll - ok
03:47:11.0125 0x0444 [ 618B52C1DAABAF5A738B532C3858B14A, E7012ED031A3324572FBE00FBBC06AAF56D3FC6243017E0A4C4B953D55555D78 ] C:\WINDOWS\system32\userenv.dll
03:47:11.0125 0x0444 C:\WINDOWS\system32\userenv.dll - ok
03:47:11.0140 0x0444 [ FBF21330B53F92C17F4FF5F7B0C23BDB, A73FFF19FBF88E8382152D914D6246ECC8482A6E487971DEB2BBF84C669F0149 ] C:\WINDOWS\system32\psapi.dll
03:47:11.0140 0x0444 C:\WINDOWS\system32\psapi.dll - ok
03:47:11.0140 0x0444 [ A8330491A4DF77B0AF39F9AE78B0347D, E1696B989C99488A2B5477ABB07BD0FDF6BB1DFB447A043C606C62A3572457EF ] C:\WINDOWS\system32\regapi.dll
03:47:11.0140 0x0444 C:\WINDOWS\system32\regapi.dll - ok
03:47:11.0156 0x0444 [ 7BC93F007B9E095A35B20BEC5EEE86C0, AF365C388E439ABA2BA06BFFD3C75C62971D3BAB7F5FAA0865A986CAC586A2A8 ] C:\WINDOWS\system32\secur32.dll
03:47:11.0156 0x0444 C:\WINDOWS\system32\secur32.dll - ok
03:47:11.0171 0x0444 [ 16DBA3C4C38B72AE88F3E7A6B4BF82F1, 7BB8703DFE836ECB6EF507E8166B029B1A3F5ABB11B24B1205053E3C8D4031A7 ] C:\WINDOWS\system32\setupapi.dll
03:47:11.0171 0x0444 C:\WINDOWS\system32\setupapi.dll - ok
03:47:11.0187 0x0444 [ E472BDA53A4DCD2142143AF9FD25C99A, A690E34867067E9282C0A1F6741E7774FE028F9954FA5EA98E078B357057134F ] C:\WINDOWS\system32\version.dll
03:47:11.0187 0x0444 C:\WINDOWS\system32\version.dll - ok
03:47:11.0203 0x0444 [ DCF3ABC0EF6493A8931F3FBFFF410FC8, F6A327A7B24FE234E7181BE6AD750381B33BEB4D74BAB46618014FE32A30E928 ] C:\WINDOWS\system32\winsta.dll
03:47:11.0203 0x0444 C:\WINDOWS\system32\winsta.dll - ok
03:47:11.0218 0x0444 [ D1F434EA13285D09C82140BF39D9FE78, 95E354A515B7540BCE883E53F5A651001150983738B9AC6F04B2C4F9837D813C ] C:\WINDOWS\system32\wintrust.dll
03:47:11.0218 0x0444 C:\WINDOWS\system32\wintrust.dll - ok
03:47:11.0234 0x0444 [ 1063D8D06835AAC0360BF6FC82D53E26, 81781194E05FE4E6BE4D790E8D09694EA6B8D8D8D5F9D5B99986C72DD9F79A07 ] C:\WINDOWS\system32\imagehlp.dll
03:47:11.0234 0x0444 C:\WINDOWS\system32\imagehlp.dll - ok
03:47:11.0250 0x0444 [ C2B86666FC44B48903AD6016D15A23DF, 334A124238B862075F94A4FBFFF34A9838E23127A2B737D4951EDEB500A3103F ] C:\WINDOWS\system32\ws2help.dll
03:47:11.0250 0x0444 C:\WINDOWS\system32\ws2help.dll - ok
03:47:11.0265 0x0444 [ 382E9B87F1282E697C67AF84E34E35E2, C8E1FBFA5719021802A5A17115A0D4547E5E0B7F5E32949E44A5F3E26EDDAFF5 ] C:\WINDOWS\system32\ws2_32.dll
03:47:11.0265 0x0444 C:\WINDOWS\system32\ws2_32.dll - ok
03:47:11.0265 0x0444 [ 36E68E02AF2206FC4A8C73CAEABE1FB0, 333F2053DE404A93E5288103B7FD3466BA779AB7803D2958662BF5FF36AB4921 ] C:\WINDOWS\system32\kbdcz.dll
03:47:11.0265 0x0444 C:\WINDOWS\system32\kbdcz.dll - ok
03:47:11.0281 0x0444 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
03:47:11.0281 0x0444 C:\WINDOWS\system32\kbdus.dll - ok
03:47:11.0296 0x0444 [ 1FC0A99C167479B04325861ACAD465F8, F1EEAC65742D6EB731EFEC30132FDADF4DDD8F2A4CBB8BE7AFC75B6756BD36C5 ] C:\WINDOWS\system32\msgina.dll
03:47:11.0296 0x0444 C:\WINDOWS\system32\msgina.dll - ok
03:47:11.0312 0x0444 [ AA69A61B70E6116DB6DCD4DCE6FB5A83, 07E50C5128B21F45E270EA6E1817569A9E28F8D15FB5FCBAB047F39CC13B67AB ] C:\WINDOWS\system32\shell32.dll
03:47:11.0312 0x0444 C:\WINDOWS\system32\shell32.dll - ok
03:47:11.0328 0x0444 [ 1003E388F5B39353DDFC221D74EE5FFB, A69718F54B96E0EA62D10ED74B3CB1AFBB0D9904A33BD9127976C7FC432C2AAD ] C:\WINDOWS\system32\shlwapi.dll
03:47:11.0328 0x0444 C:\WINDOWS\system32\shlwapi.dll - ok
03:47:11.0343 0x0444 [ 876C658C44F2BF4AF050E5534A9F066F, 0DE4C50849ACD1BD0F886B054E3FD81D6E37AB45C54FD26227B71D42E0792794 ] C:\WINDOWS\system32\comctl32.dll
03:47:11.0343 0x0444 C:\WINDOWS\system32\comctl32.dll - ok
03:47:11.0343 0x0444 [ 99DBD95B8EB2CB87C21F17D59F2215BA, B3D4D98BA6B86EFAE08A207C53D7A507E7A045B5439E455841CC83667C22645A ] C:\WINDOWS\system32\odbc32.dll
03:47:11.0343 0x0444 C:\WINDOWS\system32\odbc32.dll - ok
03:47:11.0359 0x0444 [ 31C8F1D88871132DACA8262CC30E3DDC, A8C16F804A84E63FE79782E703BB57D7A0496F4DC4CD8C4364E18860EE9E0CD3 ] C:\WINDOWS\system32\comdlg32.dll
03:47:11.0375 0x0444 C:\WINDOWS\system32\comdlg32.dll - ok
03:47:11.0375 0x0444 [ 5D63F6807E4948750B52F8D82B5C5514, D2AF1BC478CFC6701C1ABEE70322DAD3BCF18DC75A8C9CCB60897F4C73866033 ] C:\WINDOWS\system32\sxs.dll
03:47:11.0375 0x0444 C:\WINDOWS\system32\sxs.dll - ok
03:47:11.0390 0x0444 [ F76B3003366A205E05AFC0D034C7D3E9, 28B6916C34C42E57AF6F980FBC1E3AEE2F97BCB654986BCB4CDD27242E1AA28C ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
03:47:11.0390 0x0444 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - ok
03:47:11.0406 0x0444 [ 82CDCB14C304B458529A05BB6C803B45, CB2AD11729D11A91C7575216DFC25B305064C1BFE7ECE0175365A5F366013E8A ] C:\WINDOWS\system32\odbcint.dll
03:47:11.0406 0x0444 C:\WINDOWS\system32\odbcint.dll - ok
03:47:11.0421 0x0444 [ 6CC2D21488333133AE0C9F44F6051CB7, A94D68AA4FCD2D482557DC2F2C467CB0A3C18909B4D05915CECDA758E2D4774A ] C:\WINDOWS\system32\sfc.dll
03:47:11.0421 0x0444 C:\WINDOWS\system32\sfc.dll - ok
03:47:11.0437 0x0444 [ 8BA76BD2A943F642F267A296A15776D2, 6338382F0C17E4F6454298D19FDF05CA5E22A63586A3D8E37B7E24478E35DF51 ] C:\WINDOWS\system32\shsvcs.dll
03:47:11.0437 0x0444 C:\WINDOWS\system32\shsvcs.dll - ok
03:47:11.0453 0x0444 [ 7FE54C063DDA8EF226846510852E6B1B, DB9BF059A4468BB0257EDBD3C763089F40F604419AD25DEBEB6BC8F880665526 ] C:\WINDOWS\system32\ole32.dll
03:47:11.0453 0x0444 C:\WINDOWS\system32\ole32.dll - ok
03:47:11.0468 0x0444 [ E9AF00964DA9B8838E850F12229DF9A4, 4342B1FFC81BD75823596C1B1940C5EC2C38BAF36C60182989DE09B7AD9E7D4C ] C:\WINDOWS\system32\sfc_os.dll
03:47:11.0468 0x0444 C:\WINDOWS\system32\sfc_os.dll - ok
03:47:11.0484 0x0444 [ DE58BE5500A9105127F3995C8C30F547, 3B4265E4F2AD695B295261B1FF7165CC6EA88B5E8E8DC3CE75F106FC7FB0A0D9 ] C:\WINDOWS\system32\apphelp.dll
03:47:11.0484 0x0444 C:\WINDOWS\system32\apphelp.dll - ok
03:47:11.0500 0x0444 [ 82A362FE1D4980B71B588D9C10748511, 8DD84B9D55734B5C25DDB97693071BF782B6774E962477C22E4D7DBCDC053F35 ] C:\WINDOWS\system32\lsass.exe
03:47:11.0500 0x0444 C:\WINDOWS\system32\lsass.exe - ok
03:47:11.0500 0x0444 [ 6E401E61F952FBBF708AFBECEFAFAE81, 31D7A402BE7997F0BF902CB8A150DB54C7309C882DE3D8A8E74338CF1BD268D7 ] C:\WINDOWS\system32\services.exe
03:47:11.0500 0x0444 C:\WINDOWS\system32\services.exe - ok
03:47:11.0515 0x0444 [ 527FC50CCB2FD088A458C69134A5A1FF, 1862E45A4DF2F02A82B8DFFED6AAFB85E130E9DD3B267EBFDD7B4128E0D02D34 ] C:\WINDOWS\system32\lsasrv.dll
03:47:11.0515 0x0444 C:\WINDOWS\system32\lsasrv.dll - ok
03:47:11.0546 0x0444 [ 9AB820D13F6D6391E04EA0DF572893F6, 7BCA6DADF1D8D7B2F02454A4D5EBBD5D11DEB84ECCA710D7E804D7A6587DEDB8 ] C:\WINDOWS\system32\scesrv.dll
03:47:11.0546 0x0444 C:\WINDOWS\system32\scesrv.dll - ok
03:47:11.0546 0x0444 [ A39EBFD9BBE21A060B7F01997D955924, 982A2F4E4CE35C0CF6E941F0D6D96E1613FD088F305464B7B3C87CE733471EBE ] C:\WINDOWS\system32\umpnpmgr.dll
03:47:11.0546 0x0444 C:\WINDOWS\system32\umpnpmgr.dll - ok
03:47:11.0562 0x0444 [ 90B7EA55552782AE944E1212BFCB82ED, F559B6FE2FAAB1964893199A06E9B200FE887F2DC04B6692B780766F222A7F58 ] C:\WINDOWS\system32\samsrv.dll
03:47:11.0562 0x0444 C:\WINDOWS\system32\samsrv.dll - ok
03:47:11.0578 0x0444 [ 3313C68CF5B43DCA01509773B6B43DEF, 027FBC02318FA4C48CF553CA700B6D59993BD41796A3B718AE0593CD6F8B4902 ] C:\WINDOWS\system32\msvcp60.dll
03:47:11.0578 0x0444 C:\WINDOWS\system32\msvcp60.dll - ok
03:47:11.0593 0x0444 [ 247A0EA0C4C2A5A10D98A604CB736ABC, 8368C98D77616A0BEB9D0AECDFFB57BDDDA84AD72666A6C179433DE91F95EDC3 ] C:\WINDOWS\system32\ncobjapi.dll
03:47:11.0593 0x0444 C:\WINDOWS\system32\ncobjapi.dll - ok
03:47:11.0609 0x0444 [ 64427059B1811EFD9FAF0A4749D8C96A, 893C6C3CD29BC0F73058D213BF472F1DDD7372719CC7D22C779FA87B9B8FA53E ] C:\WINDOWS\system32\shimeng.dll
03:47:11.0609 0x0444 C:\WINDOWS\system32\shimeng.dll - ok
03:47:11.0625 0x0444 [ 5056AA8BB37FEAAA3D46F388FEE083AF, 69EBA2DBFAA1C08A48DA0CFB9E1B7E4F332E8A7BE726102DE5CD7382468B2746 ] C:\WINDOWS\AppPatch\AcGenral.dll
03:47:11.0625 0x0444 C:\WINDOWS\AppPatch\AcGenral.dll - ok
03:47:11.0625 0x0444 [ FE8E85A1D8F080C5901DD6FE102E675F, 4F652F37E0720586EA38BAF37ADF06DDF36990DBB82C6DF27E56620149D5B6D6 ] C:\WINDOWS\system32\cryptdll.dll
03:47:11.0625 0x0444 C:\WINDOWS\system32\cryptdll.dll - ok
03:47:11.0640 0x0444 [ DB6130116362BC1EF5CE70DEFFA92CAC, 016A734203BA0C91EC3407F8810029079FE8A6DA771A4A675588A63852B9D698 ] C:\WINDOWS\system32\oleaut32.dll
03:47:11.0640 0x0444 C:\WINDOWS\system32\oleaut32.dll - ok
03:47:11.0656 0x0444 [ 4B9FDD69AE4FD774E5F2F70C2BC540ED, C171152A65A1173525357F52A160A7BA249BC9BF9029D8CF1407CB7E41BA2344 ] C:\WINDOWS\system32\winmm.dll
03:47:11.0656 0x0444 C:\WINDOWS\system32\winmm.dll - ok
03:47:11.0671 0x0444 [ CAEFC013964F57072B8096187419D6C0, DE66A8E6661733CC181249FBCAB62437F0E8171FB47277DADBB82F45EE361DF0 ] C:\WINDOWS\system32\dnsapi.dll
03:47:11.0671 0x0444 C:\WINDOWS\system32\dnsapi.dll - ok
03:47:11.0687 0x0444 [ 55C37415668D1F46AAC7617D7ECE35ED, A6283B5B515353FCBC7039624E4850C55F52FAA302F912A04E359A254D6F35A9 ] C:\WINDOWS\system32\samlib.dll
03:47:11.0687 0x0444 C:\WINDOWS\system32\samlib.dll - ok
03:47:11.0703 0x0444 [ 47F5733A51EECC78F9B2DA3F9EE6D8B7, 1CBBC4D015EF89DA9E9A52067E4E85DDE88EB42E84B08C3983CDB3CB46D5C5F7 ] C:\WINDOWS\system32\mpr.dll
03:47:11.0703 0x0444 C:\WINDOWS\system32\mpr.dll - ok
03:47:11.0703 0x0444 [ 9630BD8135940FF6DAEA76472C06178C, D90924B820B0121D304A864DA198D5543AF91E7C380A2636CFAE290D91164D8B ] C:\WINDOWS\system32\ntdsapi.dll
03:47:11.0703 0x0444 C:\WINDOWS\system32\ntdsapi.dll - ok
03:47:11.0734 0x0444 [ 2A88F0CBCA405859D5282D0C86311FD7, FC8C0C7683889A32C47B2709164F851380B4116643C40DA11E9802DB0CC55CD9 ] C:\WINDOWS\system32\msacm32.dll
03:47:11.0734 0x0444 C:\WINDOWS\system32\msacm32.dll - ok
03:47:11.0734 0x0444 [ 0D3C98F2D11978D67DD4102471CFBFAC, 7CDF36A2677BBCF9B5DF357AC66E20CA51ABCEB5089DBF6B8231D37E9EA1FFE8 ] C:\WINDOWS\system32\uxtheme.dll
03:47:11.0734 0x0444 C:\WINDOWS\system32\uxtheme.dll - ok
03:47:11.0750 0x0444 [ 86FD541EA30251ADCA771251C49EF0E4, F8E488C12A36BCDDA128B1CF1E59B8F46E4981D7B6F24FB3318B5734755FDC44 ] C:\WINDOWS\system32\wldap32.dll
03:47:11.0750 0x0444 C:\WINDOWS\system32\wldap32.dll - ok
03:47:11.0765 0x0444 [ E924D0F899CC8567CCA36F1A7FE7A7AE, 7783F14D4F7B555AB3147DD3FE3A8B3D762574373DF9808A3D8C72E7113531AB ] C:\WINDOWS\system32\schannel.dll
03:47:11.0765 0x0444 C:\WINDOWS\system32\schannel.dll - ok
03:47:11.0781 0x0444 [ A6E01C674DF87BA767F6D72873F9C9F5, 1CADF6D3575FC18C45E3C513FFE18D5CDDAA6D25082A9441B3CE38A74E90F791 ] C:\WINDOWS\system32\kerberos.dll
03:47:11.0781 0x0444 C:\WINDOWS\system32\kerberos.dll - ok
03:47:11.0796 0x0444 [ 4F3348D753FC2C6D46300F65D77B840B, 23D387BF5E08983BA981C69CD20F6D97D6A9E8946B98E08DCC24361B239AF2CD ] C:\WINDOWS\system32\msprivs.dll
03:47:11.0796 0x0444 C:\WINDOWS\system32\msprivs.dll - ok
03:47:11.0812 0x0444 [ 8C3B94EE342503E871E0C0F72C376AF0, BE7D06AA0E4946FD222FA1A00EC708716059B9241F694F751AFECDAECFF42C78 ] C:\WINDOWS\system32\msv1_0.dll
03:47:11.0812 0x0444 C:\WINDOWS\system32\msv1_0.dll - ok
03:47:11.0828 0x0444 [ 43CDE44202CFEFC9A1D4B39200617CD6, C96BA45AD3F6816FA55C497C99620077D11656E4EB3D3E0FE1C3D17CCBD46171 ] C:\WINDOWS\system32\iphlpapi.dll
03:47:11.0828 0x0444 C:\WINDOWS\system32\iphlpapi.dll - ok
03:47:11.0828 0x0444 [ 2591CADAEF7D2242039255028E577688, 8B0FFF2277F1CD1F2BBFEE8477A45D4C09C190E6CF5943E933BC4120012D2928 ] C:\WINDOWS\system32\netlogon.dll
03:47:11.0828 0x0444 C:\WINDOWS\system32\netlogon.dll - ok
03:47:11.0843 0x0444 [ 2CEEBB402187AE56B585701F3D191FB3, F08AF3FEA80EB7E1DECD0592ED4A50E0AE78F01A586BA3A6B4D98374726899AF ] C:\WINDOWS\system32\w32time.dll
03:47:11.0843 0x0444 C:\WINDOWS\system32\w32time.dll - ok
03:47:11.0859 0x0444 [ 26ACBD865F8CFF730F1791C4D0854352, 66FA5845ED397538F92B30CB06202470071B6F45698647E1F86E784942F6C4C4 ] C:\WINDOWS\system32\rsaenh.dll
03:47:11.0859 0x0444 C:\WINDOWS\system32\rsaenh.dll - ok
03:47:11.0875 0x0444 [ 36A876E71D71EC0DD06CBD53E744C2B4, 5B284ECE4EE0E40278F4E02C487A2EE935311822776FB6324748086687D155CF ] C:\WINDOWS\system32\wdigest.dll
03:47:11.0875 0x0444 C:\WINDOWS\system32\wdigest.dll - ok
03:47:11.0890 0x0444 [ 12F369513123ACFF55886EF411960136, 8DE3474C8F135B579E9C3BE778C4694240F19FC75CD1A4546BC8510407E47E83 ] C:\WINDOWS\system32\winscard.dll
03:47:11.0890 0x0444 C:\WINDOWS\system32\winscard.dll - ok
03:47:11.0906 0x0444 [ B79F1AB8754DD2CCF24A716005637C6D, 8D8786BA0F70F4B58A0FDE4B625262F34BFDC1431602EE4D7AB362F5D40A2168 ] C:\WINDOWS\system32\wtsapi32.dll
03:47:11.0906 0x0444 C:\WINDOWS\system32\wtsapi32.dll - ok
03:47:11.0921 0x0444 [ 07119058D451CB7EA4317BCFDA8599A6, 16F12A2D52B409D059834DC798346EC9C33336B92DDD1BDFA469484E8B97C70B ] C:\WINDOWS\system32\scecli.dll
03:47:11.0921 0x0444 C:\WINDOWS\system32\scecli.dll - ok
03:47:11.0921 0x0444 [ ED72E454DED2FF380B7DA4B09C2F0EC8, 79B17FEF370D31A30C5050D3B26D8F7D36CC30B86097D209CB4A5BB9E7D997FE ] C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
03:47:11.0921 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe - ok
03:47:11.0937 0x0444 [ DDB9BCFF8CBF73638A15579FEC223229, A89D6AC3A25D32AEBA0A1203446A29412AC33BA942E2C0B6A056E65387D16910 ] C:\Program Files\IObit\Advanced SystemCare 7\rtl120.bpl
03:47:11.0937 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\rtl120.bpl - ok
03:47:11.0953 0x0444 [ 4D3E8B43B117AF50358DBEEAB367B0A2, 58A33DAC41B55EE2E0F7130FDBA812294C6190F06EAA8B5AEB6A3D3B93693DB1 ] C:\WINDOWS\system32\oleacc.dll
03:47:11.0953 0x0444 C:\WINDOWS\system32\oleacc.dll - ok
03:47:11.0968 0x0444 [ A543FC88A320A0758A55BE03789EAF7C, 5DEF464672198D999E776472273D6843D8AFB68B52E801C3CD31E325178056C3 ] C:\WINDOWS\system32\wsock32.dll
03:47:11.0968 0x0444 C:\WINDOWS\system32\wsock32.dll - ok
03:47:11.0984 0x0444 [ 8290E04F8A4D9594BFB53D520B677B8A, FD6DBD30286A28540C003796A4E30A5DFA5A6A94CDF65D2C720BDEA90124F993 ] C:\Program Files\IObit\Advanced SystemCare 7\vcl120.bpl
03:47:11.0984 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\vcl120.bpl - ok
03:47:12.0000 0x0444 [ 227163195E9495BD99C915EF5F42445C, B23F7F18A8D4EC759819160FE82E74027EFABBE0E227771A727511DED7E7A2C0 ] C:\WINDOWS\system32\msimg32.dll
03:47:12.0000 0x0444 C:\WINDOWS\system32\msimg32.dll - ok
03:47:12.0015 0x0444 [ 2745FC7701FF06FCD5BFA94DF57E7160, B4C9F98E5CE059A5A97F91617D5961D7D5CB6BEE36DEB7BD51C01DADD0DADAF5 ] C:\WINDOWS\system32\oledlg.dll
03:47:12.0015 0x0444 C:\WINDOWS\system32\oledlg.dll - ok
03:47:12.0031 0x0444 [ BDAB541C731D3AC59F623B88142036B7, F5029C503C6C825A0B41223D9BB33EC29D85A2BC84539CB6CFC1A7E453D9EFA3 ] C:\WINDOWS\system32\winspool.drv
03:47:12.0031 0x0444 C:\WINDOWS\system32\winspool.drv - ok
03:47:12.0046 0x0444 [ 31C364E11F4F37160AF8716861BB5039, 4269921230F38BEC5FA36BDF4EC0730EB8B77425DDD435A3596744D7E2234D27 ] C:\Program Files\IObit\Advanced SystemCare 7\datastate.dll
03:47:12.0046 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\datastate.dll - ok
03:47:12.0062 0x0444 [ 2413635113361E54B62F0C40E4E4DAE6, B52A5E0E977819BC6FF110301783CDE5A37A7BAAE11D8E744FFA1FE3DFD177B3 ] C:\WINDOWS\system32\imm32.dll
03:47:12.0062 0x0444 C:\WINDOWS\system32\imm32.dll - ok
03:47:12.0062 0x0444 [ 8B193DC377033437F82C9B824D6D72F1, 7B41F76C0C90459B9A1393ACAC99F74ABC867DCF422F6FAEBFE2C4176513055E ] C:\Program Files\IObit\Advanced SystemCare 7\HomepageSvc.dll
03:47:12.0062 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\HomepageSvc.dll - ok
03:47:12.0078 0x0444 [ E73310D7895B2889A1F2A560285A68EE, 2C04407380812F3A3E8E1DED806C03EF246B818B296DAAF277595DDA9D2D4BC1 ] C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll
03:47:12.0078 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll - ok
03:47:12.0093 0x0444 [ 62479909FC474E4AFB57741F3FF3F39D, 21437F7D7545D5335E4E48EB72ABF9F43E15560A069EEA8054BCBB27432201D3 ] C:\WINDOWS\system32\ntmarta.dll
03:47:12.0093 0x0444 C:\WINDOWS\system32\ntmarta.dll - ok
03:47:12.0109 0x0444 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] C:\WINDOWS\system32\drivers\mbam.sys
03:47:12.0109 0x0444 C:\WINDOWS\system32\drivers\mbam.sys - ok
03:47:12.0125 0x0444 [ DFBA2915B0BF58ABB288CD4C9318CB3F, 5FC6C8FE81B4C015433AEE7D035A79056E77B7272DC4316B6B2F0548EBF1DA38 ] C:\WINDOWS\system32\svchost.exe
03:47:12.0125 0x0444 C:\WINDOWS\system32\svchost.exe - ok
03:47:12.0140 0x0444 [ C72C15EE57E248C66E57C76CAB086CF2, 2CDFC82E31E58B4BF80F33DFB69D62ED55EAB118AD7BFEE5138DE0DF3F8F2543 ] C:\WINDOWS\system32\rpcss.dll
03:47:12.0140 0x0444 C:\WINDOWS\system32\rpcss.dll - ok
03:47:12.0156 0x0444 [ 44FFE27BFA2CA81BCF8F938236AA3601, B25F119775BCDCBB74A84BFE94905A87E881B9BE248EBAB168D9AF92AFB0475D ] C:\WINDOWS\system32\xpsp2res.dll
03:47:12.0156 0x0444 C:\WINDOWS\system32\xpsp2res.dll - ok
03:47:12.0156 0x0444 [ 6EB66066D5C0175320CFEA0A4C74C88F, B6DB4C02ECE3E4452A4EF2ECDF8DE5C387C3A35008644FEB5344D047450CD206 ] C:\WINDOWS\system32\eventlog.dll
03:47:12.0156 0x0444 C:\WINDOWS\system32\eventlog.dll - ok
03:47:12.0171 0x0444 [ 64C078BD4EFD441C3F159EDC5EA4420A, 0535A4FFC77AB4F02136B40FA6488E6C4FBE92C8EC8AE40ED6B383DF84E87C5F ] C:\WINDOWS\system32\mswsock.dll
03:47:12.0171 0x0444 C:\WINDOWS\system32\mswsock.dll - ok
03:47:12.0187 0x0444 [ FAABA83BE47C5B15F620FAA53267A9B8, 378B073B9770B144F5F365B2150135B7CB7B67E6BA008B3DBA7CBC6B349676CC ] C:\WINDOWS\system32\hnetcfg.dll
03:47:12.0187 0x0444 C:\WINDOWS\system32\hnetcfg.dll - ok
03:47:12.0203 0x0444 [ B75F372796170EBD15DF35AE9963BFB8, 665386227C01F8A47956F6F8997624D25458CF0E33332C2D96AA753397F0BE6D ] C:\WINDOWS\system32\wshtcpip.dll
03:47:12.0203 0x0444 C:\WINDOWS\system32\wshtcpip.dll - ok
03:47:12.0218 0x0444 [ 3E8ECDBADCCDF9AA52EE12B516AE98B5, 67083D416539E5A8B5890285759D417256EC9DFC46398E61D2DE95B99D22C67F ] C:\WINDOWS\system32\logonui.exe
03:47:12.0218 0x0444 C:\WINDOWS\system32\logonui.exe - ok
03:47:12.0234 0x0444 [ D7B6BC808EBE3C9E509C9F7BADA1287F, 02A36086FEF0B8854D07259EC9E5E8E8229639BD43CE8A4519FB97C0E51D9211 ] C:\WINDOWS\system32\winrnr.dll
03:47:12.0234 0x0444 C:\WINDOWS\system32\winrnr.dll - ok
03:47:12.0250 0x0444 [ 630A1012AF129918D2E2D70727D69351, BDB38353259554AFBB52BD49F13436806BD94E8AAF9E5F0FE4DDDCAFBF766F37 ] C:\WINDOWS\system32\rasadhlp.dll
03:47:12.0250 0x0444 C:\WINDOWS\system32\rasadhlp.dll - ok
03:47:12.0265 0x0444 [ 9B85CCCC70F19AFAC434FB6CBB351289, E88D4B955AB65BFD708905604F5FF68EB22D71679E8723B0A929DF74706EE1DA ] C:\WINDOWS\system32\duser.dll
03:47:12.0265 0x0444 C:\WINDOWS\system32\duser.dll - ok
03:47:12.0265 0x0444 [ AD2E8119C400D3A9002ABE9EB4EF238F, 0EA13B9D3133EBCFEC3395F4E8FA70A140E8A6884FFE358BBC4CE94E7C03881E ] C:\WINDOWS\system32\clbcatq.dll
03:47:12.0265 0x0444 C:\WINDOWS\system32\clbcatq.dll - ok
03:47:12.0281 0x0444 [ B44F68274AB7B8A54E9AD74AFF0EFAAC, 048F1D2E2C656984D274105ED9820D10E658DDE571928E86FDE2C7982F5B51B4 ] C:\WINDOWS\system32\comres.dll
03:47:12.0281 0x0444 C:\WINDOWS\system32\comres.dll - ok
03:47:12.0296 0x0444 [ 36B7CD28481085AADA7F1515915C18CA, E049773D87BDCF008ECAFD92B233375BBAD58A93F97356E365FCAC92E6025140 ] C:\WINDOWS\system32\cscdll.dll
03:47:12.0296 0x0444 C:\WINDOWS\system32\cscdll.dll - ok
03:47:12.0312 0x0444 [ C30BFC4B8739522ACE6174A204D5A087, DA40D70F6E87025DE5940B59CCA4560BD60885848CF55B14B6A0FE4BCD80CDB2 ] C:\WINDOWS\system32\wlnotify.dll
03:47:12.0312 0x0444 C:\WINDOWS\system32\wlnotify.dll - ok
03:47:12.0328 0x0444 [ E92607D447A180F15EEA3843367DA4C7, AFE595B6089FE39667ABB1E854490A0E91FF27296EB9E563C58775E5CBFCFC34 ] C:\WINDOWS\system32\shgina.dll
03:47:12.0328 0x0444 C:\WINDOWS\system32\shgina.dll - ok
03:47:12.0343 0x0444 [ 562830EFB7CF367FB773FEA5256E67C8, FFB284845FF636D8C0BF77AEEAEF5E9E560A65943D6C456B731E455B35D2531A ] C:\WINDOWS\system32\dhcpcsvc.dll
03:47:12.0343 0x0444 C:\WINDOWS\system32\dhcpcsvc.dll - ok
03:47:12.0359 0x0444 [ 34D6CD56409DA9A7ED573E1C90A308BF, DE2060F57C913272524AFB0D472714ABF6F7E49A01534F23D95EE67F207CC6CF ] C:\WINDOWS\system32\drivers\ndisuio.sys
03:47:12.0359 0x0444 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
03:47:12.0375 0x0444 [ 325CEDEF696EF4B649DDCD3968D085C9, 0414BB4845D839D65F99022585ABEFDE4DD22E412C12D3DE2CE83F5B7431041F ] C:\WINDOWS\system32\wzcsvc.dll

03:47:12.0375 0x0444 C:\WINDOWS\system32\wzcsvc.dll - ok
03:47:12.0390 0x0444 [ 1319F5D5C01277318BD66214A81F0DA3, A43A82F7A33D41DAEE9048076884DF191E3C00E4B42F8362A7C7CB29A7D9447B ] C:\WINDOWS\system32\rtutils.dll
03:47:12.0390 0x0444 C:\WINDOWS\system32\rtutils.dll - ok
03:47:12.0390 0x0444 [ D1A454AFF01F7184C1A32079D5A7D0CE, 2F8B8B28B754CE4E68231B95D45924C40B13715B7DE58C0FAE0F3B5B67636ADB ] C:\WINDOWS\system32\wmi.dll
03:47:12.0390 0x0444 C:\WINDOWS\system32\wmi.dll - ok
03:47:12.0406 0x0444 [ 7C260AB0F09D2D493A008ADC9943702C, 2673D26108D14DF1750E330E50D54DCE3F6584C4EE21C5E52D3CF98693AAA846 ] C:\WINDOWS\system32\esent.dll
03:47:12.0406 0x0444 C:\WINDOWS\system32\esent.dll - ok
03:47:12.0421 0x0444 [ BA92B89B30E85999C63FD0088C5CBADA, 1CC85CC8830395689D3DF6273F257175612C1B2E4B27B7A654A41CDE12373778 ] C:\WINDOWS\system32\atl.dll
03:47:12.0421 0x0444 C:\WINDOWS\system32\atl.dll - ok
03:47:12.0437 0x0444 [ F982FE0E10A2C8A9AD32ECB657BDBD26, DE8DE1F62F89D75B0D298135B59F57A77578CC3EA22F263DC2164B0ED4B7CAD9 ] C:\WINDOWS\system32\rastls.dll
03:47:12.0437 0x0444 C:\WINDOWS\system32\rastls.dll - ok
03:47:12.0453 0x0444 [ 1AC3D5212669F95800E8BE8BF2408E0E, 77257F2D18FBECEB59640D5B43FF9BF5B2A97451D256823EC8A01615559AF0E6 ] C:\WINDOWS\system32\cryptui.dll
03:47:12.0453 0x0444 C:\WINDOWS\system32\cryptui.dll - ok
03:47:12.0468 0x0444 [ 50D263E3454E8357D13BB598129185AD, 967F90BAE6AD95FB3FDB109C2556B8FE9349340A391A4C3753732B28E2DF48F3 ] C:\WINDOWS\system32\wininet.dll
03:47:12.0468 0x0444 C:\WINDOWS\system32\wininet.dll - ok
03:47:12.0484 0x0444 [ E25A7DF3F422A5E0B775159EF4C7BA7F, EF1D86BC16829E941ECEB24C6397C5DE0D1AA17072D8D848AE47A1B6B5F5D05E ] C:\WINDOWS\system32\mprapi.dll
03:47:12.0484 0x0444 C:\WINDOWS\system32\mprapi.dll - ok
03:47:12.0500 0x0444 [ 0161D9CF2097EFC0B00CE473647F8DEB, D9F89C79C85CD22203AC455A61BFA0155CE4094DA9F75F74FFA00CA2570BD6A7 ] C:\WINDOWS\system32\activeds.dll
03:47:12.0500 0x0444 C:\WINDOWS\system32\activeds.dll - ok
03:47:12.0515 0x0444 [ C3F03BE6927FC9107886E48F8A415231, ABFB1146392B3CE98FEA69D0B95235CBE0C4DA921D41434F236FE1F4D19AA47B ] C:\WINDOWS\system32\adsldpc.dll
03:47:12.0515 0x0444 C:\WINDOWS\system32\adsldpc.dll - ok
03:47:12.0515 0x0444 [ 6CC5C55DDC6DC2FF6D00145AF3937BD9, 964F1BF22FB3432E181ECDF70BF0D6D5DE00E7DD31688231F660A5405FE92B90 ] C:\WINDOWS\system32\rasapi32.dll
03:47:12.0515 0x0444 C:\WINDOWS\system32\rasapi32.dll - ok
03:47:12.0531 0x0444 [ 87C120A6B7C3844F6DE4FEA7DEFAC3AE, A5F2933F10581C47122E3A81277CD2807B71CCBA41B477D868FD916A384BEF61 ] C:\WINDOWS\system32\rasman.dll
03:47:12.0531 0x0444 C:\WINDOWS\system32\rasman.dll - ok
03:47:12.0546 0x0444 [ 8CAD9E3669E56A8B77D83B4CBB1C78BD, C9F3CD2CC599F30ACC2878C10F1C8892D581AD4DE2E17A175F2DD84C8FB1F7FF ] C:\WINDOWS\system32\tapi32.dll
03:47:12.0546 0x0444 C:\WINDOWS\system32\tapi32.dll - ok
03:47:12.0562 0x0444 [ 42FB536264BCA3E3821F9D83B73475F0, 0A3C983B645F95A1F9A85664836AB8A9BAE06FE32FF7923AE3F600555550014B ] C:\WINDOWS\system32\riched20.dll
03:47:12.0562 0x0444 C:\WINDOWS\system32\riched20.dll - ok
03:47:12.0578 0x0444 [ 4E7CF2B2D978F1F077CD3E9FF1FDB7D5, 45D30D03D8CC142B781FCED09458073C5902EA849D9A26FD49CA3ED6C0C03AF7 ] C:\WINDOWS\system32\raschap.dll
03:47:12.0578 0x0444 C:\WINDOWS\system32\raschap.dll - ok
03:47:12.0593 0x0444 [ 29AC93307C6182DBE336BCA314947F28, DAAAC0FE86EA59C43B91F5FD8462B9BB3DAC50008BCEBF0240A7A36F134C6D60 ] C:\WINDOWS\system32\schedsvc.dll
03:47:12.0593 0x0444 C:\WINDOWS\system32\schedsvc.dll - ok
03:47:12.0609 0x0444 [ 9CC4E25B84458207E4120645298A614C, 8338934E7F1B466A5CBA4E0378D6798C6E58485801DFE873520BFD2D6FDF1686 ] C:\WINDOWS\system32\msidle.dll
03:47:12.0609 0x0444 C:\WINDOWS\system32\msidle.dll - ok
03:47:12.0609 0x0444 [ 21B6FAA88044A41640E03EBB68BE93E8, 4AFDC909787A5B0F848A714972FC42E3385E6A4D3E97A0498C9ED69B9C3D75C1 ] C:\WINDOWS\system32\spoolsv.exe
03:47:12.0625 0x0444 C:\WINDOWS\system32\spoolsv.exe - ok
03:47:12.0625 0x0444 [ 40D78F514C8588EF12EC718D2AF0FC4E, E8ABE9E67D6E35D53387B8F6EF11284EC330B8E94784A506F3756D4A39E4F184 ] C:\WINDOWS\system32\audiosrv.dll
03:47:12.0625 0x0444 C:\WINDOWS\system32\audiosrv.dll - ok
03:47:12.0640 0x0444 [ 69B0569AAE33F0D5057CA0E8577AAF07, A0D9FB370A259E50EE4BF89CD8EA7AE2A81283DE146087D064BCAC5F0BBFEB50 ] C:\WINDOWS\system32\wkssvc.dll
03:47:12.0640 0x0444 C:\WINDOWS\system32\wkssvc.dll - ok
03:47:12.0656 0x0444 [ 46297F66729FA6DDB70B3859232A52D3, 16F27812C64B328F13EE5DCE27E04733E7321F2C3D038916D791E5A128EC0F93 ] C:\WINDOWS\system32\cscui.dll
03:47:12.0656 0x0444 C:\WINDOWS\system32\cscui.dll - ok
03:47:12.0671 0x0444 [ 134B95A1D8FAFD74A68E4B2116DEFA7D, C9EE5A301E4BBE5594D1B59EFC2AA3922DA99984981992BD2742A9396EC5BBC1 ] C:\WINDOWS\system32\powrprof.dll
03:47:12.0671 0x0444 C:\WINDOWS\system32\powrprof.dll - ok
03:47:12.0687 0x0444 [ 762EED455060B3E2C10299389F171F14, D6F05FE03E61686DC998034D2932E7AA50AA74ED5DD452AFBCF2AB083EF57CC7 ] C:\WINDOWS\system32\dpcdll.dll
03:47:12.0687 0x0444 C:\WINDOWS\system32\dpcdll.dll - ok
03:47:12.0703 0x0444 [ 836F7960362FF95C5D49E40B891F2CFC, 4D7CDF3670CBC09392338D8A6D23B14182DC39B7ABDD80AB943A4A23DF2AA5A7 ] C:\WINDOWS\system32\userinit.exe
03:47:12.0703 0x0444 C:\WINDOWS\system32\userinit.exe - ok
03:47:12.0718 0x0444 [ 812D645AEB941C63AD33BA98DB31697C, DA12E1F9253C317FA6AD1F36FE316DA99C86F771EE465FED44AF5FF386067DF2 ] C:\WINDOWS\system32\wdmaud.drv
03:47:12.0718 0x0444 C:\WINDOWS\system32\wdmaud.drv - ok
03:47:12.0734 0x0444 [ 650AD082D46BAC0E64C9C0E0928492FD, 6A587A55418A3A7867602D92B99FE393152DED191F27992C4BA909BD268AC43C ] C:\WINDOWS\system32\drivers\sysaudio.sys
03:47:12.0734 0x0444 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
03:47:12.0750 0x0444 [ 2797F33EBF50466020C430EE4F037933, F134F8C091D944880714E4D193D2753BE4F1C18757D5274A892195C4EC9C4D08 ] C:\WINDOWS\system32\drivers\wdmaud.sys
03:47:12.0750 0x0444 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
03:47:12.0765 0x0444 [ 841F385C6CFAF66B58FBD898722BB4F0, 0DA17CCA27DF5C7245959249162A5393B2E36B7C9A3A3525AE1371DE6AE698A3 ] C:\WINDOWS\system32\drivers\aec.sys
03:47:12.0765 0x0444 C:\WINDOWS\system32\drivers\aec.sys - ok
03:47:12.0781 0x0444 [ 8E186B8F23295D1E42C573B82B80D548, C418568C2071E2761CD26F736443BD7BF9C6914D47D171A5AC990278E855A74F ] C:\WINDOWS\system32\drivers\splitter.sys
03:47:12.0781 0x0444 C:\WINDOWS\system32\drivers\splitter.sys - ok
03:47:12.0781 0x0444 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D, EEF6DB9EDD8C273A6595675A7A12B9D440FA4E178BA7C69FB1942D97E291F989 ] C:\WINDOWS\system32\drivers\swmidi.sys
03:47:12.0781 0x0444 C:\WINDOWS\system32\drivers\swmidi.sys - ok
03:47:12.0812 0x0444 [ A6F881284AC1150E37D9AE47FF601267, 6C07654CF21637E527FC727EB50F4138BF0EFF0680000AC94001063B436389DB ] C:\WINDOWS\system32\drivers\DMusic.sys
03:47:12.0812 0x0444 C:\WINDOWS\system32\drivers\DMusic.sys - ok
03:47:12.0812 0x0444 [ D93CAD07C5683DB066B0B2D2D3790EAD, 4C96F68F9914DCCDAFB5D6FC1A765ADFF37C6E4675AF0EF20AA1EDFF04CE27AD ] C:\WINDOWS\system32\drivers\kmixer.sys
03:47:12.0812 0x0444 C:\WINDOWS\system32\drivers\kmixer.sys - ok
03:47:12.0828 0x0444 [ 53114D57AB73A406AC7F602227781A99, 0FD38CC4070B75CC78F8731FF6CED52A18B81CF74ADAABD6B22FFACC5371C54A ] C:\WINDOWS\explorer.exe
03:47:12.0828 0x0444 C:\WINDOWS\explorer.exe - ok
03:47:12.0843 0x0444 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E, B941AB5D9D504486083E0D1539B1A96E27721C9EFD7A67CA1DB7258B0D33AB78 ] C:\WINDOWS\system32\drivers\drmkaud.sys
03:47:12.0843 0x0444 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
03:47:12.0859 0x0444 [ 555502C2A3795213410A7B1130D14DF6, 4B564DF31AF0882FCA1D558809E2260353B100FA4BA31BA11E8E801751BEFDEE ] C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
03:47:12.0859 0x0444 C:\Program Files\IObit\Driver Booster\AutoUpdate.exe - ok
03:47:12.0875 0x0444 [ 6BBDDFE41E3A049F754CE45E3A9B8A39, B66F860C9470C40FD95AA1100E3055A7F545DF7B3E3E41DC1AAEEE0EFE06AAEB ] C:\Program Files\IObit\Driver Booster\rtl120.bpl
03:47:12.0875 0x0444 C:\Program Files\IObit\Driver Booster\rtl120.bpl - ok
03:47:12.0890 0x0444 [ F0A799052B8D77FABC4630EF3BBB32D6, AFC1EC183FF6A813BD4A9E0791525D4B0A83B661447E9680A4118DE4CE7D3120 ] C:\WINDOWS\system32\browseui.dll
03:47:12.0890 0x0444 C:\WINDOWS\system32\browseui.dll - ok
03:47:12.0906 0x0444 [ 8F0E66C268A3ACB07B563D3769D401C7, CDE91DAF69B38A1999AFDA5040ECD2D890DA71487170EFEFD19B042C209E1629 ] C:\Program Files\IObit\Driver Booster\Scheduler.exe
03:47:12.0906 0x0444 C:\Program Files\IObit\Driver Booster\Scheduler.exe - ok
03:47:12.0921 0x0444 [ 58A0D4A0DB5FB76438A38F30E666B212, 84EBACB08C521E11EE5A1E842FC0BD690BF47DDC43ED44E5C46F4F4077BE9038 ] C:\WINDOWS\system32\msacm32.drv
03:47:12.0921 0x0444 C:\WINDOWS\system32\msacm32.drv - ok
03:47:12.0937 0x0444 [ B356DD67178B22A8C2FBD47316CCB43B, EEAE031B23820A0CB9BEF0341193A50191FC951347678631C100D99EC0F315B0 ] C:\WINDOWS\system32\midimap.dll
03:47:12.0937 0x0444 C:\WINDOWS\system32\midimap.dll - ok
03:47:12.0937 0x0444 [ 6D6AEBEAEB71E306CF69558514273EF8, AE6EBC31EA0B5007A7322A83C7163F8C18DEA169BBA75A96A38DAE9051908829 ] C:\WINDOWS\system32\shdocvw.dll
03:47:12.0937 0x0444 C:\WINDOWS\system32\shdocvw.dll - ok
03:47:12.0953 0x0444 [ 4671742DC26330D1A49EF02985B76AA7, A415263DDA81B48BEC7485FFF6B6F8862BA2BD747C61F70A6F25221B542D850F ] C:\Program Files\IObit\Driver Booster\madexcept_.bpl
03:47:12.0953 0x0444 C:\Program Files\IObit\Driver Booster\madexcept_.bpl - ok
03:47:12.0984 0x0444 [ 3DD64A94541D819E063FFF1ABBB13CEA, 559A63DE759B30B5FBDA494E8F72CC5645A74359FFB1186B1F2858F20B03E0EC ] C:\Program Files\IObit\Driver Booster\madbasic_.bpl
03:47:12.0984 0x0444 C:\Program Files\IObit\Driver Booster\madbasic_.bpl - ok
03:47:13.0000 0x0444 [ E66BE6C28C7DCF3C34EB764D2FAD07D2, 25FDF7B000BFD9568B4625A982360805C7C706BF3E88F1F4BEFE0A336A673D99 ] C:\Program Files\IObit\Driver Booster\vcl120.bpl
03:47:13.0000 0x0444 C:\Program Files\IObit\Driver Booster\vcl120.bpl - ok
03:47:13.0000 0x0444 [ 5C4DEBD7B96BBFA9B3C590D487558880, 46B8EE2EED49BDB4E7C266E8A53231AA87161AF82B36D11F32D1C87F4E9334DE ] C:\Program Files\IObit\Driver Booster\maddisAsm_.bpl
03:47:13.0000 0x0444 C:\Program Files\IObit\Driver Booster\maddisAsm_.bpl - ok
03:47:13.0015 0x0444 [ 0A31324EFBE679E5B52102D123DE4DF8, 4BF8A7F46B8C3292C868C10B0FC3152557A82B524355B54EED6717F311E344CC ] C:\WINDOWS\system32\desk.cpl
03:47:13.0015 0x0444 C:\WINDOWS\system32\desk.cpl - ok
03:47:13.0031 0x0444 [ BEA26F76B3A46E5E0C6A5081046B8280, AB5EF1FDC775EDB98CA1692C3BC3397DAA3C52422A6A5BEF49653A4E418827AD ] C:\WINDOWS\system32\themeui.dll
03:47:13.0031 0x0444 C:\WINDOWS\system32\themeui.dll - ok
03:47:13.0046 0x0444 [ D1325243D6C7293809648557480A6193, 261EAFB88C9E5FA7458140A775AB47B10184C0E19AFDE4E26C8D53FC42C41E88 ] C:\Program Files\IObit\Driver Booster\TaskMgr.dll
03:47:13.0046 0x0444 C:\Program Files\IObit\Driver Booster\TaskMgr.dll - ok
03:47:13.0062 0x0444 [ 79494A7CFB9D55BB611768F54E7EB2CF, 74C67CDB1EEAD8854507D03A01D0744EC530CC4DB6014AD5E986E399A4EC7DEF ] C:\WINDOWS\system32\urlmon.dll
03:47:13.0062 0x0444 C:\WINDOWS\system32\urlmon.dll - ok
03:47:13.0078 0x0444 [ 4E5BE66CD70D52637589E9C3E2C1696D, 74D91879FB2464B82EAB04900094898B4651DEFF3CA6E6822ECCEEFBC2CBF67A ] C:\WINDOWS\system32\cmd.exe
03:47:13.0078 0x0444 C:\WINDOWS\system32\cmd.exe - ok
03:47:13.0093 0x0444 [ 21B6C974417632A40B2DE866615B7337, DC59CEB19DA3E1D1988ED0376AF7FB01254318589215A8867DA4B408278EADEF ] C:\Program Files\IObit\Driver Booster\Register.dll
03:47:13.0093 0x0444 C:\Program Files\IObit\Driver Booster\Register.dll - ok
03:47:13.0109 0x0444 [ CF01210E6381219E213A115F280D7953, 79413F9FD5125FB4BE7E5D7C13B5CD5E58E8ED024178AD87C292BEA4CB08D0E5 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{EDF85BA8-4203-4FC9-AEC8-9677E1732DB5}.exe
03:47:13.0109 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{EDF85BA8-4203-4FC9-AEC8-9677E1732DB5}.exe - ok
03:47:13.0109 0x0444 [ 7094B4D436878E35F6E7A0CB7119EBCE, 4DF51DE79EE437B818A525F72B3F007EDADF32A7D5FAF0AC981EAA4D15D9A859 ] C:\Program Files\IObit\Driver Booster\DriverBooster.exe
03:47:13.0109 0x0444 C:\Program Files\IObit\Driver Booster\DriverBooster.exe - ok
03:47:13.0125 0x0444 [ 7814407500C0C3373FA00D5653B02D9F, DCA976613BBC1596B3B41F63D237C8708EFCCE4B51BDE85AD3A4AD07464BFE29 ] C:\Program Files\IObit\Driver Booster\SQLite3.dll
03:47:13.0125 0x0444 C:\Program Files\IObit\Driver Booster\SQLite3.dll - ok
03:47:13.0156 0x0444 [ 62C87A44C4BB0CB4BCFE6D1CAB60B3A8, 8ED0650032B315B13F7CED7BB0537BD4F424B2E8414411F1C8BDBA5A8919B214 ] C:\Program Files\IObit\Driver Booster\SysRest.dll
03:47:13.0156 0x0444 C:\Program Files\IObit\Driver Booster\SysRest.dll - ok
03:47:13.0171 0x0444 [ 92393A08BC2B04842ACC087C09396A65, BCCF4898B37269AEE7D6C88FEEF0047A403692FF4ABB50A449109876C609B7B1 ] C:\WINDOWS\system32\winhttp.dll
03:47:13.0171 0x0444 C:\WINDOWS\system32\winhttp.dll - ok
03:47:13.0187 0x0444 [ 64A14B31FBF66A4696D8ABAE4B7221AE, 041EC39C0C6D5F7A358C3DCBA349FEBDC23DE6EF69FC8D2BB1829858ECCCF343 ] C:\WINDOWS\system32\wbem\wbemdisp.dll
03:47:13.0187 0x0444 C:\WINDOWS\system32\wbem\wbemdisp.dll - ok
03:47:13.0187 0x0444 [ BC80D7A3346DC441653A100A01169CDA, 2137E8A78108EB00D55FAC36DA0CDED729300E017BC41B32926D9E603EB2AAE5 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
03:47:13.0187 0x0444 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
03:47:13.0203 0x0444 [ 3F23E87F1B9E1512CCF58D1E9E73718C, D1C73AACCFF2E30683368C8F9F974DED7E46621BF387E3590B5E6C8ED993846D ] C:\WINDOWS\system32\wbem\wbemprox.dll
03:47:13.0203 0x0444 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
03:47:13.0218 0x0444 [ 7ECFDF734C710FFF1D020D3242AA796A, EB7C551AC05EB5159BFE1AAA275F8F34024310F082251470C8C6129E2D66641E ] C:\WINDOWS\system32\wbem\wmiutils.dll
03:47:13.0218 0x0444 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
03:47:13.0250 0x0444 [ AAD12FB4AFD57AF5200DA0EE6ABB2B2A, DB7B3CF14FAB63ED15882C8D4D3D1141D3AB277EA215E7FE71CC55BBFDC6543B ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
03:47:13.0250 0x0444 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll - ok
03:47:13.0250 0x0444 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] C:\WINDOWS\system32\drivers\parvdm.sys
03:47:13.0250 0x0444 C:\WINDOWS\system32\drivers\parvdm.sys - ok
03:47:13.0265 0x0444 [ 6797CA7A4A76BFF14DFF3165651657AF, 1169A03CAE5F50323989F3870B0053ADF3B2081CBF7F780A610ABCF39CB7D934 ] C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
03:47:13.0265 0x0444 C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe - ok
03:47:13.0281 0x0444 [ 70D2A1756F4B2067658A186C963FCABD, 3B80C01D40C32F6ACD6394A7B4D47341251D5ECDA4E71707B98154A71BFA4563 ] C:\WINDOWS\system32\cryptsvc.dll
03:47:13.0281 0x0444 C:\WINDOWS\system32\cryptsvc.dll - ok
03:47:13.0296 0x0444 [ 3067A1DF068DCEE90922590EDD24F12F, 47616F77B62556C50474AAA5FF2A057E22F82F822C0988C27DD6937431A5A449 ] C:\WINDOWS\system32\certcli.dll
03:47:13.0296 0x0444 C:\WINDOWS\system32\certcli.dll - ok
03:47:13.0312 0x0444 [ 6D6BDD68B775986577C48A8DF961A05C, D6D2B5BC2707E39848BE7B03DFD14F1D1E52BBFE24AC54247D520B00468B084E ] C:\WINDOWS\system32\srvsvc.dll
03:47:13.0312 0x0444 C:\WINDOWS\system32\srvsvc.dll - ok
03:47:13.0328 0x0444 [ 972378B907070F64932A87C90A035487, 7D0F6FD6CBF285C517F05B168394676ADE83FB80434128002ADD90328AFDEACA ] C:\WINDOWS\system32\es.dll
03:47:13.0328 0x0444 C:\WINDOWS\system32\es.dll - ok
03:47:13.0343 0x0444 [ D905050080DB4CCC3EB09AD24DE6BD67, 4B65FBC02CB9C4B582EE40CEE5AE0C996C30DA69FE308257D2509D3F3C8B4C93 ] C:\WINDOWS\system32\netmsg.dll
03:47:13.0343 0x0444 C:\WINDOWS\system32\netmsg.dll - ok
03:47:13.0359 0x0444 [ 20B7E396720353E4117D64D9DCB926CA, 55E35EBA5792DC42BE2F10A4FAD4BE5721C05C134C153E37AC4D5E68982DED6C ] C:\WINDOWS\system32\drivers\srv.sys
03:47:13.0359 0x0444 C:\WINDOWS\system32\drivers\srv.sys - ok
03:47:13.0375 0x0444 [ B7DCBC1FD649252182CB0018A5735770, 91A6B9F50961EEEE9D3D0C7D4FDA2A8ACA244ECE440A6CBEB00BFF0E281967B1 ] C:\WINDOWS\system32\security.dll
03:47:13.0375 0x0444 C:\WINDOWS\system32\security.dll - ok
03:47:13.0390 0x0444 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{953DB51F-8913-4B8A-9599-301440F793E9}.tmp
03:47:13.0390 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{953DB51F-8913-4B8A-9599-301440F793E9}.tmp - ok
03:47:13.0406 0x0444 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{69BB92E7-A176-42DE-B8CF-922E7D0B57EE}.tmp
03:47:13.0406 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{69BB92E7-A176-42DE-B8CF-922E7D0B57EE}.tmp - ok
03:47:13.0406 0x0444 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{A0699E75-38A5-4FDE-B2CA-DA61193BDDF3}.tmp
03:47:13.0421 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{A0699E75-38A5-4FDE-B2CA-DA61193BDDF3}.tmp - ok
03:47:13.0437 0x0444 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{18F35F1E-9F9E-4E0C-BFE5-927DCB75C8A5}.tmp
03:47:13.0437 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{18F35F1E-9F9E-4E0C-BFE5-927DCB75C8A5}.tmp - ok
03:47:13.0437 0x0444 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{94466C84-D6AF-429E-84F9-DB2400554B53}.tmp
03:47:13.0437 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{94466C84-D6AF-429E-84F9-DB2400554B53}.tmp - ok
03:47:13.0453 0x0444 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{8CA89732-AEC7-4954-891D-07F42081683A}.tmp
03:47:13.0453 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{8CA89732-AEC7-4954-891D-07F42081683A}.tmp - ok
03:47:13.0468 0x0444 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{36C571FF-E36A-4363-B4F9-CA1F821FF2D0}.tmp
03:47:13.0468 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{36C571FF-E36A-4363-B4F9-CA1F821FF2D0}.tmp - ok
03:47:13.0484 0x0444 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{160178FC-7F0D-4C7E-9E18-EE760FB7DB36}.tmp
03:47:13.0484 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{160178FC-7F0D-4C7E-9E18-EE760FB7DB36}.tmp - ok
03:47:13.0500 0x0444 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{A2DC742A-BAA0-4307-AA03-4CFEE0B16203}.tmp
03:47:13.0515 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{A2DC742A-BAA0-4307-AA03-4CFEE0B16203}.tmp - ok
03:47:13.0531 0x0444 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{BAB5AB37-2C7C-4345-810F-E9B20E73B039}.tmp
03:47:13.0531 0x0444 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1CE80818-EA6C-4EF3-B03C-47DD58818EB1}\{BAB5AB37-2C7C-4345-810F-E9B20E73B039}.tmp - ok
03:47:13.0531 0x0444 [ B9C794EA475837F53205D10CDCB79CC7, 925B732A694AE87CE2DE66C69236CBF5059B4AEF9A5BA9B337FEEC0F0E514FB7 ] C:\WINDOWS\system32\msi.dll
03:47:13.0531 0x0444 C:\WINDOWS\system32\msi.dll - ok
03:47:13.0546 0x0444 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
03:47:13.0546 0x0444 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
03:47:13.0562 0x0444 [ EF39CCCC9AD927A25334AE0B41A8A343, EC5FB376F84697F42B632BC9775D362CF6C54A68E26A0CF027D90F5A419BEA74 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
03:47:13.0562 0x0444 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
03:47:13.0578 0x0444 [ 9275F02BEA644F43A459E316A932658F, A4B9A716BEF1ADFDDA4C44D4838EC57BD77DEE29C4B4737B58A9375C2366A87F ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
03:47:13.0578 0x0444 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
03:47:13.0593 0x0444 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
03:47:13.0593 0x0444 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
03:47:13.0609 0x0444 [ 80D8679BF84A9383BFF33E07D5D9FC35, 0986806F2504C8A66FA8DEF7923A69E90A2390DD447BE53AD1824240CE68EC1E ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
03:47:13.0609 0x0444 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
03:47:13.0625 0x0444 [ AF342D2781225A8769686E0D47E3123E, 3ADB58F9B2694E12C17818CD3711946FDC4BEF3C318BC6E00136D0CBBEB3C9E6 ] C:\WINDOWS\system32\netman.dll
03:47:13.0625 0x0444 C:\WINDOWS\system32\netman.dll - ok
03:47:13.0625 0x0444 [ 9F40402087B6D4A428571DD6CA83AC1E, 4E3DCE262E91F4806A43C77557A75AC16C997EA5C1C24A4E6B651BA674DB8665 ] C:\WINDOWS\system32\nvsvc32.exe
03:47:13.0625 0x0444 C:\WINDOWS\system32\nvsvc32.exe - ok
03:47:13.0640 0x0444 [ 38E2364EA6F352A359AD143E6EBEA9B0, 597DCFA04E8CD152F22EC4187E3ED9BDB92925B8EC1366CAD424488A66B1109E ] C:\WINDOWS\system32\netshell.dll
03:47:13.0640 0x0444 C:\WINDOWS\system32\netshell.dll - ok
03:47:13.0656 0x0444 [ B848D125E938AA2B16FCCEC482B23463, CFF092C590711DBB5784700FE645FD5332C2691EF071126A85A4F9DF77E0F91E ] C:\WINDOWS\system32\credui.dll
03:47:13.0656 0x0444 C:\WINDOWS\system32\credui.dll - ok
03:47:13.0671 0x0444 [ 23519ECBDBB26AB19DD03CC4AA14D9C6, 3590F537AB4590AB9748B5AFF368B55C670230F443EDAF6DEF881B4B6996AD47 ] C:\WINDOWS\system32\psbase.dll
03:47:13.0671 0x0444 C:\WINDOWS\system32\psbase.dll - ok
03:47:13.0687 0x0444 [ 183A46179FDC11B6B9AE655BE81C76DA, 56BC2281E575618701A491E29E3266ABACF942810F23D3899157641C03FE833B ] C:\WINDOWS\system32\pstorsvc.dll
03:47:13.0687 0x0444 C:\WINDOWS\system32\pstorsvc.dll - ok
03:47:13.0703 0x0444 [ 2F5919F2F6EE7A845893D9C3AA2BC56A, 7A33E761C76004573324AF8D8D8F3067535A9F100D832AF60D96508600BAE35C ] C:\WINDOWS\system32\termsrv.dll
03:47:13.0703 0x0444 C:\WINDOWS\system32\termsrv.dll - ok
03:47:13.0718 0x0444 [ 798F88E0415D806585C31B62D3513888, D914F9AFBD4F0BC9319E7A056FB9533C06E4860132BF912C67C166D76BD173FB ] C:\WINDOWS\system32\nvcpl.dll
03:47:13.0718 0x0444 C:\WINDOWS\system32\nvcpl.dll - ok
03:47:13.0734 0x0444 [ 6CDFD3E50BCF69EDD7522BCC978E84E7, 007622A1F3F34016ED48023DE65BC9038AE37D9F6839CA7FCECF32E01EE54D65 ] C:\WINDOWS\system32\wzcsapi.dll
03:47:13.0734 0x0444 C:\WINDOWS\system32\wzcsapi.dll - ok
03:47:13.0750 0x0444 [ D1D5DAB39DCB4BE0359943738D87409B, 0BA45FE28568E852502879AE83C081517BB8103359BD5783328833EC59A54681 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
03:47:13.0750 0x0444 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
03:47:13.0750 0x0444 [ F219E27E88107A50544153898DD8178E, 4E48E64AAF302F1FAF66F8F14BC22D2DA2E0C62E4C7E6CEE6F9705A04D75E0F6 ] C:\WINDOWS\system32\browser.dll
03:47:13.0750 0x0444 C:\WINDOWS\system32\browser.dll - ok
03:47:13.0781 0x0444 [ 69ABCC7245D98F31DEF317A53D547657, CFC624854483AAC3C608F6CEDB736A4146FD0292B0741A9C880BCE9E81318183 ] C:\WINDOWS\system32\icaapi.dll
03:47:13.0781 0x0444 C:\WINDOWS\system32\icaapi.dll - ok
03:47:13.0781 0x0444 [ B3FF8C662EBABC6D42689F09FD4EF521, 5A01311DD7C898F307534A1B9ABAF27556C60E86E687E7532F656AE231AB0BED ] C:\WINDOWS\system32\mstlsapi.dll
03:47:13.0796 0x0444 C:\WINDOWS\system32\mstlsapi.dll - ok
03:47:13.0796 0x0444 [ E12084EA622BDF2262C637BEF15DD85C, C6A5A1D60D3ED3C429B2B57B8F731E9CCC7517F71B91CDC5673AAA862CB32B63 ] C:\WINDOWS\system32\wbem\wmisvc.dll
03:47:13.0796 0x0444 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
03:47:13.0812 0x0444 [ 21F5169CA14E0B25C757644456F637DF, 762BD8AF92E5D41E1B685A8F1B2A7CB9223120CB6D6AAC31B02D3277FC4C700B ] C:\WINDOWS\system32\wuauserv.dll
03:47:13.0812 0x0444 C:\WINDOWS\system32\wuauserv.dll - ok
03:47:13.0828 0x0444 [ 7B7EE0BE462654A8830D15CFA954AC4A, 9BBEBB2606775860E6F188566958818AFBFC600927DD0EF44E0004D0915EF929 ] C:\WINDOWS\system32\vssapi.dll
03:47:13.0828 0x0444 C:\WINDOWS\system32\vssapi.dll - ok
03:47:13.0843 0x0444 [ D6730AE698DE4B62077A1091E906FC35, 9B6D4033AC546D41405218A5A0E683420B7CF2804AC8A8C537A554C114098542 ] C:\WINDOWS\system32\wuaueng.dll
03:47:13.0843 0x0444 C:\WINDOWS\system32\wuaueng.dll - ok
03:47:13.0859 0x0444 [ 93A2AAE5B4344C702C41E15F06A01F24, CEFA920C02EB73EF829CB33397180E7BCFA66A1B2A787566BAADEE2AC668F607 ] C:\WINDOWS\system32\advpack.dll
03:47:13.0859 0x0444 C:\WINDOWS\system32\advpack.dll - ok
03:47:13.0875 0x0444 [ F50E7561E78B58DF4203FF68B12253AE, 2C3E4723441BB7AB5C63CF186CAA6C01D8C1E66A688C57C1DC15CAEE2A572CB2 ] C:\WINDOWS\system32\cabinet.dll
03:47:13.0875 0x0444 C:\WINDOWS\system32\cabinet.dll - ok
03:47:13.0890 0x0444 [ FC56AD7E70F257F1192D8D232E1A191E, 61A0DD97DD4D7F2E0DD127107A7E65CB1DFE9592CCDF81FE0C8C2D9ADFD98F14 ] C:\WINDOWS\system32\mspatcha.dll
03:47:13.0890 0x0444 C:\WINDOWS\system32\mspatcha.dll - ok
03:47:13.0921 0x0444 [ 860B28B3C4B052293226563A0AFC0763, F76E2F32D8CEF4A29AD46B23719B197D69C6430218BC6868126F1392FE09D1ED ] C:\WINDOWS\system32\shfolder.dll
03:47:13.0921 0x0444 C:\WINDOWS\system32\shfolder.dll - ok
03:47:13.0921 0x0444 [ 3CD57F31A64D32FDB28918B16D1E6AAC, F9502B99D6BBCCBB2C67C2B4C1D94877F125A27B90122D378B73793D42A7673D ] C:\WINDOWS\system32\srsvc.dll
03:47:13.0921 0x0444 C:\WINDOWS\system32\srsvc.dll - ok
03:47:13.0937 0x0444 [ 220AD85BA9C5B3011296354011B901CC, 410871EFE3549DD776FC492F8FB46AB870AD0CC30B196774632533C23683A0A8 ] C:\WINDOWS\system32\sens.dll
03:47:13.0937 0x0444 C:\WINDOWS\system32\sens.dll - ok
03:47:13.0953 0x0444 [ 4ADED1ADEF25041D9827F9A79C0FDA13, DF708C74E330438719911B7E9F06E4152A3138FD401C0C9CC6C9B3608FA9EB40 ] C:\WINDOWS\system32\wscsvc.dll
03:47:13.0953 0x0444 C:\WINDOWS\system32\wscsvc.dll - ok
03:47:13.0968 0x0444 [ 6B560D98B52CF2AF84FA64C8594C0A6B, D041710CE20F835395F584381F705D8229C4F337A1CD7DBBE59C07B40F4300B0 ] C:\WINDOWS\system32\wbem\wbemcore.dll
03:47:13.0968 0x0444 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
03:47:13.0984 0x0444 [ 235B8D0E1DC80CCB93165B839157B6A0, 2981FE314A6C9C3945893140979364D7C864ED5AE49916E3C3361AAD8DD53CAC ] C:\WINDOWS\system32\wbem\esscli.dll
03:47:13.0984 0x0444 C:\WINDOWS\system32\wbem\esscli.dll - ok
03:47:14.0000 0x0444 [ 247F1CC892DBC06A3D62F1F0D7191A80, 2E63F16AA778FE4C5E923CA473584C0F986200D5B786BC084723B70C4735154F ] C:\WINDOWS\system32\nvrscs.dll
03:47:14.0000 0x0444 C:\WINDOWS\system32\nvrscs.dll - ok
03:47:14.0031 0x0444 [ C372F827ECC796AFDA0F904AF58CA045, 4B98567EE2BCE46F5127C2714E2FDAE77DEFEAB13A5893F5DBFFF0FE316D34DC ] C:\WINDOWS\system32\wbem\fastprox.dll
03:47:14.0031 0x0444 C:\WINDOWS\system32\wbem\fastprox.dll - ok
03:47:14.0046 0x0444 [ 192B60F338272AE066A55B2F7056DD84, 0175AB9E26B5FB190D8DC710ACE11A06BF980858D031C5A880AF9223BAB59FBC ] C:\WINDOWS\system32\nvapi.dll
03:47:14.0046 0x0444 C:\WINDOWS\system32\nvapi.dll - ok
03:47:14.0062 0x0444 [ 2E4CD086D04A29036FA12BE4A693F7BF, 8F4F36A1C452CB6571E60DDD6B18817456F2EF9CABC6AD5E5441E472B2029FF5 ] C:\WINDOWS\system32\spoolss.dll
03:47:14.0062 0x0444 C:\WINDOWS\system32\spoolss.dll - ok
03:47:14.0078 0x0444 [ AD88B3DD262DFC48B88739731E42011D, 2CA9BD7B2FD511D0ABE47057C2BC86471149F71E6104413938B81BED054982CD ] C:\WINDOWS\system32\msxml3.dll
03:47:14.0078 0x0444 C:\WINDOWS\system32\msxml3.dll - ok
03:47:14.0078 0x0444 [ 69B5CE8A9D8446C9CD0390276123BE3A, 7CA78F4FAFB8F6F76A100AB2426D25AEF540C9BF7935ED2E264CA0879297C29A ] C:\WINDOWS\system32\rundll32.exe
03:47:14.0078 0x0444 C:\WINDOWS\system32\rundll32.exe - ok
03:47:14.0093 0x0444 [ F14D2C0D1D9EC31976AEA8A35CA6076F, A7FCAF5EC39293BAB196731A7E69457A3FDE555B4ED5C9C8BF489CBB6511D5D8 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
03:47:14.0093 0x0444 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
03:47:14.0109 0x0444 [ D32C1D39332B30E91E172713A4AE6DDF, ACB621A887E87AE715F031DE425CD3D75B69778F2973FCC8AD479DB8343DBB38 ] C:\WINDOWS\system32\comsvcs.dll
03:47:14.0109 0x0444 C:\WINDOWS\system32\comsvcs.dll - ok
03:47:14.0125 0x0444 [ 2144E0A2E64E78076966B4A7BAD10443, 311201CE7B1F3C09586C631E84DB49919448B37CED83E4115C44A2739038CE35 ] C:\WINDOWS\system32\clusapi.dll
03:47:14.0125 0x0444 C:\WINDOWS\system32\clusapi.dll - ok
03:47:14.0140 0x0444 [ 9E6FE6129619598F5738D62D5F68A039, 68C63B2A3D75968C23AE7A1A07A103B81470EBDCCDCD052D79430CE02F0FD49D ] C:\WINDOWS\system32\colbact.dll
03:47:14.0140 0x0444 C:\WINDOWS\system32\colbact.dll - ok
03:47:14.0156 0x0444 [ 57F1E544A27CF584E124E18944D74F58, ACA8F422EE16149D8E3CF32640516324A1B93B0A15AE9A11A0E140717696726F ] C:\WINDOWS\system32\mtxclu.dll
03:47:14.0156 0x0444 C:\WINDOWS\system32\mtxclu.dll - ok
03:47:14.0171 0x0444 [ F43DBBBD943C01D975778B8874ABDAD5, FE8FB3DB259C0355C1613103E1A7D65D73E2EF5355BA5FCB9219749B3559026E ] C:\WINDOWS\system32\resutils.dll
03:47:14.0171 0x0444 C:\WINDOWS\system32\resutils.dll - ok
03:47:14.0187 0x0444 [ 0809388EB4E7AE2065B0FF1B1ABAF58A, 0EF51A4C8C39BFF348CD4454308275DF8C961FE22F36352AB534A6F96CBF0EC0 ] C:\WINDOWS\system32\wbem\repdrvfs.dll
03:47:14.0187 0x0444 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
03:47:14.0187 0x0444 [ 4293F5F4A7405D7D8A5D428855C9C274, 7EDA0151954B7F9FF3E5B20ED10CAD30826EFF00C1EA99DA1D7F45EBA0EE6C26 ] C:\WINDOWS\system32\localspl.dll
03:47:14.0187 0x0444 C:\WINDOWS\system32\localspl.dll - ok
03:47:14.0218 0x0444 [ 6A93501BCDEBF159109429B022C0FF83, C909277147FEC307FAFFB4D1938CDAD706A3EEDEF1267A35A95774DC280197EC ] C:\WINDOWS\system32\ipnathlp.dll
03:47:14.0218 0x0444 C:\WINDOWS\system32\ipnathlp.dll - ok
03:47:14.0234 0x0444 [ 05E04940BB3693CD7692D76DA546375E, 8591688E6F4FB98E150E695E167F9751E549ABA49693D2DC855CC3C3CC17EE7F ] C:\WINDOWS\system32\cnbjmon.dll
03:47:14.0234 0x0444 C:\WINDOWS\system32\cnbjmon.dll - ok
03:47:14.0250 0x0444 [ 6AFAD3B0576473578A221C54CACE7822, D3EC5A2E520A7E452F8B66DFDC30AED0A9EEB6ACEECBE16CE5B4DB54FEDA736A ] C:\WINDOWS\system32\pjlmon.dll
03:47:14.0250 0x0444 C:\WINDOWS\system32\pjlmon.dll - ok
03:47:14.0281 0x0444 [ 9545B3CFEEEEBE726F8BAD19480AF259, EF4CAA8F1025EC1CE2FDB2532C9380239ED7C481C2FA4B526CC60E08BF9DE796 ] C:\WINDOWS\system32\tcpmon.dll
03:47:14.0281 0x0444 C:\WINDOWS\system32\tcpmon.dll - ok
03:47:14.0281 0x0444 [ D83B2827B75AAF00338C0F29FE6BA22A, 89B6AEB8976706973F8BDA67639E2F0A80B52C97C8A0DA03E3D06E9B3BD6E9F5 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
03:47:14.0281 0x0444 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
03:47:14.0296 0x0444 [ A92E91A5B245E4C7A808C0A1DE4233CD, 064655974CC507BC62427D85C4BD8291BA66E4CD1F6B0A8427CD5753A90CEEB7 ] C:\WINDOWS\system32\usbmon.dll
03:47:14.0296 0x0444 C:\WINDOWS\system32\usbmon.dll - ok
03:47:14.0328 0x0444 [ 02971C5A9E4CCD508CCF4533EAC9C3D0, 70D89D6F67D14349C0FDDA8251F2EE7DF8DEA001C508A869A7B1E322E162C424 ] C:\WINDOWS\system32\win32spl.dll
03:47:14.0328 0x0444 C:\WINDOWS\system32\win32spl.dll - ok
03:47:14.0328 0x0444 [ 8066FF5677DC47B4AF5C677F88E6322E, FD756F71F49762DF94AC0E9B034C8E4D7FA5B2E3D315441671ADB4030959D2D9 ] C:\WINDOWS\system32\netrap.dll
03:47:14.0328 0x0444 C:\WINDOWS\system32\netrap.dll - ok
03:47:14.0343 0x0444 [ 43949C22325695D0E8E30B790DD06FDB, E61F190094E44436241C6BAF409B2404D033D0F8B6D1AD65E717A2518B472344 ] C:\WINDOWS\system32\wbem\wbemess.dll
03:47:14.0343 0x0444 C:\WINDOWS\system32\wbem\wbemess.dll - ok
03:47:14.0359 0x0444 [ 763DE5266639C75550706299A8E3047B, E596A492AFCD54D6BEDC0669929CFDEAFF0FC720517C71EBC5DA1139D85EA8B9 ] C:\WINDOWS\system32\inetpp.dll
03:47:14.0359 0x0444 C:\WINDOWS\system32\inetpp.dll - ok
03:47:14.0375 0x0444 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] C:\WINDOWS\system32\drivers\ipfltdrv.sys
03:47:14.0375 0x0444 C:\WINDOWS\system32\drivers\ipfltdrv.sys - ok
03:47:14.0390 0x0444 [ 835113FA5B05C0C48C7D0716320E7DA7, F734D422F67DF1BF133F671DD30EE6291250D0F79875EACEC0CA6D74C2939431 ] C:\WINDOWS\system32\actxprxy.dll
03:47:14.0390 0x0444 C:\WINDOWS\system32\actxprxy.dll - ok
03:47:14.0406 0x0444 [ C7A117905691C905C044A46195ABDD68, 8525FA40CAE03151419258ECAC993DD6600ECEFC78E258FB81FEA9B5CDD41084 ] C:\Program Files\IObit\Advanced SystemCare 7\Display.exe
03:47:14.0406 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\Display.exe - ok
03:47:14.0421 0x0444 [ FC2DC3A419DE61099467534344ECC29E, D5088B07A6B19C0636127B8837FF77DD8F08B84A0697495A82C2F4B9D1780DC7 ] C:\WINDOWS\system32\wuapi.dll
03:47:14.0421 0x0444 C:\WINDOWS\system32\wuapi.dll - ok
03:47:14.0437 0x0444 [ EE1F842DB2AE412136643B0814D770A6, 694EBEFC314A3C8E63C26EC95B6757CB7F22171A821E7A72EE40D29AB9D5F517 ] C:\WINDOWS\system32\linkinfo.dll
03:47:14.0437 0x0444 C:\WINDOWS\system32\linkinfo.dll - ok
03:47:14.0437 0x0444 [ 93F75FF033BAA186D08115D73BFE3D32, 85F8B1633DE754F9EFAFC34A088BE16A5CB8B2EF4DEA5E3CAE30524B2429FE56 ] C:\WINDOWS\system32\wscntfy.exe
03:47:14.0437 0x0444 C:\WINDOWS\system32\wscntfy.exe - ok
03:47:14.0453 0x0444 [ 6B8C63F017FDBE97448E8982FC0425ED, 4F26AC20D11D7125C304257ECC56084E293456D075D09E80AC9FAFB897B613C8 ] C:\Program Files\IObit\Advanced SystemCare 7\AutoCare.exe
03:47:14.0453 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\AutoCare.exe - ok
03:47:14.0468 0x0444 [ C159EE0E584730DDC23D74781F92F798, 578855BC9BC1E36C7C0BC25A92E77F4A2EDB2F61AF4E06A526A80773514911FA ] C:\WINDOWS\system32\ntshrui.dll
03:47:14.0468 0x0444 C:\WINDOWS\system32\ntshrui.dll - ok
03:47:14.0500 0x0444 [ B3F690BF43F93A012A52F28F234FAA1B, 72B520D2F1F0A510AC49170CECC909F01FB550683C6740726F11B5BE96E610CF ] C:\WINDOWS\system32\alg.exe
03:47:14.0500 0x0444 C:\WINDOWS\system32\alg.exe - ok
03:47:14.0515 0x0444 [ 6B7895EE9CF76D59A25A5D4415DC5619, 8A1E90D5CACD09A978CFCCE66DFA79F2CA07C4DF12E5735F938E76CCE517E397 ] C:\WINDOWS\system32\wbem\ncprov.dll
03:47:14.0515 0x0444 C:\WINDOWS\system32\wbem\ncprov.dll - ok
03:47:14.0531 0x0444 [ D3A09C112AF2170F7CBC319A7002262B, F645373FDE1D5CF3BF18E68AF3216EB23D13C2250AE534238E41DE9F181C601B ] C:\Program Files\IObit\Advanced SystemCare 7\AutoSweep.exe
03:47:14.0531 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\AutoSweep.exe - ok
03:47:14.0546 0x0444 [ 114CF6C8F5897162DFC00A7C920DDF16, CEBD61BFB33DE3543FCBB3C52A44ABBA24AD531E9DA1CEF6C768C27E7D6C087D ] C:\Program Files\IObit\Advanced SystemCare 7\madexcept_.bpl
03:47:14.0546 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\madexcept_.bpl - ok
03:47:14.0562 0x0444 [ 5AF95DF694BD86DB74BBD88FB5AC7193, 9327133C2AF9DB8F828FB1122DF680C1D40A2555DB07009FDE058B49054CD7A0 ] C:\WINDOWS\system32\wbem\wbemcons.dll
03:47:14.0562 0x0444 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
03:47:14.0562 0x0444 [ EF897DDCD9E269B83F03F328698AAE7A, 01D55A3A51C2329A7904453F2E410E74B5C6D0BFDB49C7EB70B8D02E2B1131D4 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
03:47:14.0562 0x0444 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
03:47:14.0593 0x0444 [ F58732600FC92413A8B2451FEC5B2FC9, 5869D4CC5A740AE0B2F12E3021433C06A0EC26F1AC7F491C174A6E27B88433CA ] C:\Program Files\IObit\Advanced SystemCare 7\madbasic_.bpl
03:47:14.0593 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\madbasic_.bpl - ok
03:47:14.0609 0x0444 [ 7668071C692B4FF1BF77765D4648049C, 8DCDCB000C6041A1BE1DA904478D8241796E598D256919C52F790922C8C24CE1 ] C:\WINDOWS\system32\webcheck.dll
03:47:14.0609 0x0444 C:\WINDOWS\system32\webcheck.dll - ok
03:47:14.0625 0x0444 [ 8838B1D35DA190061890A8FED8596EAE, 1975C044E5422DD5164CB0152AA28BF7F1FFBCD6116952306F2634B9716A99A4 ] C:\Program Files\IObit\Advanced SystemCare 7\maddisAsm_.bpl
03:47:14.0625 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\maddisAsm_.bpl - ok
03:47:14.0640 0x0444 [ 9C3B2302B60FB0EFB13BC880A5E3E93E, 16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ] C:\WINDOWS\system32\HdAShCut.exe
03:47:14.0640 0x0444 C:\WINDOWS\system32\HdAShCut.exe - ok
03:47:14.0640 0x0444 [ 43EEFC84A67CD22C5FF60CB08794D11D, 5A698A0EB150F992B36EE08DD63866BE45820D83EC076B4624F1859A5461DE61 ] C:\WINDOWS\system32\stobject.dll
03:47:14.0640 0x0444 C:\WINDOWS\system32\stobject.dll - ok
03:47:14.0656 0x0444 [ 4BEFD09CDBC7C48357FE3ABB962FC905, 9278DF0ADDA22A47CE62316F2EA2E4549652A9A4E7E0D15F00403DB221F0E18E ] C:\Program Files\IObit\Surfing Protection\PluginInstall.exe
03:47:14.0656 0x0444 C:\Program Files\IObit\Surfing Protection\PluginInstall.exe - ok
03:47:14.0671 0x0444 [ 9A1A488A3FBA380D6E69B1CA637BF3E2, 211375C3831599D464F59D0644952F255B2BC9D7AFC4599A23EA0DD3123F9913 ] C:\WINDOWS\system32\batmeter.dll
03:47:14.0734 0x0444 C:\WINDOWS\system32\batmeter.dll - ok
03:47:14.0750 0x0444 [ 25FA7A6A8E081EAC69CABFD13297A5D0, 18F97CBE023F31DA7E0CF3C618846FC6DE51E0D0C96C3E15DCE69070F7AC6F7B ] C:\WINDOWS\system32\HdAudRes.dll
03:47:14.0750 0x0444 C:\WINDOWS\system32\HdAudRes.dll - ok
03:47:14.0765 0x0444 [ 058F744EADE8D38AD2CDD667B2DCD5E7, BEC057BA62396C800DC36EF2DE1B1593AB2909FBBCDFA2E029AA19B529F98C39 ] C:\WINDOWS\system32\netcfgx.dll
03:47:14.0765 0x0444 C:\WINDOWS\system32\netcfgx.dll - ok
03:47:14.0781 0x0444 [ 167A1EC62E929B7F912A728359A93599, B7FF6D7BCB9E9EEC701811F8928DF68B0FF47FFE80D32520D50489EF0AFDA8E8 ] C:\Program Files\IObit\Advanced SystemCare 7\Scan.dll
03:47:14.0781 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\Scan.dll - ok
03:47:14.0796 0x0444 [ 7814407500C0C3373FA00D5653B02D9F, DCA976613BBC1596B3B41F63D237C8708EFCCE4B51BDE85AD3A4AD07464BFE29 ] C:\Program Files\IObit\Surfing Protection\sqlite3.dll
03:47:14.0796 0x0444 C:\Program Files\IObit\Surfing Protection\sqlite3.dll - ok
03:47:14.0812 0x0444 [ 211960C8C17F6D5F30562555F0079C58, 9DE43F21539B4781D56AE10D02391C9AEF9884D75FBFD9E06C283A72EC0DC250 ] C:\WINDOWS\system32\wbem\wmipcima.dll
03:47:14.0812 0x0444 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
03:47:14.0812 0x0444 [ 45C89B8F297CD56F84C1084D868A855C, 1078513B31C32EF3E2551FBE0D882F2129967C2DECD55A47C7BFB996EB56DB04 ] C:\WINDOWS\system32\wbem\framedyn.dll
03:47:14.0812 0x0444 C:\WINDOWS\system32\wbem\framedyn.dll - ok
03:47:14.0843 0x0444 [ 0C060AB8AE9A143505A9218079DA122D, D0F12E900C81E30771E48D547B0CCBAFB4230AD943F4249F475D55D3E86570A6 ] C:\Program Files\IObit\Advanced SystemCare 7\OFCommon.dll
03:47:14.0843 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\OFCommon.dll - ok
03:47:14.0859 0x0444 [ A1F34BD1FDB397059B38EE86E6D1CA7C, 686AADFBAEED29BE5611D0598A741A7C61D73A2C80D2AF248C2BFA16DED2E714 ] C:\WINDOWS\system32\upnp.dll
03:47:14.0859 0x0444 C:\WINDOWS\system32\upnp.dll - ok
03:47:14.0875 0x0444 [ 5500031928B9D15B0A8987ED80EAE952, 5A72AB040EED4810819E292E012C1DCAC2FAC906C4C6D0B627D97F1BAEAFA222 ] C:\WINDOWS\system32\wbem\cimwin32.dll
03:47:14.0875 0x0444 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
03:47:14.0890 0x0444 [ 5C98408E620A2AAC7894108769138676, 3AF05A16A638B5BD122952FA9010070BBEAE1C463DF35EB2F87D8825819C2367 ] C:\WINDOWS\system32\ssdpapi.dll
03:47:14.0890 0x0444 C:\WINDOWS\system32\ssdpapi.dll - ok
03:47:14.0890 0x0444 [ 47CCD1175116A3CD2062239B092799CE, 46638618EB83E8AA411CA47AD56FD92C69CBB2B236F4292C7BBF62D9BB280272 ] C:\WINDOWS\system32\rasdlg.dll
03:47:14.0890 0x0444 C:\WINDOWS\system32\rasdlg.dll - ok
03:47:14.0906 0x0444 [ E9F9CD3C7F2E56505A0AC166580120E3, 35E945E0A5E799357E92551F6189FB94372E2396902D492701E421B73E36699B ] C:\WINDOWS\system32\wuauclt.exe
03:47:14.0906 0x0444 C:\WINDOWS\system32\wuauclt.exe - ok
03:47:14.0921 0x0444 [ CBD5DB25F3451935FF2A01FCC83EF892, CAFDA02CB4296FCDEE41B5314CA4FA9F9008E493121924CCD12FF349924C3D95 ] C:\WINDOWS\system32\wups.dll
03:47:14.0921 0x0444 C:\WINDOWS\system32\wups.dll - ok
03:47:14.0937 0x0444 [ 2D2BFE105289CA1F9194750CB31FCD1E, 283E84E2EE56C751E3AB7E9836A48F125677D21044BF124D4548885341B92127 ] C:\WINDOWS\RTHDCPL.EXE
03:47:14.0937 0x0444 C:\WINDOWS\RTHDCPL.EXE - ok
03:47:14.0953 0x0444 [ 9308C4ED0FA1C5FC296DC5A341B027DB, F183EEB7FA9FB1B3910342772E39B448BB4813E727FE324B5B235E9E7892E08E ] C:\WINDOWS\system32\wuaucpl.cpl
03:47:14.0953 0x0444 C:\WINDOWS\system32\wuaucpl.cpl - ok
03:47:14.0968 0x0444 [ B142626D10362B2DA8221728F039B34F, 2CB75C43FF830526E711915E6E8551EB32EBF6F87414CA3F9DF32F7CBAD28EF0 ] C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
03:47:14.0968 0x0444 C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe - ok
03:47:14.0968 0x0444 Waiting for KSN requests completion. In queue: 140
03:47:16.0109 0x0444 Win FW state via NFM: disabled
03:47:18.0640 0x0444 ============================================================
03:47:18.0640 0x0444 Scan finished
03:47:18.0640 0x0444 ============================================================
03:47:18.0656 0x01b4 Detected object count: 0
03:47:18.0656 0x01b4 Actual detected object count: 0

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Po odvirování si doinstaluj SP3

ComboFix 13-11-16.01 - Administrator 16.11.2013 12:59:29.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.895.644 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_RKHIT
-------\Service_RkHit
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-16 do 2013-11-16 )))))))))))))))))))))))))))))))
.
.
2013-11-13 16:17 . 2013-11-15 11:48 -------- d-----w- C:\AdwCleaner
2013-11-13 13:17 . 2013-11-14 01:54 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2013-11-14 20:00 749376 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{10921475-03CE-4E04-90CE-E2E7EF20C814}"= "c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll" [2013-11-14 749376]
.
[HKEY_CLASSES_ROOT\clsid\{10921475-03ce-4e04-90ce-e2e7ef20c814}]
[HKEY_CLASSES_ROOT\UninstallExplorer32.ExplorerBtn]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-09-29 2326848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-12 7626752]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2013-11-14 20145368]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
.
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [14.11.2013 20:59 962880]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [14.11.2013 20:59 2150208]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [13.11.2013 3:21 701512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [13.11.2013 3:21 22856]
S3 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [11.11.2013 16:23 2098880]
S3 efavdrv;efavdrv; [x]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [13.11.2013 3:22 47064]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys --> c:\windows\system32\DRIVERS\PSKMAD.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-16 c:\windows\Tasks\Driver Booster Scan.job
- c:\program files\IObit\Driver Booster\Scheduler.exe [2013-11-14 09:48]
.
2013-11-16 c:\windows\Tasks\Driver Booster Update.job
- c:\program files\IObit\Driver Booster\AutoUpdate.exe [2013-11-14 10:01]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://www.piriform.com/go/app_releasen ... 33&b=1&a=0
uInternet Settings,ProxyServer = localhost:8080
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{31F4FE2C-CB39-4D78-8339-81ED4509BA6D}: NameServer = 8.26.56.26,156.154.70.22
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-14349473.sys
SafeBoot-26177535.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-16 13:17
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\program files\IObit\Advanced SystemCare 7\RealTimeProtector.exe
.
**************************************************************************
.
Celkový čas: 2013-11-16 13:19:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-16 12:19
ComboFix2.txt 2013-11-13 21:47
.
Před spuštěním: Volných bajtů: 35 470 585 856
Po spuštění: Volných bajtů: 35 416 743 936
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 0EBC7C5E4CEEFABC31C1476CBA13358B
413FC2A0C716421B3158746D63736515

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Nainstaluj si free antivir:
Avira
Avast
nebo AVG.
Udělej si kompletní sken.