Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

100% CPU Usage / Potentially highly infected system.


  • Please log in to reply
31 replies to this topic

#1 AliciaWestkey

AliciaWestkey

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 07:41 AM

Hi everyone, my name is Alicia. I'm not the greatest with computers, but i'm not dumb either, i'm 19 and i'm going to college and this is my first laptop, being that i used the desktop at my parents house. Unfortunately this laptop came from my 14 year old brother who used it from 12-14 so you can imagine the things that this laptop was primarily used for, also it was my dads before his, it's kind of old but it works alright, normally. I noticed that almost all the time the CPU usage is very high or around 100%. Also, being that it could've been used for alot of porn/downloading music, i'm actually pretty sure this laptop at one point in time was used with limewire/bearshare p2p things. 

 

Anyway, I just want to get it in the best condition i possibly can for college, and I dont really have any money, my family is kinda strapped. I can follow instructions and provide u guys with everything u need to help me, if u would be so kind. I would just format it, but i have no CD and no system restore point  :( Please help. I read another forum post about high cpu usage on vista, but u guys helped him, specifically and i couldn't really get anything from it, being that you guys helped him specifically.

 

So any help/advice what to do about this highly infected 100% usage dinosaur laptop

 

The system specs are:

Windows XP Ver 2002 SP3

 

Intel Core 2 duo cpu

p8400@2.26GHz

2.24GHz 1.98GB RAM

 

The steps I've taken:

Ran CC Cleaner had 8 things found (dont have that to post anymore)

ran MalwareBytes (clean)

ran ComboFix (dont have the log file, was about a week ago)

downloaded and ran a Sophos AV scan (tbh i dont remember, but I did another one and it was clean)

 

thanks for your help/advice 8)


Edited by hamluis, 13 September 2014 - 08:15 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,042 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:21 PM

Posted 13 September 2014 - 10:53 AM

Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to have the time to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

  • Click on this link to open ESET OnlineScan in a new window.
  • The ESET Online Scanner page will open, click on Yes, I agree to the trems of use, then click on Start, the scan will now begine.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

Please download and run Emsisoft.
 
Please copy and then paste the results in your topic.
 
 
 
Please download TDSSKiller from here and save it to your Desktop.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
 
tds2.jpg
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
 
2012081514h0118.png
 
3.  Click Start Scan and allow the scan process to run.
 
 
tds4-1.jpg
 
4.  If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!
Click Continue.
 
 
tds6.jpg[/*]
 
5.  Click Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.
 
 
 
Please download AdwCleaner and install it.
 
When AdwCleaner opens you will see an image like the one below.
 
adwcleaner11_zps48314883.png
 
Click on Scan to start the scan.
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  
 
You will receive a message telling you that all programs will be closed so that the infections can be removed.  Click on OK.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your topic.
 
 
 
 
Please download Junkware Removal Tool.
 
Open your browser and go to Downloads, then click on the Junkware Removal Tool to install it.  
 
Click on Run to initiate the installation.
 
To avoid potential conflicts, temporarily disable your antivirus and firewall.  You will want to be offline when you do this.
 
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select Run as Administrator.
 
The tool will open and start scanning your system.
 
Please be patient as this can take a while to complete depending on your system's specifications.
 
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.  Copy and this and then post this in your topic.
 
 
Please download Temp File Cleaner by Old Timer and save it to your desktop.
 
1. Save any unsaved work. (TFC will close ALL open programs including your browser!)
 
2. Double-click on TFC.exe to run it. 
 
3. Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
 
tempfilecleaner1_zpsaaf9e118.png
 
4.  After Temp Flie Cleaner has run, click on Exit.
 
tempfilecleaner2_zpsdffa9226.png
 

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 AliciaWestkey

AliciaWestkey
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 11:54 AM

OK TY for responding ! I will get right on this as soon as im out of class today.

 

I appreciate all your great help



#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,042 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:21 PM

Posted 13 September 2014 - 11:57 AM

I'll be around.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#5 AliciaWestkey

AliciaWestkey
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 02:58 PM

Thank you very much!

 

Also, here is the log from the ESET Scanner, should i delete quarantined files ? or are they ok?

 

C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Application Data\BabSolution\Shared\BabMaint.exe.vir a variant of Win32/Toolbar.Babylon.I potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Application Data\OpenCandy\2B0F8FF5C598469ABE7F37DD0E4FF608\speedupmypcUS.exe.vir Win32/SpeedUpMyPC.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Application Data\OpenCandy\B9D6C7737A3F429685CCB660200DD87C\speedupmypcUS.exe.vir Win32/SpeedUpMyPC.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Application Data\Yontoo\YontooDesktop.exe.vir a variant of MSIL/WebCake.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Local Settings\Application Data\Mobogenie\Version\NewVersion\Mobogenie2.1.37.zip.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Local Settings\Application Data\Mobogenie\Version\NewVersion\Mobogenie\DaemonProcess.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Local Settings\Application Data\Mobogenie\Version\NewVersion\Mobogenie\Mobogenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Local Settings\Application Data\Mobogenie\Version\NewVersion\Mobogenie\MUServer.apk.vir a variant of Android/Mobserv.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Local Settings\Application Data\Mobogenie\Version\NewVersion\Mobogenie\UpdateMoboGenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\Y2Desktop.Updater.exe.vir Win32/AdWare.Yontoo.F application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooIEClient.dll.vir a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooLayers.crx.vir multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\Plugins\npConduitFirefoxPlugin.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\Documents and Settings\Administrator\My Documents\Downloads\ccsetup417.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPTool.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll_1389817876890.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll_1389817877140.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll_1390876044796.vir Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll_1390876045828.vir Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll_1391053593406.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll_1391053593671.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll_1391414926203.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll_1391414927000.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll_1391453630125.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\SPtool.dll_1391453631109.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\Main\bin\uninstall.exe.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPTool64.exe.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPVC64.dll.vir a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir a variant of Win64/Conduit.SearchProtect.A potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SearchProtect\UI\bin\cltmngui.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SingAlong\chrome.crx.vir Win32/Adware.AddLyrics.F application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\SingAlong\FF\chrome\content\main.js.vir Win32/Adware.AddLyrics.F application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\roboot.exe.vir a variant of Win32/Systweak.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240274.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240275.rbf a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240276.rbf a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240277.rbf a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240278.rbf a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240281.rbf a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240283.msi a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240293.exe Win32/SProtector.B potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240296.dll a variant of Win32/Toolbar.Montiera.F potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240297.dll a variant of Win32/Toolbar.Escort.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240298.dll a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240299.dll probably a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240300.exe Win32/Toolbar.Montiera.B potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP202\A0240301.exe a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP203\A0240419.exe a variant of Win32/ExpressFiles.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP203\A0240421.exe a variant of Win32/YourFileDownloader.B potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP203\A0240430.exe a variant of Win32/ExpressFiles.B potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP204\A0240644.exe a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP204\A0240648.exe a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP204\A0240664.exe a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP208\A0240749.exe Win32/SpeedUpMyPC potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP216\A0244173.exe Win32/SpeedUpMyPC potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0266788.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0266793.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0266794.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0266795.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0266800.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0266805.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0266806.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0266807.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0266823.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0267855.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0270989.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0270990.exe a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP249\A0270991.dll a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273581.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273585.dll Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273590.exe Win32/AdWare.Yontoo.F application cleaned by deleting - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273591.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273602.exe a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273614.exe a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273627.exe a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273637.exe a variant of Win32/Toolbar.Babylon.I potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273643.exe Win32/SpeedUpMyPC.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273644.exe Win32/SpeedUpMyPC.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273646.exe a variant of MSIL/WebCake.B potentially unwanted application deleted - quarantined


#6 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,042 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:21 PM

Posted 13 September 2014 - 03:40 PM

These files are quarantine, just click on Finish.

 

Are you doing the rest of the scans?

 

I have plans for this afternoon, so I may not get back to you till the morning.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#7 AliciaWestkey

AliciaWestkey
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 04:30 PM

Ya, thats fine, i'm in class i did the emisoft scan, it wont let me post it due to too  many emotes? idk, ill figure it out later, i have more classes now, i will do everything tonight, and if u could get back to me tomorrow that would be great, thanks for all ur help and i hope u dont encounter any peanut butter :)



#8 AliciaWestkey

AliciaWestkey
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 07:44 PM

Objects: Rootkits, Memory, Traces, C:\
 
Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 9/13/2014 3:16:13 PM
C:\Documents and Settings\Administrator\Local Settings\Application Data\cre detected: Application.AppInstall (A)
C:\Documents and Settings\Administrator\Local Settings\Application Data\cre detected: Application.AppInstall (A)
C:\Documents and Settings\Administrator\Local Settings\Application Data\cre detected: Application.AppInstall (A)
Key: HKEY_USERS\S-1-5-21-1078081533-1532298954-1801674531-500\SOFTWARE\SINGALONG detected: Application.InstallAd (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\coontinueetosavei\settings.ini.vir detected: Gen:Adware.MPlug.1 (
C:\Documents and Settings\All Users\Application Data\InstallMate\{1664AAC6-2B6B-4F75-AD9E-6349CD878830}\Custom.dll detected: Gen:Variant.Application.Downloader.164 (
C:\Documents and Settings\All Users\Application Data\InstallMate\{8C1B8513-D8DA-4016-A2FD-90F857F8A7E5}\Custom.dll detected: Gen:Variant.Application.Downloader.164 (
C:\Documents and Settings\All Users\Application Data\InstallMate\{F7323E5E-2BC7-4EAB-AC40-63E52CD11CA8}\Custom.dll detected: Gen:Variant.Application.Downloader.164 (
C:\Documents and Settings\All Users\Application Data\InstallMate\{F7A6250F-CAF6-43A7-A14C-82D42C4507F9}\Custom.dll detected: Gen:Variant.Application.Downloader.164 (
C:\Documents and Settings\All Users\Application Data\Rosetta Stone\TOTALe\Content\data\c4\2\c42ddaa4048f1df316406d352f8802dab652b5f2 detected: Exploit.CVE-2007-0071.Gen (
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273584.ini detected: Gen:Adware.MPlug.1 ( B)
 
Scanned 239331
Found 12
 
Scan end: 9/13/2014 4:26:30 PM
Scan time: 1:10:17
 
C:\System Volume Information\_restore{56F57A17-DC0F-4FA3-A493-2322662C80F6}\RP253\A0273584.ini Quarantined Gen:Adware.MPlug.1 ( B)
C:\Documents and Settings\All Users\Application Data\Rosetta Stone\TOTALe\Content\data\c4\2\c42ddaa4048f1df316406d352f8802dab652b5f2 Quarantined Exploit.CVE-2007-0071.Gen ( B)
C:\Documents and Settings\All Users\Application Data\InstallMate\{F7A6250F-CAF6-43A7-A14C-82D42C4507F9}\Custom.dll Quarantined Gen:Variant.Application.Downloader.164 ( B)
C:\Documents and Settings\All Users\Application Data\InstallMate\{F7323E5E-2BC7-4EAB-AC40-63E52CD11CA8}\Custom.dll Quarantined Gen:Variant.Application.Downloader.164 ( B)
C:\Documents and Settings\All Users\Application Data\InstallMate\{8C1B8513-D8DA-4016-A2FD-90F857F8A7E5}\Custom.dll Quarantined Gen:Variant.Application.Downloader.164 ( B)
C:\Documents and Settings\All Users\Application Data\InstallMate\{1664AAC6-2B6B-4F75-AD9E-6349CD878830}\Custom.dll Quarantined Gen:Variant.Application.Downloader.164 ( B)
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\coontinueetosavei\settings.ini.vir Quarantined Gen:Adware.MPlug.1 ( B)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Key: HKEY_USERS\S-1-5-21-1078081533-1532298954-1801674531-500\SOFTWARE\SINGALONG Quarantined Application.InstallAd (A)
C:\Documents and Settings\Administrator\Local Settings\Application Data\cre Quarantined Application.AppInstall (A)
 
Quarantined 10
 


#9 AliciaWestkey

AliciaWestkey
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 08:21 PM

TDSS Log - sorry guys its easier for me to do things 1 at a time so i can do it thoroughly and focus

 

Also one thing i noticed from this is the suspicious file that was found was "avgXX" XX substituted for 2 letters i dont remember, but i just recently uninstalled AVG because it is awful and drove me crazy, so this is something avg related, i think?

 

20:14:56.0468 0x0f7c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58

20:15:00.0671 0x0f7c  ============================================================

20:15:00.0671 0x0f7c  Current date / time: 2014/09/13 20:15:00.0671

20:15:00.0671 0x0f7c  SystemInfo:

20:15:00.0671 0x0f7c  

20:15:00.0671 0x0f7c  OS Version: 5.1.2600 ServicePack: 3.0

20:15:00.0671 0x0f7c  Product type: Workstation

20:15:00.0671 0x0f7c  ComputerName: KASEY-LATITUDE

20:15:00.0671 0x0f7c  UserName: Administrator

20:15:00.0671 0x0f7c  Windows directory: C:\WINDOWS

20:15:00.0671 0x0f7c  System windows directory: C:\WINDOWS

20:15:00.0671 0x0f7c  Processor architecture: Intel x86

20:15:00.0671 0x0f7c  Number of processors: 2

20:15:00.0671 0x0f7c  Page size: 0x1000

20:15:00.0671 0x0f7c  Boot type: Normal boot

20:15:00.0671 0x0f7c  ============================================================

20:15:00.0671 0x0f7c  BG loaded

20:15:00.0859 0x0f7c  System UUID: {7A400AED-6F16-2064-CD7F-A786D52DAC67}

20:15:01.0593 0x0f7c  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:15:01.0593 0x0f7c  ============================================================

20:15:01.0593 0x0f7c  \Device\Harddisk0\DR0:

20:15:01.0593 0x0f7c  MBR partitions:

20:15:01.0593 0x0f7c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3AD4F, BlocksNum 0x129DDD72

20:15:01.0593 0x0f7c  ============================================================

20:15:01.0703 0x0f7c  C: <-> \Device\Harddisk0\DR0\Partition1

20:15:01.0703 0x0f7c  ============================================================

20:15:01.0703 0x0f7c  Initialize success

20:15:01.0703 0x0f7c  ============================================================

20:15:15.0750 0x05c0  ============================================================

20:15:15.0750 0x05c0  Scan started

20:15:15.0750 0x05c0  Mode: Manual; SigCheck; TDLFS; 

20:15:15.0750 0x05c0  ============================================================

20:15:15.0750 0x05c0  KSN ping started

20:15:20.0546 0x05c0  KSN ping finished: true

20:15:21.0140 0x05c0  ================ Scan system memory ========================

20:15:21.0140 0x05c0  System memory - ok

20:15:21.0140 0x05c0  ================ Scan services =============================

20:15:21.0203 0x05c0  1394hub - ok

20:15:21.0312 0x05c0  [ B0CC0B50441372157F31C4C023D43A3E, A0FCC03588C06E42D3B8465AC7D0F7A909E8CABEEE3C82B3CBD68F150D7692EE ] A2DDA           C:\EEK\BIN\a2ddax86.sys

20:15:21.0437 0x05c0  A2DDA - ok

20:15:21.0531 0x05c0  Abiosdsk - ok

20:15:21.0531 0x05c0  abp480n5 - ok

20:15:21.0578 0x05c0  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

20:15:21.0781 0x05c0  ACPI - ok

20:15:21.0781 0x05c0  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

20:15:21.0890 0x05c0  ACPIEC - ok

20:15:21.0984 0x05c0  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

20:15:22.0015 0x05c0  AdobeFlashPlayerUpdateSvc - ok

20:15:22.0015 0x05c0  adpu160m - ok

20:15:22.0062 0x05c0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

20:15:22.0171 0x05c0  aec - ok

20:15:22.0203 0x05c0  [ FDE8ED2C9280AFB8975894AA78EEF59F, A3C2AF1C9DCC6EFFAF111512B941F2ACBE6076EC24DA67C8451A91E93BE6B931 ] AESTAud         C:\WINDOWS\system32\drivers\AESTAud.sys

20:15:22.0234 0x05c0  AESTAud - ok

20:15:22.0281 0x05c0  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

20:15:22.0312 0x05c0  AFD - ok

20:15:22.0312 0x05c0  Aha154x - ok

20:15:22.0328 0x05c0  aic78u2 - ok

20:15:22.0328 0x05c0  aic78xx - ok

20:15:22.0390 0x05c0  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

20:15:22.0500 0x05c0  Alerter - ok

20:15:22.0515 0x05c0  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe

20:15:22.0578 0x05c0  ALG - ok

20:15:22.0578 0x05c0  AliIde - ok

20:15:22.0593 0x05c0  amsint - ok

20:15:22.0640 0x05c0  [ 9910A9C7D307A9E156D951248601C33E, F1F5FEBFD5FEA684F2DEC84FF1DA946E1618A916D5FC4BE9DA5CFD4EE2E04642 ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys

20:15:22.0656 0x05c0  ApfiltrService - ok

20:15:22.0687 0x05c0  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

20:15:22.0734 0x05c0  AppMgmt - ok

20:15:22.0734 0x05c0  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

20:15:22.0843 0x05c0  Arp1394 - ok

20:15:22.0843 0x05c0  asc - ok

20:15:22.0843 0x05c0  asc3350p - ok

20:15:22.0843 0x05c0  asc3550 - ok

20:15:22.0921 0x05c0  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

20:15:22.0937 0x05c0  aspnet_state - ok

20:15:22.0953 0x05c0  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

20:15:23.0046 0x05c0  AsyncMac - ok

20:15:23.0046 0x05c0  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys

20:15:23.0140 0x05c0  atapi - ok

20:15:23.0140 0x05c0  Atdisk - ok

20:15:23.0156 0x05c0  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

20:15:23.0234 0x05c0  Atmarpc - ok

20:15:23.0265 0x05c0  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

20:15:23.0359 0x05c0  AudioSrv - ok

20:15:23.0390 0x05c0  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

20:15:23.0484 0x05c0  audstub - ok

20:15:23.0500 0x05c0  [ FBEB3F9BD3792C7284072C90EE6034FA, 669896CD0E02FE9EAE1C6D19BB30DC11BED3C68BFE0C764B7A4F43EFB3E1FC22 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys

20:15:23.0500 0x05c0  Suspicious file ( Forged ): C:\WINDOWS\system32\drivers\avgtpx86.sys. Real md5: FBEB3F9BD3792C7284072C90EE6034FA, sha256: 669896CD0E02FE9EAE1C6D19BB30DC11BED3C68BFE0C764B7A4F43EFB3E1FC22, fake md5: 21800990394B3CF2CC67BA7644A6E1CE, fake sha256: 5F5FC5E2D09F48A9F32199D1CC0EE3B0AF613676E84C44F3092A86D497344150

20:15:23.0500 0x05c0  avgtp - detected ForgedFile.Multi.Generic ( 1 )

20:15:28.0375 0x05c0  avgtp ( ForgedFile.Multi.Generic ) - warning

20:15:33.0343 0x05c0  [ 9208C78BD9283F79A30252AD954C77A2, B3632642D1780109A2AE42D35CF45E52C6A4422A30673107464B3969CC6225B7 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

20:15:33.0468 0x05c0  BCM43XX - ok

20:15:33.0515 0x05c0  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

20:15:33.0671 0x05c0  Beep - ok

20:15:33.0734 0x05c0  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll

20:15:33.0921 0x05c0  BITS - ok

20:15:33.0984 0x05c0  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll

20:15:34.0015 0x05c0  Browser - ok

20:15:34.0125 0x05c0  catchme - ok

20:15:34.0140 0x05c0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

20:15:34.0328 0x05c0  cbidf2k - ok

20:15:34.0359 0x05c0  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

20:15:34.0500 0x05c0  CCDECODE - ok

20:15:34.0531 0x05c0  [ D006B6A67B8DAED85E6D91783E9B45D6, EA928046B3A0B55F86525B60376C24F5A892EC1FDB4799199FFF7F27A0FCEE04 ] CCIDFILTER      C:\WINDOWS\system32\DRIVERS\ccidflt.sys

20:15:34.0562 0x05c0  CCIDFILTER - ok

20:15:34.0578 0x05c0  cd20xrnt - ok

20:15:34.0593 0x05c0  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

20:15:34.0734 0x05c0  Cdaudio - ok

20:15:34.0781 0x05c0  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

20:15:34.0906 0x05c0  Cdfs - ok

20:15:34.0953 0x05c0  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

20:15:35.0125 0x05c0  Cdrom - ok

20:15:35.0140 0x05c0  cerc6 - ok

20:15:35.0140 0x05c0  Changer - ok

20:15:35.0171 0x05c0  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

20:15:35.0312 0x05c0  CiSvc - ok

20:15:35.0359 0x05c0  [ DBC8CDAFC84E96E894C3BAAED9B30F47, A25CDF4BBF8227878D3CBB8E74904A43751EC4E98DFEBFE4CBD3953890A170F9 ] cleanhlp        C:\EEK\bin\cleanhlp32.sys

20:15:35.0375 0x05c0  cleanhlp - ok

20:15:35.0406 0x05c0  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

20:15:35.0578 0x05c0  ClipSrv - ok

20:15:35.0609 0x05c0  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:15:35.0625 0x05c0  clr_optimization_v2.0.50727_32 - ok

20:15:35.0656 0x05c0  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys

20:15:35.0828 0x05c0  CmBatt - ok

20:15:35.0843 0x05c0  CmdIde - ok

20:15:35.0859 0x05c0  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys

20:15:36.0000 0x05c0  Compbatt - ok

20:15:36.0015 0x05c0  COMSysApp - ok

20:15:36.0015 0x05c0  Cpqarray - ok

20:15:36.0140 0x05c0  [ 9D57165906778C9E5E0ECB34B311564B, E158E54ED63C1A1DB67FA3A4E67F1CE6934F9861D4B7DCD5F111AB47C9EEC0FE ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe

20:15:36.0203 0x05c0  Credential Vault Host Control Service - ok

20:15:36.0234 0x05c0  [ E31E97859DEEE648D5867EADFBDBF25A, A0874F1B7B21CBAC76F7632DC60F5E233719194BB3E06A5AE816663AA6CFFF71 ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe

20:15:36.0265 0x05c0  Credential Vault Host Storage - ok

20:15:36.0312 0x05c0  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

20:15:36.0468 0x05c0  CryptSvc - ok

20:15:36.0500 0x05c0  [ DC6429FBC73B0B0B38CC5386C8A607ED, AD4B8F41124CCCC90D4586CC2CD15F3B9070CDA8814BC2D09771FEAB2C2978C0 ] cvusbdrv        C:\WINDOWS\system32\Drivers\cvusbdrv.sys

20:15:36.0531 0x05c0  cvusbdrv - ok

20:15:36.0546 0x05c0  dac2w2k - ok

20:15:36.0546 0x05c0  dac960nt - ok

20:15:36.0640 0x05c0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

20:15:36.0703 0x05c0  DcomLaunch - ok

20:15:36.0734 0x05c0  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

20:15:36.0890 0x05c0  Dhcp - ok

20:15:36.0906 0x05c0  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

20:15:37.0031 0x05c0  Disk - ok

20:15:37.0062 0x05c0  [ A0500678A33802D8954153839301D539, C0EC7164985DD805A08EC13D30E2596017AF76C97BD912A635AEEF1762D49564 ] DLABMFSM        C:\WINDOWS\system32\Drivers\DLABMFSM.SYS

20:15:37.0093 0x05c0  DLABMFSM - ok

20:15:37.0109 0x05c0  [ B8D2F68CAC54D46281399F9092644794, A5CEA410D0EEB6A3E1FC003DEFB2E5DAE8761CCC280B741306E3D7AA5D57EDF3 ] DLABOIOM        C:\WINDOWS\system32\Drivers\DLABOIOM.SYS

20:15:37.0125 0x05c0  DLABOIOM - ok

20:15:37.0140 0x05c0  [ 0EE93AB799D1CB4EC90B36F3612FE907, 8BEAC6C686429F67D9147E8D1E675F9E993650F8037DE6D9A9829784E8116C6F ] DLACDBHM        C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

20:15:37.0156 0x05c0  DLACDBHM - ok

20:15:37.0156 0x05c0  [ 87413B94AE1FABC117C4E8AE6725134E, 8B34AE7CB31DA7F215B5F94D74EBD7CDBB1B239763417BD1A43B2F21830074E0 ] DLADResM        C:\WINDOWS\system32\Drivers\DLADResM.SYS

20:15:37.0187 0x05c0  DLADResM - ok

20:15:37.0203 0x05c0  [ 766A148235BE1C0039C974446E4C0EDC, C9823A75083BE88B5F35D09B0F188856F6FBE37098787E61F780D1950E1B8C63 ] DLAIFS_M        C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS

20:15:37.0234 0x05c0  DLAIFS_M - ok

20:15:37.0234 0x05c0  [ 38267CCA177354F1C64450A43A4F7627, DEC627B16BB13273ADD6F629CD99BB138081C276AD539206BBA8723092E7FEE0 ] DLAOPIOM        C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS

20:15:37.0265 0x05c0  DLAOPIOM - ok

20:15:37.0281 0x05c0  [ FD363369FD313B46B5AEAB1A688B52E9, 67E8F268727555F2FA9EACE32131A924DC164ADAED320AF5999B5647701EC0E7 ] DLAPoolM        C:\WINDOWS\system32\Drivers\DLAPoolM.SYS

20:15:37.0312 0x05c0  DLAPoolM - ok

20:15:37.0328 0x05c0  [ 336AE18F0912EF4FBE5518849E004D74, 652F47AF0401B8EE8303B3D3113B87C18313EFA0F4F20793A140411CD6984F22 ] DLARTL_M        C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

20:15:37.0375 0x05c0  DLARTL_M - ok

20:15:37.0406 0x05c0  [ FD85F682C1CC2A7CA878C7A448E6D87E, FF63F13DD5203B262A7CC442CD8CC9E7611BB246DC5E79676379742B88E1B0DD ] DLAUDFAM        C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS

20:15:37.0437 0x05c0  DLAUDFAM - ok

20:15:37.0468 0x05c0  [ AF389CE587B6BF5BBDCD6F6ABE5EABC0, 58D4A7886FD114E65D5B2E80F451160A5092FF91A81CED314F959E51A8F98BFE ] DLAUDF_M        C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS

20:15:37.0500 0x05c0  DLAUDF_M - ok

20:15:37.0500 0x05c0  dmadmin - ok

20:15:37.0562 0x05c0  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

20:15:37.0750 0x05c0  dmboot - ok

20:15:37.0781 0x05c0  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

20:15:37.0953 0x05c0  dmio - ok

20:15:38.0015 0x05c0  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

20:15:38.0171 0x05c0  dmload - ok

20:15:38.0203 0x05c0  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll

20:15:38.0359 0x05c0  dmserver - ok

20:15:38.0406 0x05c0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

20:15:38.0593 0x05c0  DMusic - ok

20:15:38.0609 0x05c0  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

20:15:38.0656 0x05c0  Dnscache - ok

20:15:38.0671 0x05c0  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

20:15:38.0859 0x05c0  Dot3svc - ok

20:15:38.0859 0x05c0  dpti2o - ok

20:15:38.0875 0x05c0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

20:15:39.0031 0x05c0  drmkaud - ok

20:15:39.0046 0x05c0  [ 5D3B71BB2BB0009D65D290E2EF374BD3, 8D3A6164654975CEB85306A9FA24C554BD8BDF786CB8AC670D2E1314C567EF0A ] DRVMCDB         C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

20:15:39.0078 0x05c0  DRVMCDB - ok

20:15:39.0109 0x05c0  [ C591BA9F96F40A1FD6494DAFDCD17185, 645BAACFF58131674559959B594FC7DB2400F1009FC0338C4AD54CB41B0B384C ] DRVNDDM         C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

20:15:39.0140 0x05c0  DRVNDDM - ok

20:15:39.0171 0x05c0  [ 0000BFDA0DE85BFD5D0086B1013E1F72, 012332CAECD09E255A4B1A73D133C64A309727E0A58F3BC124194AA40828D42E ] e1yexpress      C:\WINDOWS\system32\DRIVERS\e1y5132.sys

20:15:39.0203 0x05c0  e1yexpress - ok

20:15:39.0218 0x05c0  EagleXNt - ok

20:15:39.0250 0x05c0  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll

20:15:39.0406 0x05c0  EapHost - ok

20:15:39.0421 0x05c0  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

20:15:39.0625 0x05c0  ERSvc - ok

20:15:39.0671 0x05c0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe

20:15:39.0718 0x05c0  Eventlog - ok

20:15:39.0765 0x05c0  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll

20:15:39.0812 0x05c0  EventSystem - ok

20:15:39.0859 0x05c0  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

20:15:40.0015 0x05c0  Fastfat - ok

20:15:40.0062 0x05c0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

20:15:40.0140 0x05c0  FastUserSwitchingCompatibility - ok

20:15:40.0156 0x05c0  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

20:15:40.0296 0x05c0  Fdc - ok

20:15:40.0343 0x05c0  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

20:15:40.0500 0x05c0  Fips - ok

20:15:40.0625 0x05c0  [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

20:15:40.0718 0x05c0  FLEXnet Licensing Service - ok

20:15:40.0734 0x05c0  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

20:15:40.0890 0x05c0  Flpydisk - ok

20:15:40.0921 0x05c0  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys

20:15:41.0062 0x05c0  FltMgr - ok

20:15:41.0109 0x05c0  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

20:15:41.0140 0x05c0  FontCache3.0.0.0 - ok

20:15:41.0140 0x05c0  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

20:15:41.0281 0x05c0  Fs_Rec - ok

20:15:41.0312 0x05c0  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

20:15:41.0500 0x05c0  Ftdisk - ok

20:15:41.0531 0x05c0  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

20:15:41.0671 0x05c0  Gpc - ok

20:15:41.0781 0x05c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe

20:15:41.0828 0x05c0  gupdate - ok

20:15:41.0828 0x05c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

20:15:41.0859 0x05c0  gupdatem - ok

20:15:41.0859 0x05c0  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

20:15:42.0015 0x05c0  HDAudBus - ok

20:15:42.0078 0x05c0  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

20:15:42.0234 0x05c0  helpsvc - ok

20:15:42.0265 0x05c0  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll

20:15:42.0437 0x05c0  HidServ - ok

20:15:42.0484 0x05c0  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

20:15:42.0687 0x05c0  HidUsb - ok

20:15:42.0718 0x05c0  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

20:15:42.0890 0x05c0  hkmsvc - ok

20:15:42.0906 0x05c0  hpn - ok

20:15:42.0953 0x05c0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

20:15:43.0000 0x05c0  HTTP - ok

20:15:43.0031 0x05c0  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

20:15:43.0171 0x05c0  HTTPFilter - ok

20:15:43.0171 0x05c0  i2omgmt - ok

20:15:43.0171 0x05c0  i2omp - ok

20:15:43.0234 0x05c0  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

20:15:43.0375 0x05c0  i8042prt - ok

20:15:43.0421 0x05c0  [ 707C1692214B1C290271067197F075F6, 7D0DB754604AABC4AA09AB8BA94326B1A1C2A76F3C2C2C7D6FA14F964BE68A51 ] iastor          C:\WINDOWS\system32\drivers\iastor.sys

20:15:43.0437 0x05c0  iastor - ok

20:15:43.0500 0x05c0  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

20:15:43.0671 0x05c0  Imapi - ok

20:15:43.0718 0x05c0  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe

20:15:43.0843 0x05c0  ImapiService - ok

20:15:43.0859 0x05c0  ini910u - ok

20:15:43.0906 0x05c0  IntelIde - ok

20:15:43.0968 0x05c0  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

20:15:44.0109 0x05c0  intelppm - ok

20:15:44.0140 0x05c0  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

20:15:44.0281 0x05c0  Ip6Fw - ok

20:15:44.0312 0x05c0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

20:15:44.0500 0x05c0  IpFilterDriver - ok

20:15:44.0500 0x05c0  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

20:15:44.0625 0x05c0  IpInIp - ok

20:15:44.0656 0x05c0  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

20:15:44.0812 0x05c0  IpNat - ok

20:15:44.0859 0x05c0  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

20:15:45.0015 0x05c0  IPSec - ok

20:15:45.0046 0x05c0  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

20:15:45.0140 0x05c0  IRENUM - ok

20:15:45.0171 0x05c0  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

20:15:45.0343 0x05c0  isapnp - ok

20:15:45.0406 0x05c0  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

20:15:45.0562 0x05c0  Kbdclass - ok

20:15:45.0609 0x05c0  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

20:15:45.0750 0x05c0  kbdhid - ok

20:15:45.0765 0x05c0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

20:15:45.0906 0x05c0  kmixer - ok

20:15:45.0937 0x05c0  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

20:15:45.0968 0x05c0  KSecDD - ok

20:15:46.0015 0x05c0  [ F824476E660DD910E627615C700D2BEC, 7CA73AE4AAF09BAB975C7EEFB423B94EC30FCC182347341DB16A9F706F729444 ] LADF_CaptureOnly C:\WINDOWS\system32\DRIVERS\ladfGSCi386.sys

20:15:46.0046 0x05c0  LADF_CaptureOnly - ok

20:15:46.0078 0x05c0  [ 36A5647162101C3497B821FD368EF736, E210AEDA182D92FDDA16D6E33C228FD4794ED9B4A9184AC52691F3F0FC66D6B4 ] LADF_RenderOnly C:\WINDOWS\system32\DRIVERS\ladfGSRi386.sys

20:15:46.0125 0x05c0  LADF_RenderOnly - ok

20:15:46.0171 0x05c0  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll

20:15:46.0234 0x05c0  LanmanServer - ok

20:15:46.0296 0x05c0  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

20:15:46.0359 0x05c0  lanmanworkstation - ok

20:15:46.0359 0x05c0  lbrtfdc - ok

20:15:46.0421 0x05c0  [ 170E7093A77AD586F3A012A3DB651D94, 43A7C3BFBEC8FB255AB2B77C2A9705777EF6607F6BF0E8F2664766116EAAD536 ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys

20:15:46.0421 0x05c0  LGBusEnum - ok

20:15:46.0500 0x05c0  [ D2DD04D1C8DF65EECD1F2C7FB947D43E, 980FCE188FCB57C8F210A4905D345D2D6D32545EFE673BE51B3D3AE18084243B ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys

20:15:46.0531 0x05c0  LGVirHid - ok

20:15:46.0593 0x05c0  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

20:15:46.0750 0x05c0  LmHosts - ok

20:15:46.0765 0x05c0  [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys

20:15:46.0781 0x05c0  MBAMProtector - ok

20:15:46.0937 0x05c0  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

20:15:47.0125 0x05c0  MBAMScheduler - ok

20:15:47.0203 0x05c0  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

20:15:47.0250 0x05c0  MBAMService - ok

20:15:47.0296 0x05c0  [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

20:15:47.0328 0x05c0  MBAMSwissArmy - ok

20:15:47.0421 0x05c0  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

20:15:47.0453 0x05c0  MDM - ok

20:15:47.0500 0x05c0  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

20:15:47.0640 0x05c0  Messenger - ok

20:15:47.0656 0x05c0  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

20:15:47.0781 0x05c0  mnmdd - ok

20:15:47.0812 0x05c0  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

20:15:47.0953 0x05c0  mnmsrvc - ok

20:15:47.0968 0x05c0  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

20:15:48.0140 0x05c0  Modem - ok

20:15:48.0171 0x05c0  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

20:15:48.0343 0x05c0  Mouclass - ok

20:15:48.0359 0x05c0  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

20:15:48.0515 0x05c0  mouhid - ok

20:15:48.0546 0x05c0  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

20:15:48.0718 0x05c0  MountMgr - ok

20:15:48.0718 0x05c0  mraid35x - ok

20:15:48.0765 0x05c0  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

20:15:48.0921 0x05c0  MRxDAV - ok

20:15:48.0937 0x05c0  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

20:15:49.0015 0x05c0  MRxSmb - ok

20:15:49.0046 0x05c0  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

20:15:49.0203 0x05c0  MSDTC - ok

20:15:49.0218 0x05c0  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

20:15:49.0375 0x05c0  Msfs - ok

20:15:49.0375 0x05c0  MSIServer - ok

20:15:49.0406 0x05c0  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

20:15:49.0546 0x05c0  MSKSSRV - ok

20:15:49.0578 0x05c0  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

20:15:49.0703 0x05c0  MSPCLOCK - ok

20:15:49.0718 0x05c0  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

20:15:49.0890 0x05c0  MSPQM - ok

20:15:49.0937 0x05c0  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

20:15:50.0109 0x05c0  mssmbios - ok

20:15:50.0125 0x05c0  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

20:15:50.0265 0x05c0  MSTEE - ok

20:15:50.0296 0x05c0  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

20:15:50.0328 0x05c0  Mup - ok

20:15:50.0359 0x05c0  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

20:15:50.0500 0x05c0  NABTSFEC - ok

20:15:50.0562 0x05c0  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll

20:15:50.0750 0x05c0  napagent - ok

20:15:50.0781 0x05c0  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

20:15:50.0921 0x05c0  NDIS - ok

20:15:50.0953 0x05c0  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys

20:15:51.0093 0x05c0  NdisIP - ok

20:15:51.0109 0x05c0  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

20:15:51.0140 0x05c0  NdisTapi - ok

20:15:51.0187 0x05c0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

20:15:51.0312 0x05c0  Ndisuio - ok

20:15:51.0328 0x05c0  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

20:15:51.0468 0x05c0  NdisWan - ok

20:15:51.0484 0x05c0  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

20:15:51.0531 0x05c0  NDProxy - ok

20:15:51.0531 0x05c0  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

20:15:51.0671 0x05c0  NetBIOS - ok

20:15:51.0703 0x05c0  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

20:15:51.0875 0x05c0  NetBT - ok

20:15:51.0906 0x05c0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe

20:15:52.0062 0x05c0  NetDDE - ok

20:15:52.0062 0x05c0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

20:15:52.0187 0x05c0  NetDDEdsdm - ok

20:15:52.0218 0x05c0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe

20:15:52.0359 0x05c0  Netlogon - ok

20:15:52.0406 0x05c0  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll

20:15:52.0546 0x05c0  Netman - ok

20:15:52.0593 0x05c0  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

20:15:52.0718 0x05c0  NIC1394 - ok

20:15:52.0765 0x05c0  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll

20:15:52.0812 0x05c0  Nla - ok

20:15:52.0812 0x05c0  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

20:15:52.0953 0x05c0  Npfs - ok

20:15:53.0000 0x05c0  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

20:15:53.0140 0x05c0  Ntfs - ok

20:15:53.0156 0x05c0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

20:15:53.0328 0x05c0  NtLmSsp - ok

20:15:53.0375 0x05c0  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

20:15:53.0515 0x05c0  NtmsSvc - ok

20:15:53.0531 0x05c0  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

20:15:53.0703 0x05c0  Null - ok

20:15:54.0140 0x05c0  [ 25167771F5AFAD71808B0080FE4F2312, 8477FF9F50F81716322CF39DB265B8C210060AE146EF244B7DDBAE9BFCFE2BDF ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

20:15:54.0750 0x05c0  nv - ok

20:15:54.0828 0x05c0  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

20:15:54.0953 0x05c0  NwlnkFlt - ok

20:15:54.0968 0x05c0  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

 

20:16:18.0875 0x05c0  [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll

20:16:18.0875 0x05c0  C:\WINDOWS\system32\authz.dll - ok

20:16:18.0875 0x05c0  [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll

20:16:18.0875 0x05c0  C:\WINDOWS\system32\msvcrt.dll - ok

20:16:18.0890 0x05c0  [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll

20:16:18.0890 0x05c0  C:\WINDOWS\system32\crypt32.dll - ok

20:16:18.0906 0x05c0  [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll

20:16:18.0906 0x05c0  C:\WINDOWS\system32\msasn1.dll - ok

20:16:18.0921 0x05c0  [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll

20:16:18.0921 0x05c0  C:\WINDOWS\system32\nddeapi.dll - ok

20:16:18.0921 0x05c0  [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll

20:16:18.0921 0x05c0  C:\WINDOWS\system32\netapi32.dll - ok

20:16:18.0937 0x05c0  [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll

20:16:18.0937 0x05c0  C:\WINDOWS\system32\profmap.dll - ok

20:16:18.0968 0x05c0  [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll

20:16:18.0968 0x05c0  C:\WINDOWS\system32\userenv.dll - ok

20:16:18.0968 0x05c0  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll

20:16:18.0968 0x05c0  C:\WINDOWS\system32\psapi.dll - ok

20:16:18.0968 0x05c0  [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll

20:16:18.0968 0x05c0  C:\WINDOWS\system32\regapi.dll - ok

20:16:18.0984 0x05c0  [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll

20:16:18.0984 0x05c0  C:\WINDOWS\system32\setupapi.dll - ok

20:16:19.0000 0x05c0  [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll

20:16:19.0000 0x05c0  C:\WINDOWS\system32\version.dll - ok

20:16:19.0015 0x05c0  [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll

20:16:19.0015 0x05c0  C:\WINDOWS\system32\imagehlp.dll - ok

20:16:19.0031 0x05c0  [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll

20:16:19.0031 0x05c0  C:\WINDOWS\system32\winsta.dll - ok

20:16:19.0031 0x05c0  [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll

20:16:19.0031 0x05c0  C:\WINDOWS\system32\wintrust.dll - ok

20:16:19.0031 0x05c0  [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll

20:16:19.0031 0x05c0  C:\WINDOWS\system32\imm32.dll - ok

20:16:19.0046 0x05c0  [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll

20:16:19.0046 0x05c0  C:\WINDOWS\system32\ws2help.dll - ok

20:16:19.0062 0x05c0  [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll

20:16:19.0062 0x05c0  C:\WINDOWS\system32\ws2_32.dll - ok

20:16:19.0062 0x05c0  [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll

20:16:19.0062 0x05c0  C:\WINDOWS\system32\kbdus.dll - ok

20:16:19.0078 0x05c0  [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll

20:16:19.0078 0x05c0  C:\WINDOWS\system32\msgina.dll - ok

20:16:19.0078 0x05c0  [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll

20:16:19.0093 0x05c0  C:\WINDOWS\system32\comctl32.dll - ok

20:16:19.0093 0x05c0  [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll

20:16:19.0093 0x05c0  C:\WINDOWS\system32\odbc32.dll - ok

20:16:19.0109 0x05c0  [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll

20:16:19.0109 0x05c0  C:\WINDOWS\system32\comdlg32.dll - ok

20:16:19.0125 0x05c0  [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll

20:16:19.0125 0x05c0  C:\WINDOWS\system32\shell32.dll - ok

20:16:19.0125 0x05c0  [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll

20:16:19.0125 0x05c0  C:\WINDOWS\system32\shlwapi.dll - ok

20:16:19.0140 0x05c0  [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll

20:16:19.0140 0x05c0  C:\WINDOWS\system32\sxs.dll - ok

20:16:19.0156 0x05c0  [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

20:16:19.0156 0x05c0  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok

20:16:19.0171 0x05c0  [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll

20:16:19.0171 0x05c0  C:\WINDOWS\system32\odbcint.dll - ok

20:16:19.0171 0x05c0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll

20:16:19.0171 0x05c0  C:\WINDOWS\system32\shsvcs.dll - ok

20:16:19.0187 0x05c0  [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll

20:16:19.0187 0x05c0  C:\WINDOWS\system32\ole32.dll - ok

20:16:19.0203 0x05c0  [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll

20:16:19.0203 0x05c0  C:\WINDOWS\system32\sfc.dll - ok

20:16:19.0218 0x05c0  [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll

20:16:19.0218 0x05c0  C:\WINDOWS\system32\sfc_os.dll - ok

20:16:19.0218 0x05c0  [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll

20:16:19.0218 0x05c0  C:\WINDOWS\system32\apphelp.dll - ok

20:16:19.0234 0x05c0  [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll

20:16:19.0234 0x05c0  C:\WINDOWS\system32\lsasrv.dll - ok

20:16:19.0250 0x05c0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe

20:16:19.0250 0x05c0  C:\WINDOWS\system32\lsass.exe - ok

20:16:19.0265 0x05c0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

20:16:19.0265 0x05c0  C:\WINDOWS\system32\services.exe - ok

20:16:19.0265 0x05c0  [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll

20:16:19.0265 0x05c0  C:\WINDOWS\system32\msvcp60.dll - ok

20:16:19.0281 0x05c0  [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll

20:16:19.0281 0x05c0  C:\WINDOWS\system32\ncobjapi.dll - ok

20:16:19.0281 0x05c0  [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll

20:16:19.0281 0x05c0  C:\WINDOWS\system32\mpr.dll - ok

20:16:19.0296 0x05c0  [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll

20:16:19.0296 0x05c0  C:\WINDOWS\system32\scesrv.dll - ok

20:16:19.0296 0x05c0  [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll

20:16:19.0296 0x05c0  C:\WINDOWS\system32\dnsapi.dll - ok

20:16:19.0312 0x05c0  [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll

20:16:19.0312 0x05c0  C:\WINDOWS\system32\ntdsapi.dll - ok

20:16:19.0328 0x05c0  [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll

20:16:19.0343 0x05c0  C:\WINDOWS\system32\shimeng.dll - ok

20:16:19.0343 0x05c0  [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll

20:16:19.0343 0x05c0  C:\WINDOWS\system32\umpnpmgr.dll - ok

20:16:19.0359 0x05c0  [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\AcAdProc.dll

20:16:19.0359 0x05c0  C:\WINDOWS\AppPatch\AcAdProc.dll - ok

20:16:19.0359 0x05c0  [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll

20:16:19.0359 0x05c0  C:\WINDOWS\system32\wldap32.dll - ok

20:16:19.0359 0x05c0  [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll

20:16:19.0359 0x05c0  C:\WINDOWS\system32\samlib.dll - ok

20:16:19.0390 0x05c0  [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll

20:16:19.0390 0x05c0  C:\WINDOWS\system32\samsrv.dll - ok

20:16:19.0406 0x05c0  [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\AcGenral.dll

20:16:19.0406 0x05c0  C:\WINDOWS\AppPatch\AcGenral.dll - ok

20:16:19.0421 0x05c0  [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll

20:16:19.0421 0x05c0  C:\WINDOWS\system32\cryptdll.dll - ok

20:16:19.0421 0x05c0  [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll

20:16:19.0421 0x05c0  C:\WINDOWS\system32\winmm.dll - ok

20:16:19.0437 0x05c0  [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll

20:16:19.0437 0x05c0  C:\WINDOWS\system32\oleaut32.dll - ok

20:16:19.0453 0x05c0  [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll

20:16:19.0453 0x05c0  C:\WINDOWS\system32\msacm32.dll - ok

20:16:19.0468 0x05c0  [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll

20:16:19.0468 0x05c0  C:\WINDOWS\system32\uxtheme.dll - ok

20:16:19.0468 0x05c0  [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll

20:16:19.0468 0x05c0  C:\WINDOWS\system32\digest.dll - ok

20:16:19.0484 0x05c0  [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll

20:16:19.0484 0x05c0  C:\WINDOWS\system32\msapsspc.dll - ok

20:16:19.0484 0x05c0  [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll

20:16:19.0484 0x05c0  C:\WINDOWS\system32\msvcrt40.dll - ok

20:16:19.0500 0x05c0  [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll

20:16:19.0500 0x05c0  C:\WINDOWS\system32\schannel.dll - ok

20:16:19.0500 0x05c0  [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll

20:16:19.0500 0x05c0  C:\WINDOWS\system32\msnsspc.dll - ok

20:16:19.0515 0x05c0  [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll

20:16:19.0515 0x05c0  C:\WINDOWS\system32\msprivs.dll - ok

20:16:19.0531 0x05c0  [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll

20:16:19.0531 0x05c0  C:\WINDOWS\system32\kerberos.dll - ok

20:16:19.0531 0x05c0  [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\MSCTFIME.IME

20:16:19.0531 0x05c0  C:\WINDOWS\system32\MSCTFIME.IME - ok

20:16:19.0531 0x05c0  [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll

20:16:19.0531 0x05c0  C:\WINDOWS\system32\msv1_0.dll - ok

20:16:19.0546 0x05c0  [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll

20:16:19.0546 0x05c0  C:\WINDOWS\system32\iphlpapi.dll - ok

20:16:19.0546 0x05c0  [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll

20:16:19.0546 0x05c0  C:\WINDOWS\system32\atmfd.dll - ok

20:16:19.0578 0x05c0  [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll

20:16:19.0578 0x05c0  C:\WINDOWS\system32\netlogon.dll - ok

20:16:19.0578 0x05c0  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll

20:16:19.0578 0x05c0  C:\WINDOWS\system32\w32time.dll - ok

20:16:19.0593 0x05c0  [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll

20:16:19.0593 0x05c0  C:\WINDOWS\system32\wdigest.dll - ok

20:16:19.0593 0x05c0  [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll

20:16:19.0593 0x05c0  C:\WINDOWS\system32\rsaenh.dll - ok

20:16:19.0593 0x05c0  [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll

20:16:19.0593 0x05c0  C:\WINDOWS\system32\winscard.dll - ok

20:16:19.0609 0x05c0  [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll

20:16:19.0609 0x05c0  C:\WINDOWS\system32\scecli.dll - ok

20:16:19.0625 0x05c0  [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll

20:16:19.0625 0x05c0  C:\WINDOWS\system32\wtsapi32.dll - ok

20:16:19.0625 0x05c0  [ C591BA9F96F40A1FD6494DAFDCD17185, 645BAACFF58131674559959B594FC7DB2400F1009FC0338C4AD54CB41B0B384C ] C:\WINDOWS\system32\drivers\DRVNDDM.SYS

20:16:19.0625 0x05c0  C:\WINDOWS\system32\drivers\DRVNDDM.SYS - ok

20:16:19.0640 0x05c0  [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] C:\WINDOWS\system32\drivers\mbam.sys

20:16:19.0640 0x05c0  C:\WINDOWS\system32\drivers\mbam.sys - ok

20:16:19.0640 0x05c0  [ A0500678A33802D8954153839301D539, C0EC7164985DD805A08EC13D30E2596017AF76C97BD912A635AEEF1762D49564 ] C:\WINDOWS\system32\drivers\DLABMFSM.SYS

20:16:19.0640 0x05c0  C:\WINDOWS\system32\drivers\DLABMFSM.SYS - ok

20:16:19.0640 0x05c0  [ B8D2F68CAC54D46281399F9092644794, A5CEA410D0EEB6A3E1FC003DEFB2E5DAE8761CCC280B741306E3D7AA5D57EDF3 ] C:\WINDOWS\system32\drivers\DLABOIOM.SYS

20:16:19.0640 0x05c0  C:\WINDOWS\system32\drivers\DLABOIOM.SYS - ok

20:16:19.0640 0x05c0  [ 87413B94AE1FABC117C4E8AE6725134E, 8B34AE7CB31DA7F215B5F94D74EBD7CDBB1B239763417BD1A43B2F21830074E0 ] C:\WINDOWS\system32\drivers\DLADResM.SYS

20:16:19.0640 0x05c0  C:\WINDOWS\system32\drivers\DLADResM.SYS - ok

20:16:19.0656 0x05c0  [ 766A148235BE1C0039C974446E4C0EDC, C9823A75083BE88B5F35D09B0F188856F6FBE37098787E61F780D1950E1B8C63 ] C:\WINDOWS\system32\drivers\DLAIFS_M.SYS

20:16:19.0656 0x05c0  C:\WINDOWS\system32\drivers\DLAIFS_M.SYS - ok

20:16:19.0656 0x05c0  [ 38267CCA177354F1C64450A43A4F7627, DEC627B16BB13273ADD6F629CD99BB138081C276AD539206BBA8723092E7FEE0 ] C:\WINDOWS\system32\drivers\DLAOPIOM.SYS

20:16:19.0656 0x05c0  C:\WINDOWS\system32\drivers\DLAOPIOM.SYS - ok

20:16:19.0656 0x05c0  [ FD363369FD313B46B5AEAB1A688B52E9, 67E8F268727555F2FA9EACE32131A924DC164ADAED320AF5999B5647701EC0E7 ] C:\WINDOWS\system32\drivers\DLAPoolM.SYS

20:16:19.0656 0x05c0  C:\WINDOWS\system32\drivers\DLAPoolM.SYS - ok

20:16:19.0656 0x05c0  [ FD85F682C1CC2A7CA878C7A448E6D87E, FF63F13DD5203B262A7CC442CD8CC9E7611BB246DC5E79676379742B88E1B0DD ] C:\WINDOWS\system32\drivers\DLAUDFAM.SYS

20:16:19.0656 0x05c0  C:\WINDOWS\system32\drivers\DLAUDFAM.SYS - ok

20:16:19.0656 0x05c0  [ AF389CE587B6BF5BBDCD6F6ABE5EABC0, 58D4A7886FD114E65D5B2E80F451160A5092FF91A81CED314F959E51A8F98BFE ] C:\WINDOWS\system32\drivers\DLAUDF_M.SYS

20:16:19.0656 0x05c0  C:\WINDOWS\system32\drivers\DLAUDF_M.SYS - ok

20:16:19.0671 0x05c0  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe

20:16:19.0671 0x05c0  C:\WINDOWS\system32\svchost.exe - ok

20:16:19.0671 0x05c0  [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll

20:16:19.0671 0x05c0  C:\WINDOWS\system32\ntmarta.dll - ok

20:16:19.0671 0x05c0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll

20:16:19.0671 0x05c0  C:\WINDOWS\system32\rpcss.dll - ok

20:16:19.0671 0x05c0  [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll

20:16:19.0671 0x05c0  C:\WINDOWS\system32\xpsp2res.dll - ok

20:16:19.0687 0x05c0  [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll

20:16:19.0687 0x05c0  C:\WINDOWS\system32\eventlog.dll - ok

20:16:19.0687 0x05c0  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll

20:16:19.0687 0x05c0  C:\WINDOWS\system32\mswsock.dll - ok

20:16:19.0687 0x05c0  [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll

20:16:19.0687 0x05c0  C:\WINDOWS\system32\hnetcfg.dll - ok

20:16:19.0687 0x05c0  [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll

20:16:19.0687 0x05c0  C:\WINDOWS\system32\wshtcpip.dll - ok

20:16:19.0687 0x05c0  [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll

20:16:19.0687 0x05c0  C:\WINDOWS\system32\rasadhlp.dll - ok

20:16:19.0703 0x05c0  [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll

20:16:19.0703 0x05c0  C:\WINDOWS\system32\winrnr.dll - ok

20:16:19.0703 0x05c0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys

20:16:19.0703 0x05c0  C:\WINDOWS\system32\drivers\ndisuio.sys - ok

20:16:19.0703 0x05c0  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll

20:16:19.0703 0x05c0  C:\WINDOWS\system32\dhcpcsvc.dll - ok

20:16:19.0703 0x05c0  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll

20:16:19.0703 0x05c0  C:\WINDOWS\system32\dnsrslvr.dll - ok

20:16:19.0718 0x05c0  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll

20:16:19.0718 0x05c0  C:\WINDOWS\system32\lmhsvc.dll - ok

20:16:19.0718 0x05c0  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll

20:16:19.0718 0x05c0  C:\WINDOWS\system32\wzcsvc.dll - ok

20:16:19.0750 0x05c0  [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll

20:16:19.0750 0x05c0  C:\WINDOWS\system32\atl.dll - ok

20:16:19.0750 0x05c0  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll

20:16:19.0750 0x05c0  C:\WINDOWS\system32\eapolqec.dll - ok

20:16:19.0781 0x05c0  [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll

20:16:19.0781 0x05c0  C:\WINDOWS\system32\rtutils.dll - ok

20:16:19.0796 0x05c0  [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll

20:16:19.0796 0x05c0  C:\WINDOWS\system32\wmi.dll - ok

20:16:19.0796 0x05c0  [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll

20:16:19.0796 0x05c0  C:\WINDOWS\system32\dot3api.dll - ok

20:16:19.0796 0x05c0  [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll

20:16:19.0796 0x05c0  C:\WINDOWS\system32\esent.dll - ok

20:16:19.0812 0x05c0  [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll

20:16:19.0812 0x05c0  C:\WINDOWS\system32\qutil.dll - ok

20:16:19.0812 0x05c0  [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll

20:16:19.0812 0x05c0  C:\WINDOWS\system32\clbcatq.dll - ok

20:16:19.0828 0x05c0  [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll

20:16:19.0828 0x05c0  C:\WINDOWS\system32\comres.dll - ok

20:16:19.0828 0x05c0  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll

20:16:19.0828 0x05c0  C:\WINDOWS\system32\cryptui.dll - ok

20:16:19.0828 0x05c0  [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll

20:16:19.0828 0x05c0  C:\WINDOWS\system32\rastls.dll - ok

20:16:19.0843 0x05c0  [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll

20:16:19.0843 0x05c0  C:\WINDOWS\system32\cscdll.dll - ok

20:16:19.0859 0x05c0  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe

20:16:19.0859 0x05c0  C:\WINDOWS\system32\logonui.exe - ok

20:16:19.0859 0x05c0  [ 8AF91E4B4C1F5338EBE1548117304296, 493F46CB43496B8158924229094374D4531DA32E3C77FF4F86FCB86DEACFB79B ] C:\WINDOWS\system32\wininet.dll

20:16:19.0859 0x05c0  C:\WINDOWS\system32\wininet.dll - ok

20:16:19.0875 0x05c0  [ C5A12E24B7B529C2F0891C7598D29F6B, 215DF6E9F09E28ED093FD7463DBB05ED7AC661742F6E77F7B2E2B0D500AFF60D ] C:\WINDOWS\system32\WLTRYSVC.EXE

20:16:19.0875 0x05c0  C:\WINDOWS\system32\WLTRYSVC.EXE - ok

20:16:19.0875 0x05c0  [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll

20:16:19.0875 0x05c0  C:\WINDOWS\system32\duser.dll - ok

20:16:19.0890 0x05c0  [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll

20:16:19.0890 0x05c0  C:\WINDOWS\system32\dimsntfy.dll - ok

20:16:19.0906 0x05c0  [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll

20:16:19.0906 0x05c0  C:\WINDOWS\system32\normaliz.dll - ok

20:16:19.0906 0x05c0  [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv

20:16:19.0906 0x05c0  C:\WINDOWS\system32\winspool.drv - ok

20:16:19.0906 0x05c0  [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll

20:16:19.0906 0x05c0  C:\WINDOWS\system32\wlnotify.dll - ok

20:16:19.0921 0x05c0  [ 1387AB5807E7A29D880699CC733F6AED, 0A3B777546E5F5EBC7914118D0BB32546279AEC726FED05519E0CF8F97DFA039 ] C:\WINDOWS\system32\urlmon.dll

20:16:19.0921 0x05c0  C:\WINDOWS\system32\urlmon.dll - ok

20:16:19.0937 0x05c0  [ 1C4D0F52B4238B9388F2A28DD0903588, 5C0A154CDE14CB669C413756DEDC80B37C559BEB731F8B0061C6FE9772563226 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll

20:16:19.0937 0x05c0  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll - ok

20:16:19.0953 0x05c0  [ 99D0F8BC97D82F1BB2F31D9F4B39D969, D51A65752E9293AFE69D452D2FBDDC169D723A6C1F95BC4B5E7CD7B09923F656 ] C:\WINDOWS\system32\BCMWLTRY.EXE

20:16:19.0953 0x05c0  C:\WINDOWS\system32\BCMWLTRY.EXE - ok

20:16:19.0953 0x05c0  [ 02CF580510234E519736559A7F19EA20, 93DC16678B01DF2E12672AB93778151FDD7FF10C30CEF7A921553D86F97C3819 ] C:\WINDOWS\system32\WgaLogon.dll

20:16:19.0953 0x05c0  C:\WINDOWS\system32\WgaLogon.dll - ok

20:16:19.0968 0x05c0  [ 03A02D5A2D50198BDF6C62AF209438D0, 7A2577BB31B937436689EB8E3F415F71D3744209EFFC110C9B12C42025F36C88 ] C:\WINDOWS\system32\msxml3.dll

20:16:19.0968 0x05c0  C:\WINDOWS\system32\msxml3.dll - ok

20:16:19.0984 0x05c0  [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll

20:16:19.0984 0x05c0  C:\WINDOWS\system32\msimg32.dll - ok

20:16:20.0000 0x05c0  [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll

20:16:20.0000 0x05c0  C:\WINDOWS\system32\oleacc.dll - ok

20:16:20.0015 0x05c0  [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll

20:16:20.0015 0x05c0  C:\WINDOWS\system32\shgina.dll - ok

20:16:20.0031 0x05c0  [ 75E9D975DC47F3855367C343BFE296BA, 4B8DF408481A0ABDF7414F8B6141F87CA60318C485AC2814152D37D6BC0E0858 ] C:\WINDOWS\system32\bcm1xsup.dll

20:16:20.0031 0x05c0  C:\WINDOWS\system32\bcm1xsup.dll - ok

20:16:20.0031 0x05c0  [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll

20:16:20.0031 0x05c0  C:\WINDOWS\system32\cfgmgr32.dll - ok

20:16:20.0046 0x05c0  [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll

20:16:20.0046 0x05c0  C:\WINDOWS\system32\powrprof.dll - ok

20:16:20.0046 0x05c0  [ 4DF537A09034434EA9481B88AB1D3C25, 0628922DDA8E170E013F66D7D1EC03EAED2AF366BF4CFCDDDC6A5B8552784A36 ] C:\WINDOWS\system32\bcmwlpkt.dll

20:16:20.0046 0x05c0  C:\WINDOWS\system32\bcmwlpkt.dll - ok

20:16:20.0062 0x05c0  [ 1B7524806D0270B81360C63A2FA047CB, CEEF5AA7F9E6504BCE15B72B29DBEE6430370BAA6A52F82CF4F2857568D11709 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll

20:16:20.0062 0x05c0  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll - ok

20:16:20.0078 0x05c0  [ 89A1EE0C4046375B4B9E0B010C90C802, 51D54DA31E30487E73B50F482F1A04F273BC812F3AB2C415D09CB44956097E11 ] C:\WINDOWS\system32\iertutil.dll

20:16:20.0078 0x05c0  C:\WINDOWS\system32\iertutil.dll - ok

20:16:20.0078 0x05c0  [ E1F3AB2CC3521E68F242FB4D60C52AE3, D0257BC92AD0673929544FB994FEB047399D911090727D54180D897AE853BD6F ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll

20:16:20.0078 0x05c0  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll - ok

20:16:20.0093 0x05c0  [ 514D3441E48571E748D1F28B5472B4D6, 3913694D2A91E1251C98599F7A41D9A56C73AE0A23A2E47E480E1D71396DD936 ] C:\WINDOWS\system32\BCMLogon.dll

20:16:20.0093 0x05c0  C:\WINDOWS\system32\BCMLogon.dll - ok

20:16:20.0093 0x05c0  [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll

20:16:20.0093 0x05c0  C:\WINDOWS\system32\activeds.dll - ok

20:16:20.0109 0x05c0  [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll

20:16:20.0109 0x05c0  C:\WINDOWS\system32\mprapi.dll - ok

20:16:20.0125 0x05c0  [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll

20:16:20.0125 0x05c0  C:\WINDOWS\system32\adsldpc.dll - ok

20:16:20.0125 0x05c0  [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll

20:16:20.0125 0x05c0  C:\WINDOWS\system32\rasapi32.dll - ok

20:16:20.0125 0x05c0  [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll

20:16:20.0125 0x05c0  C:\WINDOWS\system32\rasman.dll - ok

20:16:20.0140 0x05c0  [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll

20:16:20.0140 0x05c0  C:\WINDOWS\system32\tapi32.dll - ok

20:16:20.0140 0x05c0  [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll

20:16:20.0140 0x05c0  C:\WINDOWS\system32\wsock32.dll - ok

20:16:20.0156 0x05c0  [ 9090454E6772F7CFBCE240BF4DC5F7E8, A532044DFD1FA6463516125EA74C250762DE4DACBE613F8AD2FF72D50C0B9585 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll

20:16:20.0156 0x05c0  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll - ok

20:16:20.0171 0x05c0  [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll

20:16:20.0171 0x05c0  C:\WINDOWS\system32\riched20.dll - ok

20:16:20.0171 0x05c0  [ A7E06854EA2A20AEE8EC32BD8C754298, C23ACA5939C29C59B0BD6DF247650F0B640E675A759D6C6484D9710BC923515A ] C:\WINDOWS\system32\mpnotify.exe

20:16:20.0171 0x05c0  C:\WINDOWS\system32\mpnotify.exe - ok

20:16:20.0187 0x05c0  [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll

20:16:20.0187 0x05c0  C:\WINDOWS\system32\raschap.dll - ok

20:16:20.0187 0x05c0  [ 33278EA981214874018C8CE14847D219, 1F0FB1CDD494DC918D4909C09874B7A7C6296DD6103DE61B3DB2FFE931C97B5A ] C:\WINDOWS\system32\wltrynt.dll

20:16:20.0187 0x05c0  C:\WINDOWS\system32\wltrynt.dll - ok

20:16:20.0187 0x05c0  [ 3C7DEF3CBBCA6284867AA4621D5D8A54, DB18738202DCDA842DCE505ECD0B858D7B4C55886CAC29827305F0DC3839143A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll

20:16:20.0187 0x05c0  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll - ok

20:16:20.0218 0x05c0  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll

20:16:20.0218 0x05c0  C:\WINDOWS\system32\es.dll - ok

20:16:20.0218 0x05c0  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] C:\WINDOWS\system32\schedsvc.dll

20:16:20.0218 0x05c0  C:\WINDOWS\system32\schedsvc.dll - ok

20:16:20.0234 0x05c0  [ E47E364C96467FD54FA44D59F927C3AB, D48C377A7ACF805C413D4618A099A50BE6724E8996C151B00DEAFD27CA935183 ] C:\WINDOWS\system32\msidle.dll

20:16:20.0234 0x05c0  C:\WINDOWS\system32\msidle.dll - ok

20:16:20.0234 0x05c0  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] C:\WINDOWS\system32\spoolsv.exe

20:16:20.0234 0x05c0  C:\WINDOWS\system32\spoolsv.exe - ok

20:16:20.0234 0x05c0  [ 12898D947CFCB36CB7A43E8F86A53CBC, 3CBE403C58D257243B351CA0618D761546B17693CD34446D8524D6A31C252227 ] C:\Program Files\IDT\DellXPM09B_6017v022\WDM\stacsv.exe

20:16:20.0234 0x05c0  C:\Program Files\IDT\DellXPM09B_6017v022\WDM\stacsv.exe - ok

20:16:20.0250 0x05c0  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] C:\WINDOWS\system32\audiosrv.dll

20:16:20.0250 0x05c0  C:\WINDOWS\system32\audiosrv.dll - ok

20:16:20.0265 0x05c0  [ 4D83ED8BDDEC431FC8AD907B47CFB6E3, 4687B8DD40CA9B83AA5CE1268F62476EBA886C10CC8B7B5AB716E4C56AF1EEAF ] C:\WINDOWS\system32\dsound.dll

20:16:20.0265 0x05c0  C:\WINDOWS\system32\dsound.dll - ok

20:16:20.0281 0x05c0  [ 79E3A8C328E7E569C32B0998377D9742, F5854956E452AD663004679BBDF8B006695B69C8962534CD243193F04F294DF3 ] C:\WINDOWS\system32\spoolss.dll

20:16:20.0281 0x05c0  C:\WINDOWS\system32\spoolss.dll - ok

20:16:20.0281 0x05c0  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] C:\WINDOWS\system32\drivers\wdmaud.sys

20:16:20.0281 0x05c0  C:\WINDOWS\system32\drivers\wdmaud.sys - ok

20:16:20.0281 0x05c0  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4, C095D8A3A1CEAD1D78B0EE17B982718CDF4B3FE1F86D9D273875B8C1893C981B ] C:\WINDOWS\system32\wdmaud.drv

20:16:20.0281 0x05c0  C:\WINDOWS\system32\wdmaud.drv - ok

20:16:20.0296 0x05c0  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] C:\WINDOWS\system32\drivers\sysaudio.sys

20:16:20.0296 0x05c0  C:\WINDOWS\system32\drivers\sysaudio.sys - ok

20:16:20.0328 0x05c0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] C:\WINDOWS\system32\drivers\aec.sys

20:16:20.0328 0x05c0  C:\WINDOWS\system32\drivers\aec.sys - ok

20:16:20.0328 0x05c0  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] C:\WINDOWS\system32\drivers\splitter.sys

20:16:20.0328 0x05c0  C:\WINDOWS\system32\drivers\splitter.sys - ok

20:16:20.0328 0x05c0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] C:\WINDOWS\system32\drivers\DMusic.sys

20:16:20.0328 0x05c0  C:\WINDOWS\system32\drivers\DMusic.sys - ok

20:16:20.0375 0x05c0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] C:\WINDOWS\system32\drivers\kmixer.sys

20:16:20.0375 0x05c0  C:\WINDOWS\system32\drivers\kmixer.sys - ok

20:16:20.0375 0x05c0  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] C:\WINDOWS\system32\drivers\swmidi.sys

20:16:20.0375 0x05c0  C:\WINDOWS\system32\drivers\swmidi.sys - ok

20:16:20.0390 0x05c0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] C:\WINDOWS\system32\drivers\drmkaud.sys

20:16:20.0390 0x05c0  C:\WINDOWS\system32\drivers\drmkaud.sys - ok

20:16:20.0421 0x05c0  [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll

20:16:20.0421 0x05c0  C:\WINDOWS\system32\cscui.dll - ok

20:16:20.0421 0x05c0  [ 9A3BD5F55AADFF859539142F6328A66E, B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ] C:\WINDOWS\system32\msacm32.drv

20:16:20.0421 0x05c0  C:\WINDOWS\system32\msacm32.drv - ok

20:16:20.0437 0x05c0  [ 6C26DCF01E2A92F183B97D434017268A, 0863B9AE37002CA3E1034A7FBDE80C3D0E4469A4561140EDE42EDD947E61DBD3 ] C:\WINDOWS\system32\dpcdll.dll

20:16:20.0437 0x05c0  C:\WINDOWS\system32\dpcdll.dll - ok

20:16:20.0437 0x05c0  [ 5C12660A97822F6E61576943B49AAAD6, 621BE8E009DC95A8901F701F529ED98BD8E6D62D272AE0E1FAF69889A4D5633B ] C:\WINDOWS\system32\midimap.dll

20:16:20.0437 0x05c0  C:\WINDOWS\system32\midimap.dll - ok

20:16:20.0437 0x05c0  [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe

20:16:20.0437 0x05c0  C:\WINDOWS\system32\userinit.exe - ok

20:16:20.0484 0x05c0  [ B1296D52B0D2096EC4759EEEB806D759, 4F291E1513D5E79BD3EE54E644138468778A80D6C49DF01EA93E291897E433B5 ] C:\WINDOWS\system32\WgaTray.exe

20:16:20.0484 0x05c0  C:\WINDOWS\system32\WgaTray.exe - ok

20:16:20.0515 0x05c0  [ FE2571A8C9FFAB1D45502D6B0BF472AA, 1442FC0180B555BC4F9B97B9A0D7674F75E67A6F61B87A6D690A20AE7D1EF360 ] C:\WINDOWS\system32\xp_eos.exe

20:16:20.0515 0x05c0  C:\WINDOWS\system32\xp_eos.exe - ok

20:16:20.0531 0x05c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files\Google\Update\GoogleUpdate.exe

20:16:20.0531 0x05c0  C:\Program Files\Google\Update\GoogleUpdate.exe - ok

20:16:20.0546 0x05c0  [ 77E585EDD4C7EB7AB2ACC36BC1DC32A5, 57BF4D683CA66AAC2A4B7FEDF9F7FB254860BE77E1F4A6DD2C40410783B5C113 ] C:\Program Files\Google\Update\1.3.24.15\goopdate.dll

20:16:20.0546 0x05c0  C:\Program Files\Google\Update\1.3.24.15\goopdate.dll - ok

20:16:20.0546 0x05c0  [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe

20:16:20.0546 0x05c0  C:\WINDOWS\explorer.exe - ok

20:16:20.0578 0x05c0  [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll

20:16:20.0578 0x05c0  C:\WINDOWS\system32\msi.dll - ok

20:16:20.0578 0x05c0  [ 8F372758B7BE88B05384E1BB375ECC97, 36D5ED4D11702754CA37B10EE9727A13AC5C7FF9ECC1A9A86F985B1CC927A3DE ] C:\WINDOWS\system32\stacapi.dll

20:16:20.0578 0x05c0  C:\WINDOWS\system32\stacapi.dll - ok

20:16:20.0593 0x05c0  [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll

20:16:20.0593 0x05c0  C:\WINDOWS\system32\dbghelp.dll - ok

20:16:20.0593 0x05c0  [ DEFEE5DEDD20C1E15532E88D5A4F7C96, 54072A5EA16A8D11602BABB9C04BD02BEF060498F461C7E7313CF6D07B9FDF9D ] C:\WINDOWS\system32\browseui.dll

20:16:20.0593 0x05c0  C:\WINDOWS\system32\browseui.dll - ok

20:16:20.0625 0x05c0  [ 397D14958D6C9C2B365469A857B2AC4E, 1465D7DC50A27A2C75FFC477E8A453B0884D1E298F804233483B63A47634B7EA ] C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe

20:16:20.0625 0x05c0  C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe - ok

20:16:20.0625 0x05c0  [ 4044E880593FE1AC9942190FCE414BE7, 1EBD42F10592D57A2C8562C641461DE5288D9E900FE91A4A1800C9AB9034F2CD ] C:\WINDOWS\system32\mstask.dll

20:16:20.0625 0x05c0  C:\WINDOWS\system32\mstask.dll - ok

20:16:20.0640 0x05c0  [ 5E283C987ED4BB42323A3C722EEBC081, A755136C7C8D16086D66163C638F5513EE01AA4D5E021FEFF617618FA04E19EE ] C:\WINDOWS\system32\shdocvw.dll

20:16:20.0640 0x05c0  C:\WINDOWS\system32\shdocvw.dll - ok

20:16:20.0640 0x05c0  [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl

20:16:20.0640 0x05c0  C:\WINDOWS\system32\desk.cpl - ok

20:16:20.0656 0x05c0  [ 9D57165906778C9E5E0ECB34B311564B, E158E54ED63C1A1DB67FA3A4E67F1CE6934F9861D4B7DCD5F111AB47C9EEC0FE ] C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe

20:16:20.0656 0x05c0  C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe - ok

20:16:20.0671 0x05c0  [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll

20:16:20.0671 0x05c0  C:\WINDOWS\system32\themeui.dll - ok

20:16:20.0671 0x05c0  [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll

20:16:20.0671 0x05c0  C:\WINDOWS\system32\actxprxy.dll - ok

20:16:20.0687 0x05c0  [ 52BB39F178067AC9ADE44F2130D155DF, 212CBD0ACCDC8393A05A7F66055066C3643D517C50D788FE8B884A0FC0BFD4ED ] C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\CVUsrIfc.dll

20:16:20.0687 0x05c0  C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\CVUsrIfc.dll - ok

20:16:20.0718 0x05c0  [ E31E97859DEEE648D5867EADFBDBF25A, A0874F1B7B21CBAC76F7632DC60F5E233719194BB3E06A5AE816663AA6CFFF71 ] C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe

20:16:20.0718 0x05c0  C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe - ok

20:16:20.0718 0x05c0  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] C:\WINDOWS\system32\scardsvr.exe

20:16:20.0718 0x05c0  C:\WINDOWS\system32\scardsvr.exe - ok

20:16:20.0718 0x05c0  [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll

20:16:20.0718 0x05c0  C:\WINDOWS\system32\cryptnet.dll - ok

20:16:20.0734 0x05c0  [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll

20:16:20.0734 0x05c0  C:\WINDOWS\system32\sensapi.dll - ok

20:16:20.0750 0x05c0  [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll

20:16:20.0750 0x05c0  C:\WINDOWS\system32\winhttp.dll - ok

20:16:20.0765 0x05c0  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] C:\WINDOWS\system32\drivers\parport.sys

20:16:20.0765 0x05c0  C:\WINDOWS\system32\drivers\parport.sys - ok

20:16:20.0781 0x05c0  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll

20:16:20.0781 0x05c0  C:\WINDOWS\system32\wkssvc.dll - ok

20:16:20.0781 0x05c0  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] C:\WINDOWS\system32\drivers\serial.sys

20:16:20.0781 0x05c0  C:\WINDOWS\system32\drivers\serial.sys - ok

20:16:20.0796 0x05c0  [ CC26451A90025F6C55F64146C333DEA5, D03CED69EEA39C6F97FBC7DC3558D52EE43EE7DE6FDC4DC8AEC57B09D64A8C82 ] C:\WINDOWS\system32\LegitCheckControl.dll

20:16:20.0796 0x05c0  C:\WINDOWS\system32\LegitCheckControl.dll - ok

20:16:20.0812 0x05c0  [ 6D778E0F95447E6546553EEEA709D03C, 62ABED7D45040381BBCED97EA7B6C697B418448FD3322FD4BFB2BBFDB6155EB4 ] C:\WINDOWS\system32\cmd.exe

20:16:20.0812 0x05c0  C:\WINDOWS\system32\cmd.exe - ok

20:16:20.0828 0x05c0  [ FA4A79DBB0E3CA56E1F0B1FD372559A8, 87BBE8A70DB7C1E3F3A9F42112D5D3A81645FB23A4120DFB926AF7D089ACA462 ] C:\WINDOWS\system32\ieframe.dll

20:16:20.0828 0x05c0  C:\WINDOWS\system32\ieframe.dll - ok

20:16:20.0859 0x05c0  [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll

20:16:20.0859 0x05c0  C:\WINDOWS\system32\wbem\wbemprox.dll - ok

20:16:20.0875 0x05c0  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll

20:16:20.0875 0x05c0  C:\WINDOWS\system32\dmserver.dll - ok

20:16:20.0875 0x05c0  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] C:\WINDOWS\system32\qmgr.dll

20:16:20.0875 0x05c0  C:\WINDOWS\system32\qmgr.dll - ok

20:16:20.0875 0x05c0  [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll

20:16:20.0875 0x05c0  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok

20:16:20.0906 0x05c0  [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll

20:16:20.0906 0x05c0  C:\WINDOWS\system32\certcli.dll - ok

20:16:20.0921 0x05c0  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll

20:16:20.0921 0x05c0  C:\WINDOWS\system32\cryptsvc.dll - ok

20:16:20.0921 0x05c0  [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll

20:16:20.0921 0x05c0  C:\WINDOWS\system32\shfolder.dll - ok

20:16:20.0937 0x05c0  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] C:\WINDOWS\system32\ersvc.dll

20:16:20.0937 0x05c0  C:\WINDOWS\system32\ersvc.dll - ok

20:16:20.0937 0x05c0  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll

20:16:20.0937 0x05c0  C:\WINDOWS\system32\netman.dll - ok

20:16:20.0953 0x05c0  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll

20:16:20.0953 0x05c0  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok

20:16:20.0984 0x05c0  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] C:\WINDOWS\system32\hidserv.dll

20:16:20.0984 0x05c0  C:\WINDOWS\system32\hidserv.dll - ok

20:16:21.0000 0x05c0  [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll

20:16:21.0000 0x05c0  C:\WINDOWS\system32\netshell.dll - ok

20:16:21.0000 0x05c0  [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll

20:16:21.0000 0x05c0  C:\WINDOWS\system32\credui.dll - ok

20:16:21.0031 0x05c0  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll

20:16:21.0031 0x05c0  C:\WINDOWS\system32\dot3dlg.dll - ok

20:16:21.0031 0x05c0  [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll

20:16:21.0031 0x05c0  C:\WINDOWS\system32\eappcfg.dll - ok

20:16:21.0046 0x05c0  [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll

20:16:21.0046 0x05c0  C:\WINDOWS\system32\eappprxy.dll - ok

20:16:21.0046 0x05c0  [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll

20:16:21.0046 0x05c0  C:\WINDOWS\system32\onex.dll - ok

20:16:21.0062 0x05c0  [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll

20:16:21.0062 0x05c0  C:\WINDOWS\system32\wzcsapi.dll - ok

20:16:21.0078 0x05c0  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

20:16:21.0078 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe - ok

20:16:21.0093 0x05c0  [ 8973122796E3B5D6B5900FC186E55FEA, 350120A20F8591C27E68A5903E3175DD3F4F85BA2FF1F8B6E1D3B3758B5B509D ] C:\WINDOWS\system32\hid.dll

20:16:21.0093 0x05c0  C:\WINDOWS\system32\hid.dll - ok

20:16:21.0093 0x05c0  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll

20:16:21.0093 0x05c0  C:\WINDOWS\system32\srvsvc.dll - ok

20:16:21.0109 0x05c0  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys

20:16:21.0109 0x05c0  C:\WINDOWS\system32\drivers\srv.sys - ok

20:16:21.0109 0x05c0  [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll

20:16:21.0109 0x05c0  C:\WINDOWS\system32\netmsg.dll - ok

20:16:21.0125 0x05c0  [ 9B48E38C35F08FA831B387A0B27C40AA, A36F22314DC6D183DE1853FCAB4ED8A9C7A851B62F34A7DD5E059B6485B34C2C ] C:\Program Files\Malwarebytes Anti-Malware\mbamsrv.dll

20:16:21.0125 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\mbamsrv.dll - ok

20:16:21.0140 0x05c0  [ 30490EED6A1E20E8259C0B9C58F488FE, C8CE687EFFED31AD75D79A52D49E83F39BEE5FD9A1A67EC586BA930650A73D6C ] C:\Program Files\Malwarebytes Anti-Malware\QtCore4.dll

20:16:21.0140 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\QtCore4.dll - ok

20:16:21.0140 0x05c0  [ E4B829081E639E42985853BAE754A53D, C94E8E6CE2999ED05D6738A2498F1FD521CE68466CDD3EDC3DDAD71278497879 ] C:\Program Files\Malwarebytes Anti-Malware\msvcp100.dll

20:16:21.0140 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\msvcp100.dll - ok

20:16:21.0156 0x05c0  [ 80FCEDBE920E9CBE30D9D3665BD6EFED, 5BCA95D4EADADE3046F5F95F9FAD97DF585638B49CCA2184BD0157AE374727C8 ] C:\Program Files\Malwarebytes Anti-Malware\msvcr100.dll

20:16:21.0156 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\msvcr100.dll - ok

20:16:21.0171 0x05c0  [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll

20:16:21.0171 0x05c0  C:\WINDOWS\system32\mlang.dll - ok

20:16:21.0187 0x05c0  [ 566382CA5F2C41FEAEEEFAC908F1EB92, FF25ACB5CC757F6D7FE8724EDAC16A36332406AF39745C45858AB24CAF24AC48 ] C:\WINDOWS\system32\xmlprovi.dll

20:16:21.0187 0x05c0  C:\WINDOWS\system32\xmlprovi.dll - ok

20:16:21.0203 0x05c0  [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll

20:16:21.0203 0x05c0  C:\WINDOWS\system32\cabinet.dll - ok

20:16:21.0218 0x05c0  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

20:16:21.0218 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe - ok

20:16:21.0250 0x05c0  [ F722FA26739EAFCBD8D5F3829B632CD7, 8C7356AFF03748C4D565F3B6CBD4E289910253A3CA6CAE3A118F2C7E419CF649 ] C:\Program Files\Malwarebytes Anti-Malware\mbamcore.dll

20:16:21.0250 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\mbamcore.dll - ok

20:16:21.0265 0x05c0  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

20:16:21.0265 0x05c0  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok

20:16:21.0265 0x05c0  [ 332760FBA1655FCFD35BD6F4FD871300, 6C539FD14B9CF9423E305EAF60CB5C12CA0F7AEF571FB09BAF64E83F108B7F2D ] C:\WINDOWS\system32\ipsecsvc.dll

20:16:21.0265 0x05c0  C:\WINDOWS\system32\ipsecsvc.dll - ok

20:16:21.0281 0x05c0  [ 584C4DA856450CB22EBBE7A68CC6250F, 56030767CFD2DAFDAE8CC767DC1EED39DD2E6E42152BFAE7904C2C8826B2C3E2 ] C:\WINDOWS\system32\oakley.dll

20:16:21.0281 0x05c0  C:\WINDOWS\system32\oakley.dll - ok

20:16:21.0296 0x05c0  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] C:\Program Files\Skype\Updater\Updater.exe

20:16:21.0296 0x05c0  C:\Program Files\Skype\Updater\Updater.exe - ok

20:16:21.0312 0x05c0  [ 22D89D84E8E081CDA529DBF8C0255A38, 26863A2D27BE257D99EF28A612FC1B514558B27002EF10B0F682BC15C6D1CD74 ] C:\WINDOWS\system32\psbase.dll

20:16:21.0312 0x05c0  C:\WINDOWS\system32\psbase.dll - ok

20:16:21.0328 0x05c0  [ 853D0D0C6F02D7BFDF1CF99DD7553732, AC761B4CA518B787CB2C18101606E5F64245049D140C72B6B1112556DEC86B2E ] C:\WINDOWS\system32\pstorsvc.dll

20:16:21.0328 0x05c0  C:\WINDOWS\system32\pstorsvc.dll - ok

20:16:21.0343 0x05c0  [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll

20:16:21.0343 0x05c0  C:\WINDOWS\system32\winipsec.dll - ok

20:16:21.0343 0x05c0  [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll

20:16:21.0343 0x05c0  C:\WINDOWS\system32\dssenh.dll - ok

20:16:21.0359 0x05c0  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll

20:16:21.0359 0x05c0  C:\WINDOWS\system32\sens.dll - ok

20:16:21.0375 0x05c0  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] C:\WINDOWS\system32\seclogon.dll

20:16:21.0375 0x05c0  C:\WINDOWS\system32\seclogon.dll - ok

20:16:21.0375 0x05c0  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll

20:16:21.0375 0x05c0  C:\WINDOWS\system32\srsvc.dll - ok

20:16:21.0390 0x05c0  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] C:\WINDOWS\system32\trkwks.dll

20:16:21.0390 0x05c0  C:\WINDOWS\system32\trkwks.dll - ok

20:16:21.0421 0x05c0  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] C:\WINDOWS\system32\wiaservc.dll

20:16:21.0421 0x05c0  C:\WINDOWS\system32\wiaservc.dll - ok

20:16:21.0437 0x05c0  [ 4FBC630768570E6AC35C3DE8F6EC79F5, CF4E271683AA4AADF763A5B3081B8135C9D69F2C6D9DED9C3717B085A1BF14CF ] C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

20:16:21.0437 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\mbam.exe - ok

20:16:21.0437 0x05c0  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1, 502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ] C:\WINDOWS\system32\mscms.dll

20:16:21.0437 0x05c0  C:\WINDOWS\system32\mscms.dll - ok

20:16:21.0437 0x05c0  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll

20:16:21.0437 0x05c0  C:\WINDOWS\system32\wbem\wmisvc.dll - ok

20:16:21.0453 0x05c0  [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll

20:16:21.0453 0x05c0  C:\WINDOWS\system32\vssapi.dll - ok

20:16:21.0468 0x05c0  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll

20:16:21.0468 0x05c0  C:\WINDOWS\system32\browser.dll - ok

20:16:21.0468 0x05c0  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] C:\WINDOWS\system32\wuauserv.dll

20:16:21.0468 0x05c0  C:\WINDOWS\system32\wuauserv.dll - ok

20:16:21.0484 0x05c0  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\WINDOWS\system32\wuaueng.dll

20:16:21.0484 0x05c0  C:\WINDOWS\system32\wuaueng.dll - ok

20:16:21.0500 0x05c0  [ 39DD0C97932CDFDCF006569E1A942728, 6A93C95F328E60CC1D7051941EDFCDF3488099E567A6082F649D654F8033384D ] C:\WINDOWS\system32\wiavusd.dll

20:16:21.0500 0x05c0  C:\WINDOWS\system32\wiavusd.dll - ok

20:16:21.0515 0x05c0  [ D32C2A98859CB22D57A665F15F351E7D, CD50473C7DD0E57F2784B137F3490DF710BEEAA31E4961DCC90CF6A70632B481 ] C:\Program Files\Malwarebytes Anti-Malware\mbam.dll

20:16:21.0515 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\mbam.dll - ok

20:16:21.0515 0x05c0  [ 29ECDA17BA5E6D98430F698587569ACC, 9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll

20:16:21.0515 0x05c0  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok

20:16:21.0531 0x05c0  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll

20:16:21.0531 0x05c0  C:\WINDOWS\system32\ipnathlp.dll - ok

20:16:21.0546 0x05c0  [ B85E95679B5ADC12311BCD3F5385D623, 378D304CF408AE1928EF6290A5A9F2388920B55FD69382759B356B6A3FF94F3A ] C:\WINDOWS\system32\mspatcha.dll

20:16:21.0546 0x05c0  C:\WINDOWS\system32\mspatcha.dll - ok

20:16:21.0562 0x05c0  [ 15E21AA7D0C0C994CD565EEB96D13C20, 6B9AC59F8C17C639929E9BF911C20DA55459FA55F490E7E0CC284A9FBC077274 ] C:\Program Files\Malwarebytes Anti-Malware\QtGui4.dll

20:16:21.0562 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\QtGui4.dll - ok

20:16:21.0578 0x05c0  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] C:\WINDOWS\system32\wscsvc.dll

20:16:21.0578 0x05c0  C:\WINDOWS\system32\wscsvc.dll - ok

20:16:21.0593 0x05c0  [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll

20:16:21.0593 0x05c0  C:\WINDOWS\system32\wbem\wbemcore.dll - ok

20:16:21.0609 0x05c0  [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll

20:16:21.0609 0x05c0  C:\WINDOWS\system32\wbem\esscli.dll - ok

20:16:21.0625 0x05c0  [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll

20:16:21.0625 0x05c0  C:\WINDOWS\system32\wbem\fastprox.dll - ok

20:16:21.0640 0x05c0  [ ED0C0DF222209E43AD9AFBF3FE87DDE0, 927329F9244DA9F0074FA0D4C101EE793AFCF433155E58714C33444C5EF35014 ] C:\WINDOWS\system32\comsvcs.dll

20:16:21.0640 0x05c0  C:\WINDOWS\system32\comsvcs.dll - ok

20:16:21.0656 0x05c0  [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll

20:16:21.0656 0x05c0  C:\WINDOWS\system32\clusapi.dll - ok

20:16:21.0671 0x05c0  [ 690D97864735E8ECD87F55777E266690, 2098D2AADEF82C3EDD82FD6182C14568CDE1EF02205ED1EA4CB19252B74BB807 ] C:\WINDOWS\system32\colbact.dll

20:16:21.0671 0x05c0  C:\WINDOWS\system32\colbact.dll - ok

20:16:21.0671 0x05c0  [ 36795A645EAA47FE31D2A8F136A2C69B, D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ] C:\WINDOWS\system32\mtxclu.dll

20:16:21.0671 0x05c0  C:\WINDOWS\system32\mtxclu.dll - ok

20:16:21.0687 0x05c0  [ F51EBB6FC536A6B2D588FD668D3A8249, 6C22B5FBE3F721025879447B006EC5A343D482A87E23674B5A3BB43983AB328E ] C:\WINDOWS\system32\resutils.dll

20:16:21.0687 0x05c0  C:\WINDOWS\system32\resutils.dll - ok

20:16:21.0718 0x05c0  [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll

20:16:21.0718 0x05c0  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok

20:16:21.0718 0x05c0  [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\WINDOWS\system32\wups.dll

20:16:21.0718 0x05c0  C:\WINDOWS\system32\wups.dll - ok

20:16:21.0734 0x05c0  [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll

20:16:21.0734 0x05c0  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok

20:16:21.0750 0x05c0  [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll

20:16:21.0750 0x05c0  C:\WINDOWS\system32\wbem\wmiutils.dll - ok

20:16:21.0750 0x05c0  [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\WINDOWS\system32\wups2.dll

20:16:21.0750 0x05c0  C:\WINDOWS\system32\wups2.dll - ok

20:16:21.0765 0x05c0  [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll

20:16:21.0765 0x05c0  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok

20:16:21.0781 0x05c0  [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll

20:16:21.0781 0x05c0  C:\WINDOWS\system32\wbem\wbemess.dll - ok

20:16:21.0781 0x05c0  [ D7588D42E29080C32A003BEE465160D8, 03C23580F133C976A93F0BB5088E811BC2EC8AEB20A81FE54C9ED608B010C506 ] C:\Program Files\Malwarebytes Anti-Malware\QtNetwork4.dll

20:16:21.0781 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\QtNetwork4.dll - ok

20:16:21.0781 0x05c0  [ 2E0B0A051FFAA86E358465BB0880D453, 493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ] C:\WINDOWS\system32\wuauclt.exe

20:16:21.0781 0x05c0  C:\WINDOWS\system32\wuauclt.exe - ok

20:16:21.0812 0x05c0  [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll

20:16:21.0812 0x05c0  C:\WINDOWS\system32\wbem\ncprov.dll - ok

20:16:21.0828 0x05c0  [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\WINDOWS\system32\wuapi.dll

20:16:21.0828 0x05c0  C:\WINDOWS\system32\wuapi.dll - ok

20:16:21.0843 0x05c0  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll

20:16:21.0843 0x05c0  C:\WINDOWS\system32\termsrv.dll - ok

20:16:21.0843 0x05c0  [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll

20:16:21.0843 0x05c0  C:\WINDOWS\system32\wbem\wbemcons.dll - ok

20:16:21.0843 0x05c0  [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll

20:16:21.0843 0x05c0  C:\WINDOWS\system32\icaapi.dll - ok

20:16:21.0859 0x05c0  [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll

20:16:21.0859 0x05c0  C:\WINDOWS\system32\mstlsapi.dll - ok

20:16:21.0875 0x05c0  [ 058710B720282CA82B909912D3EF28DB, 97535E75CA6A77E6BCB81216B0FB383024709539727FD656DF6AFD33A50CAD04 ] C:\WINDOWS\regedit.exe

20:16:21.0875 0x05c0  C:\WINDOWS\regedit.exe - ok

20:16:21.0875 0x05c0  [ 96A0066AB9872D3575575A463C53FF6C, 939C2C4D5043B4A9A4D531B072F4344F0B84FA1D7840B810344B2773EB420CAE ] C:\WINDOWS\system32\aclui.dll

20:16:21.0875 0x05c0  C:\WINDOWS\system32\aclui.dll - ok

20:16:21.0890 0x05c0  [ 751068D5D0ECD64A4810379729A1F0BC, 55D2F6F32513349C3BCA5E06B719B03A56577A23CB30CC1BC5E848DE2D456FD7 ] C:\WINDOWS\system32\ulib.dll

20:16:21.0890 0x05c0  C:\WINDOWS\system32\ulib.dll - ok

20:16:21.0906 0x05c0  [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe

20:16:21.0906 0x05c0  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok

20:16:21.0906 0x05c0  [ 37461F2C3F212CF508A20FDC729ABDE5, 258FAC009860CBD148787B7C771E79DA45463704F4167A78796EFF84106CDFDA ] C:\WINDOWS\system32\clb.dll

20:16:21.0906 0x05c0  C:\WINDOWS\system32\clb.dll - ok

20:16:21.0921 0x05c0  [ 6895427873D6C37A6D6DA7C3DB37DA14, 199E55B171752B32E172913BDD79D86E7298C7C6B838F871E937B5E1DF8C59F4 ] C:\WINDOWS\system32\licwmi.dll

20:16:21.0921 0x05c0  C:\WINDOWS\system32\licwmi.dll - ok

20:16:21.0921 0x05c0  [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll

20:16:21.0921 0x05c0  C:\WINDOWS\system32\wbem\framedyn.dll - ok

20:16:21.0937 0x05c0  [ A693A49A67673F2C8D76797EA9A628D0, 479B6AE531EACC2A8C1B6BDE2AC1F6938753105790B0F04F81477F4CCD1C276E ] C:\WINDOWS\system32\licdll.dll

20:16:21.0937 0x05c0  C:\WINDOWS\system32\licdll.dll - ok

20:16:21.0937 0x05c0  [ E59F533C26C8375CD120B4791482217E, FFF66E33DB80C549BD77FAC31FA54C0C5FBD505E2BCE7DDB10B873EA4471D55F ] C:\Program Files\Malwarebytes Anti-Malware\imageformats\qgif4.dll

20:16:21.0937 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\imageformats\qgif4.dll - ok

20:16:21.0968 0x05c0  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9, 8CF9C8882C1DF59E51E2D65425C595E1C37005E6F94C47EBCDEBFF991788C162 ] C:\WINDOWS\system32\msxml6.dll

20:16:21.0968 0x05c0  C:\WINDOWS\system32\msxml6.dll - ok

20:16:21.0968 0x05c0  [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll

20:16:21.0968 0x05c0  C:\WINDOWS\system32\wbem\cimwin32.dll - ok

20:16:21.0968 0x05c0  [ FBDB9D0935B9907B809B381FDDF1627F, 3DD8FE2C7EA108C22979968F5694BD56C35BEA0B63A55965BB16AE3E5C5348EB ] C:\WINDOWS\system32\regsvr32.exe

20:16:21.0968 0x05c0  C:\WINDOWS\system32\regsvr32.exe - ok

20:16:21.0984 0x05c0  [ 1BE09650974C36D9B2A890EEA0C338C3, F2E0D0967EC984EFAFC38D01060BCCBBB9F64B68A8E47C89E3693524F594216D ] C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll

20:16:21.0984 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll - ok

20:16:22.0000 0x05c0  [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll

20:16:22.0000 0x05c0  C:\WINDOWS\system32\ntshrui.dll - ok

20:16:22.0015 0x05c0  [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

20:16:22.0015 0x05c0  C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys - ok

20:16:22.0031 0x05c0  [ 9F522B2708CAB181C0F137ABBCD1DE2E, 498B73A45A4301C8045109621E0831DA806C4D3AEDED63DF81979D36D0284BA7 ] C:\Program Files\Malwarebytes Anti-Malware\7z.dll

20:16:22.0031 0x05c0  C:\Program Files\Malwarebytes Anti-Malware\7z.dll - ok

20:16:22.0031 0x05c0  [ 5D43C9A33F18C707BA169AFDA88BDF30, 6796891360B4731B4F165300BD9FAC9A2A4C54E8CFF86DEC8036D3765AE4D9A3 ] C:\WINDOWS\system32\fltlib.dll

20:16:22.0031 0x05c0  C:\WINDOWS\system32\fltlib.dll - ok

20:16:22.0031 0x05c0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] C:\WINDOWS\system32\drivers\ipfltdrv.sys

20:16:22.0031 0x05c0  C:\WINDOWS\system32\drivers\ipfltdrv.sys - ok

20:16:22.0062 0x05c0  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] C:\WINDOWS\system32\alg.exe

20:16:22.0062 0x05c0  C:\WINDOWS\system32\alg.exe - ok

20:16:22.0078 0x05c0  [ 5677DFE438EC1F009273FC84FEED6B10, 44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ] C:\WINDOWS\system32\localspl.dll

20:16:22.0078 0x05c0  C:\WINDOWS\system32\localspl.dll - ok

20:16:22.0078 0x05c0  [ 5D3D1AB0EF4EA55B731863050482C111, 8713DAA48DBC5FDF95BE993863BEE669BBB4026347DC575D72F520F423EE21BA ] C:\WINDOWS\system32\cnbjmon.dll

20:16:22.0078 0x05c0  C:\WINDOWS\system32\cnbjmon.dll - ok

20:16:22.0078 0x05c0  [ CF0376023360AADD55C89BA50564AFDC, C34320B40645DEA817852AAB63C76F40C18F563EB2760A9D191047A2B6C73973 ] C:\WINDOWS\system32\mdimon.dll

20:16:22.0078 0x05c0  C:\WINDOWS\system32\mdimon.dll - ok

20:16:22.0093 0x05c0  [ 222DE7F5EDB9DDBE628384A1A8BE59CE, 063AF8C6C251961ABC93A8E8A07DB9B9582CD1812CA3BB297FAFDF0AD3E5B4CC ] C:\WINDOWS\system32\pjlmon.dll

20:16:22.0093 0x05c0  C:\WINDOWS\system32\pjlmon.dll - ok

20:16:22.0109 0x05c0  [ AE0382AD9C73D343D85E1A50C80B7C20, 7477A5A33C0ACF80BE73F0169893A7D53AF8ABC514FCE190A6ACC677092E5A55 ] C:\WINDOWS\system32\tcpmon.dll

20:16:22.0109 0x05c0  C:\WINDOWS\system32\tcpmon.dll - ok

20:16:22.0125 0x05c0  [ F26385E8BA4549B5186B774EC0E45D86, 0BA8CA4C06918690EA68678CA5887F1B7E2B0976C99BDFAF99CC1C99F3E300A0 ] C:\WINDOWS\system32\usbmon.dll

20:16:22.0125 0x05c0  C:\WINDOWS\system32\usbmon.dll - ok

20:16:22.0125 0x05c0  [ 58E13A2292839321D3CDC918D5A4F5AE, BC5978187A50AC886E30092904407F14B7BCFA997093989D20DB61EE6BA963E2 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

20:16:22.0125 0x05c0  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok

20:16:22.0140 0x05c0  [ EEE7F12D9FF46F68FBC0DA059A359E9E, 1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

20:16:22.0140 0x05c0  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok

20:16:22.0140 0x05c0  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C, 7123FC923BA4C3DD3EDFE9F8936442C4CCE7757D370AB799B0B5668223B965EE ] C:\WINDOWS\system32\win32spl.dll

20:16:22.0140 0x05c0  C:\WINDOWS\system32\win32spl.dll - ok

20:16:22.0140 0x05c0  [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll

20:16:22.0140 0x05c0  C:\WINDOWS\system32\netrap.dll - ok

20:16:22.0156 0x05c0  [ EE4C651A217B01D636B5364AC77DA892, E40C7DD39234673A3BA8FD87C189653C391E326ECB3E8011B5020BB9D78F56D0 ] C:\WINDOWS\system32\inetpp.dll

20:16:22.0156 0x05c0  C:\WINDOWS\system32\inetpp.dll - ok

20:16:22.0171 0x05c0  [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll

20:16:22.0171 0x05c0  C:\WINDOWS\system32\netcfgx.dll - ok

20:16:22.0187 0x05c0  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll

20:16:22.0187 0x05c0  C:\WINDOWS\system32\rasmans.dll - ok

20:16:22.0187 0x05c0  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] C:\WINDOWS\system32\tapisrv.dll

20:16:22.0187 0x05c0  C:\WINDOWS\system32\tapisrv.dll - ok

20:16:22.0203 0x05c0  [ 5F7692CEC90E2E9AA32CD58321E234B8, 0F76BD005B6FC51EE8B2D167C5E792947F8A8FF1A4FBC7F9CB3572BEAFC12639 ] C:\WINDOWS\system32\rastapi.dll

20:16:22.0203 0x05c0  C:\WINDOWS\system32\rastapi.dll - ok

20:16:22.0218 0x05c0  [ AACE07FE34FADDDF973CE068A6424957, A14DC612762F56EE3CF9FBDF58E9476400F2CD9513319AD90E3818B2DB9F4580 ] C:\WINDOWS\system32\unimdm.tsp

20:16:22.0218 0x05c0  C:\WINDOWS\system32\unimdm.tsp - ok

20:16:22.0218 0x05c0  [ 995252FCC4692B5B97EE17D596C9386E, E0EC754ADC0976BCF88C4777E788A67844428DF0B828D8EE7B8A039C763DFFDD ] C:\WINDOWS\system32\uniplat.dll

20:16:22.0218 0x05c0  C:\WINDOWS\system32\uniplat.dll - ok

20:16:22.0234 0x05c0  [ 76EC97C5068D3D9FAA7774B0F659D31A, 4E2EF0DC0B05187A6154D4D672B7530E14103D7D1EDF1BDE960F9B988B5EC41F ] C:\WINDOWS\system32\kmddsp.tsp

20:16:22.0234 0x05c0  C:\WINDOWS\system32\kmddsp.tsp - ok

20:16:22.0234 0x05c0  [ 4589963D84F2984FA5949A72162BA4F4, BC927EC7D0EBDBD2B4780D892D41739840DD31B0FF8C79013014925F52860808 ] C:\WINDOWS\system32\ndptsp.tsp

20:16:22.0234 0x05c0  C:\WINDOWS\system32\ndptsp.tsp - ok

20:16:22.0234 0x05c0  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8, 7E3A0204FCDD5DFFB3B352451232DD86F8298F83918533D874C122A2EF29081B ] C:\WINDOWS\system32\ipconf.tsp

20:16:22.0234 0x05c0  C:\WINDOWS\system32\ipconf.tsp - ok

20:16:22.0265 0x05c0  [ 8BC2B02DC11C98D14CEE43B8E8393FF3, 1314C33E2E5F11B361CF1E88884B2A9862F8BAB1C498F48DC4C49ACDB28D4732 ] C:\WINDOWS\system32\h323.tsp

20:16:22.0265 0x05c0  C:\WINDOWS\system32\h323.tsp - ok

20:16:22.0265 0x05c0  [ 6B552ED3BEE5AA3C4560478FF779BA98, 1778F0B7200F93EB255E1F215BB5FBEAA0DBF63BC60B286D76120F8A787995C4 ] C:\WINDOWS\system32\hidphone.tsp

20:16:22.0265 0x05c0  C:\WINDOWS\system32\hidphone.tsp - ok

20:16:22.0281 0x05c0  [ D0545A010ED2259A740C8414899A938F, 5E6FD116C6F65241A075E4469C5AD1967B8D66DE11E223F7A3F00139FB0160C3 ] C:\WINDOWS\system32\rasppp.dll

20:16:22.0281 0x05c0  C:\WINDOWS\system32\rasppp.dll - ok

20:16:22.0281 0x05c0  [ B464BD425D5D09ABE4192234D1577B22, DF7333CAF299A18DEA43ACEF0A6D8C3F79918D1B3FCE437FDED6B54F95C106B9 ] C:\WINDOWS\system32\ntlsapi.dll

20:16:22.0281 0x05c0  C:\WINDOWS\system32\ntlsapi.dll - ok

20:16:22.0281 0x05c0  [ A655C88AA555BB8EF8957BD29408827F, 6CD48D32D1DFF68FEED5CC20D0DE12729101381EB8A6774408566C14E0B18FFB ] C:\WINDOWS\system32\rasqec.dll

20:16:22.0281 0x05c0  C:\WINDOWS\system32\rasqec.dll - ok

20:16:22.0281 0x05c0  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{5B8F965A-80B7-43A1-960B-8F194E1B504C}.exe

20:16:22.0281 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{5B8F965A-80B7-43A1-960B-8F194E1B504C}.exe - ok

20:16:22.0296 0x05c0  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{EB0A25B4-7BEA-41CF-863A-F5141DFD50F8}.tmp

20:16:22.0296 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{EB0A25B4-7BEA-41CF-863A-F5141DFD50F8}.tmp - ok

20:16:22.0312 0x05c0  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{3FF67475-5323-482D-BFF3-44763D8FBB7B}.tmp

20:16:22.0312 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{3FF67475-5323-482D-BFF3-44763D8FBB7B}.tmp - ok

20:16:22.0328 0x05c0  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{07174FB2-B303-4577-BA58-DB4E02115117}.tmp

20:16:22.0328 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{07174FB2-B303-4577-BA58-DB4E02115117}.tmp - ok

20:16:22.0343 0x05c0  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{1D9DD7A8-A695-4DBD-8919-B177F659D80D}.tmp

20:16:22.0343 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{1D9DD7A8-A695-4DBD-8919-B177F659D80D}.tmp - ok

20:16:22.0343 0x05c0  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{50EA9DAC-802B-4268-B6A1-155CED4D2405}.tmp

20:16:22.0343 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{50EA9DAC-802B-4268-B6A1-155CED4D2405}.tmp - ok

20:16:22.0343 0x05c0  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{BA85EE6C-0E23-472B-87E5-729478927D94}.tmp

20:16:22.0343 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{BA85EE6C-0E23-472B-87E5-729478927D94}.tmp - ok

20:16:22.0359 0x05c0  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{8CE0F667-E0E6-45FE-BFA4-E9B00FDFF631}.tmp

20:16:22.0359 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{8CE0F667-E0E6-45FE-BFA4-E9B00FDFF631}.tmp - ok

20:16:22.0375 0x05c0  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{AAAB332F-1896-4AE0-AF26-3C077DD3FB23}.tmp

20:16:22.0375 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{AAAB332F-1896-4AE0-AF26-3C077DD3FB23}.tmp - ok

20:16:22.0390 0x05c0  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{65C55D37-551A-43F6-811A-33414F53173B}.tmp

20:16:22.0390 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{65C55D37-551A-43F6-811A-33414F53173B}.tmp - ok

20:16:22.0390 0x05c0  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{537839E8-46E3-41C8-ACC6-6F051343D602}.tmp

20:16:22.0390 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{6B0B24B9-92EF-400C-BC9F-9307CD503E8B}\{537839E8-46E3-41C8-ACC6-6F051343D602}.tmp - ok

20:16:22.0406 0x05c0  [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll

20:16:22.0406 0x05c0  C:\WINDOWS\system32\security.dll - ok

20:16:22.0406 0x05c0  [ C730F70351D950DDA7388C9A9763CF54, 7A9D265E4D2F76EF131D01C2EE1CDC19A8E5FDCAF97649CC562E8114B92D411F ] C:\WINDOWS\system32\wbem\wmipcima.dll

20:16:22.0406 0x05c0  C:\WINDOWS\system32\wbem\wmipcima.dll - ok

20:16:22.0421 0x05c0  [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll

20:16:22.0421 0x05c0  C:\WINDOWS\system32\linkinfo.dll - ok

20:16:22.0437 0x05c0  [ 3DB2624CCB1663BF6D62311B2B9E7B55, 1E00FE8432E0E2039409823081D627A889B5A281096E7304169F2C44B2D8A463 ] C:\WINDOWS\system32\mshtml.dll

20:16:22.0437 0x05c0  C:\WINDOWS\system32\mshtml.dll - ok

20:16:22.0453 0x05c0  [ 2ACCD352451EC0F99AF2AD9DB6DB4439, 7EFFA9D4561674633B2FFB35F629947B061AFE5DA756DA6D02E0584FCE221445 ] C:\WINDOWS\system32\msls31.dll

20:16:22.0453 0x05c0  C:\WINDOWS\system32\msls31.dll - ok

20:16:22.0453 0x05c0  [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\MSCTF.dll

20:16:22.0453 0x05c0  C:\WINDOWS\system32\MSCTF.dll - ok

20:16:22.0468 0x05c0  [ E11457C66FDD966EE415FBBC6D9BE643, 9CAF889C740D79F56F1CE817DA7C8F2BAEE740212B578DAC509EA2C8BA2D790E ] C:\WINDOWS\system32\MSIMTF.dll

20:16:22.0468 0x05c0  C:\WINDOWS\system32\MSIMTF.dll - ok

20:16:22.0468 0x05c0  [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe

20:16:22.0468 0x05c0  C:\WINDOWS\system32\verclsid.exe - ok

20:16:22.0468 0x05c0  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe

20:16:22.0468 0x05c0  C:\WINDOWS\system32\ctfmon.exe - ok

20:16:22.0484 0x05c0  [ 98E53CA00D3C0A2E9FAA4E59C101AEBA, 9A6F978C0F1907915309F29FC2404910C3C7E205040C2B108685429E69625BD2 ] C:\WINDOWS\system32\mslbui.dll

20:16:22.0484 0x05c0  C:\WINDOWS\system32\mslbui.dll - ok

20:16:22.0500 0x05c0  [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll

20:16:22.0500 0x05c0  C:\WINDOWS\system32\msutb.dll - ok

20:16:22.0500 0x05c0  [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\SPTIP.dll

20:16:22.0500 0x05c0  C:\WINDOWS\ime\SPTIP.dll - ok

20:16:22.0515 0x05c0  [ D43637F8E835DDF2FE95FBE6242494B0, D9F6820E1C8BDB79A065367CFBD05531D47542E4F09A991C0A6CADD9CC19CB0D ] C:\WINDOWS\ime\SPGRMR.dll

20:16:22.0515 0x05c0  C:\WINDOWS\ime\SPGRMR.dll - ok

20:16:22.0546 0x05c0  [ A7E8525FA8788CA52F728414A65BA349, 6515D3DA08EBBD721433FDA0829E2A010E6D7DA574B3ACB72DA2C45016F9A579 ] C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL

20:16:22.0546 0x05c0  C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL - ok

20:16:22.0546 0x05c0  [ D8B91D94ECB123862B390FDE3250D3BB, DB2959E80684627ADD72CD895F8B4CBA56CFEBF60BFD60719E400181DD2CE979 ] C:\WINDOWS\system32\dciman32.dll

20:16:22.0546 0x05c0  C:\WINDOWS\system32\dciman32.dll - ok

20:16:22.0562 0x05c0  [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll

20:16:22.0562 0x05c0  C:\WINDOWS\system32\upnp.dll - ok

20:16:22.0578 0x05c0  [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll

20:16:22.0578 0x05c0  C:\WINDOWS\system32\ssdpapi.dll - ok

20:16:22.0578 0x05c0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] C:\WINDOWS\system32\drivers\http.sys

20:16:22.0578 0x05c0  C:\WINDOWS\system32\drivers\http.sys - ok

20:16:22.0578 0x05c0  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] C:\WINDOWS\system32\ssdpsrv.dll

20:16:22.0578 0x05c0  C:\WINDOWS\system32\ssdpsrv.dll - ok

20:16:22.0593 0x05c0  [ 27183319E0A2D914390ED1CB147DA2D0, E414920A1BC3D00F46F501D841FD7E356B6C552431EDACA5C71BBE6FA27AE254 ] C:\WINDOWS\system32\WLTRAY.EXE

20:16:22.0593 0x05c0  C:\WINDOWS\system32\WLTRAY.EXE - ok

20:16:22.0593 0x05c0  [ A45074E85BB55EA0524F0067F00DD980, 8D410BAF9960907CBE0136C924B98EC7CC2413DDA0BF284DB731901EDD423A84 ] C:\Program Files\IDT\WDM\sttray.exe

20:16:22.0593 0x05c0  C:\Program Files\IDT\WDM\sttray.exe - ok

20:16:22.0625 0x05c0  [ 6C03AE4B4605294928FB4BBD786B3277, 0ABA16FDE90CF1B7C3529D475985A1F49BAE5F8AB864FC46D892523F9699A465 ] C:\WINDOWS\system32\AESTFltr.exe

20:16:22.0625 0x05c0  C:\WINDOWS\system32\AESTFltr.exe - ok

20:16:22.0625 0x05c0  [ 76848CB1AA5818DB47D5F5986E0A7485, 03BAB6981C6F447E41B78A96187FA619E4755C2101FF1A0B2ABF111BE53D9F92 ] C:\WINDOWS\system32\mfc42.dll

20:16:22.0625 0x05c0  C:\WINDOWS\system32\mfc42.dll - ok

20:16:22.0625 0x05c0  [ 037B1E7798960E0420003D05BB577EE6, DEE53D6D332DADD40C0CE34A425A6C0781F611765DCD4299D869F2B1EE80AE66 ] C:\WINDOWS\system32\rundll32.exe

20:16:22.0625 0x05c0  C:\WINDOWS\system32\rundll32.exe - ok

20:16:22.0640 0x05c0  [ 1783DED72DB168BB2C67429B8E748E33, 6AC1F6C747723638116F9916FD029540D21CA9376503C1226A29E74B55ECC801 ] C:\WINDOWS\system32\nwiz.exe

20:16:22.0640 0x05c0  C:\WINDOWS\system32\nwiz.exe - ok

20:16:22.0640 0x05c0  [ 20CD7C1369C130F835A55D37F7FB7512, F1B27E8442643085855C6569784CD4E6E862B95A4443E8F5A5F69CAAF5F40667 ] C:\Program Files\IDT\WDM\stlang.dll

20:16:22.0640 0x05c0  C:\Program Files\IDT\WDM\stlang.dll - ok

20:16:22.0640 0x05c0  [ C20745BA6AFEFDEA5B8AE595FB057A6D, 7ECEB1E73473D52A52E574B05743A6808F6EDD7CD49ADC3285F45906ED5F1557 ] C:\WINDOWS\system32\preflib.dll

20:16:22.0640 0x05c0  C:\WINDOWS\system32\preflib.dll - ok

20:16:22.0656 0x05c0  [ F6F2BFC17069EB335ACCEEF7595F9302, 7434C4353DD2B2E5C8F3690CEF2E1F7E234C2402E6E3BFCBF29DCB1494125F8A ] C:\WINDOWS\system32\mfc42u.dll

20:16:22.0656 0x05c0  C:\WINDOWS\system32\mfc42u.dll - ok

20:16:22.0671 0x05c0  [ E9D32BCAD93283278F59614224075C78, C15DC4141F5C2D944401B23A26348634B9272C70A0331FA67D195DAAC3E872F6 ] C:\WINDOWS\system32\nvhotkey.dll

20:16:22.0671 0x05c0  C:\WINDOWS\system32\nvhotkey.dll - ok

20:16:22.0671 0x05c0  [ 9B9A7EBA37DB81D9D9F9E4A83A09BF4A, DD3FB997E6047E8D358668BBFC41404863486E640381BE2C038F5D19F6F93266 ] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDellB.exe

20:16:22.0671 0x05c0  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDellB.exe - ok

20:16:22.0671 0x05c0  [ D57755F3DB2FF30F43E0A85A17C54971, 65ECB64BECEBB126BDE5E4F8186087F571024382AE17D76F07C0BCC8316633A9 ] C:\WINDOWS\system32\nvmctray.dll

20:16:22.0671 0x05c0  C:\WINDOWS\system32\nvmctray.dll - ok

20:16:22.0687 0x05c0  [ 186C9D39541CC0DFFCC454F79AA0B0BF, 71D333B9037362650E5E4DBF4EFA3CFD49034C53F27C7FFDE8DE6149ADB6471D ] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

20:16:22.0687 0x05c0  C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe - ok

20:16:22.0687 0x05c0  [ D4931277DF5393E84A48B27DF40914E3, 35B175E750B0EFE45ECBBB692561F8D56368ADF36FC7A61A2E9EB78FF8D649B9 ] C:\WINDOWS\system32\riched32.dll

20:16:22.0687 0x05c0  C:\WINDOWS\system32\riched32.dll - ok

20:16:22.0703 0x05c0  [ A340CD71EB535A3DD751B5F28723E50C, AC19738C9255B6B48D20DDCF384BDDAEE0B3EF50F2297512E1750901DA9CC72A ] C:\WINDOWS\system32\ddraw.dll

20:16:22.0703 0x05c0  C:\WINDOWS\system32\ddraw.dll - ok

20:16:22.0718 0x05c0  [ 8F64B17B4E000081C70393C24292F034, 5D6CA360E63A8AAF86D31AF182BE4CC70ED5C846422704D5480D2E598B2A1BA4 ] C:\Program Files\DellTPad\Apoint.exe

20:16:22.0718 0x05c0  C:\Program Files\DellTPad\Apoint.exe - ok

20:16:22.0718 0x05c0  [ 3CB36B879292A53422D07982EC4EDD5F, E2230774AFB9D42C8F6E16A1A95AB7E69C0F248FC961B9B12067EB0AA74C929E ] C:\WINDOWS\system32\nvcpl.dll

20:16:22.0718 0x05c0  C:\WINDOWS\system32\nvcpl.dll - ok

20:16:22.0734 0x05c0  [ 96AC9A26932DAA95B0CD45E2B64ED0B6, 6C6EDC011E5464F5C40272E51755907A9B612D2EC0D52D95E5B7C1F007F0D293 ] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDellB.crl

20:16:22.0734 0x05c0  C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDellB.crl - ok

20:16:22.0734 0x05c0  [ 0607CBC6FA20114CB491EFE4B2F9EFAD, F1ABF07CC45F9C013B9F53E64820ECB12AC9B1E681B9A1703E30A0637E7D9BB6 ] C:\WINDOWS\system32\d3d9.dll

20:16:22.0734 0x05c0  C:\WINDOWS\system32\d3d9.dll - ok

20:16:22.0734 0x05c0  [ 7BBFDA2168B4B74C18C00677DF6CA4F0, 64FF1B1050EB01DEA93BE97402FDBCD6831CC09C2D94C9AA497942B897335C73 ] C:\Program Files\Dell Webcam\Dell Webcam Central\HookWndU.dll

20:16:22.0734 0x05c0  C:\Program Files\Dell Webcam\Dell Webcam Central\HookWndU.dll - ok

20:16:22.0734 0x05c0  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

20:16:22.0734 0x05c0  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

20:16:22.0750 0x05c0  [ 31B067C412FA1A9BAD3CA2A63D7DA440, 7A3A1767C42A3CDE83A56780C15887494C2A69197FE964E2A902F99A456BE581 ] C:\WINDOWS\system32\d3d8thk.dll

20:16:22.0750 0x05c0  C:\WINDOWS\system32\d3d8thk.dll - ok

20:16:22.0750 0x05c0  [ 73F2998953C82AAB2C8DC8A4B850DE5B, D72C56B490E1585AEFDC135A5A7A0B26290154AD4FB08A41FBDF1772B05E9A66 ] C:\WINDOWS\system32\nvapi.dll

20:16:22.0750 0x05c0  C:\WINDOWS\system32\nvapi.dll - ok

20:16:22.0781 0x05c0  [ A2D987AB31B8FEF9DEB560120268D7C9, 8C00BF53BFE5423662D6EA9EDBAF3D93295F4B9FA9DF21BF5EF82418BFA7D5B7 ] C:\Program Files\Dell Webcam\Dell Webcam Central\CtPinMgr.dll

20:16:22.0781 0x05c0  C:\Program Files\Dell Webcam\Dell Webcam Central\CtPinMgr.dll - ok

20:16:22.0796 0x05c0  [ CC8915DB4E33E8FB29CA0D2DBF75306E, 6319C0580FFDA989A2726814667C330F6A5C864D34B8C87645DD5A98E7A2C7FB ] C:\WINDOWS\system32\webcheck.dll

20:16:22.0796 0x05c0  C:\WINDOWS\system32\webcheck.dll - ok

20:16:22.0796 0x05c0  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] C:\WINDOWS\system32\imapi.exe

20:16:22.0796 0x05c0  C:\WINDOWS\system32\imapi.exe - ok

20:16:22.0812 0x05c0  [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll

20:16:22.0812 0x05c0  C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll - ok

20:16:22.0812 0x05c0  [ AA5E22854F56C68148EB3345DBD62970, 441818E5E9F568C4AC7174BCF625ACB63D8837658559949DF468B61125900B96 ] C:\WINDOWS\system32\devenum.dll

20:16:22.0812 0x05c0  C:\WINDOWS\system32\devenum.dll - ok

20:16:22.0828 0x05c0  [ 9A2854D2CF09FF1808014994871EF7BF, 8D16B04E14FCD5D65617D1922508E11C6B5B41BD765EE4B10C160220CDF618FD ] C:\WINDOWS\system32\nvdisps.dll

20:16:22.0828 0x05c0  C:\WINDOWS\system32\nvdisps.dll - ok

20:16:22.0828 0x05c0  [ 50512FC9B7878E3C2C147BC17326A7DB, 670006280CA98213C3A23B442615FD729C83953795619360F9D2988E56A602D7 ] C:\WINDOWS\system32\stobject.dll

20:16:22.0828 0x05c0  C:\WINDOWS\system32\stobject.dll - ok

20:16:22.0843 0x05c0  [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll

20:16:22.0843 0x05c0  C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll - ok

20:16:22.0859 0x05c0  [ 231A0B0E3BA7ABFE469A8262FAA1FD71, 76F8AE2680438B279081EDFC2728E3785736E82A5C6396AA705BFFFF5C361294 ] C:\WINDOWS\system32\batmeter.dll

20:16:22.0859 0x05c0  C:\WINDOWS\system32\batmeter.dll - ok

20:16:22.0859 0x05c0  [ 387B8DAC1A99130387DC580864F51D5D, 84E5F2DBC37B8D0DD62E6774993B3BDAEEAC0E8D2C05C889299B6DDCE0BD2929 ] C:\Program Files\Logitech Gaming Software\LCore.exe

20:16:22.0859 0x05c0  C:\Program Files\Logitech Gaming Software\LCore.exe - ok

20:16:22.0875 0x05c0  [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll

20:16:22.0875 0x05c0  C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll - ok

20:16:22.0890 0x05c0  [ 43D083268A0919F3527A2837390BAF63, 58B62697B01B8C9396271A64424178691FA85D4625DAF2AC8DE7F06A64F64C2A ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

20:16:22.0890 0x05c0  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok

20:16:22.0890 0x05c0  [ 01CFA88F8DEE91EC9F8E0988F49D106E, 24681D0B28CF3544F9C36876069296AE9E4DF3043BF72A1A55D248160067DF9A ] C:\WINDOWS\system32\avicap32.dll

20:16:22.0890 0x05c0  C:\WINDOWS\system32\avicap32.dll - ok

20:16:22.0906 0x05c0  [ 235B2311786AC007AD644B12A2DA8AC7, DB676642F9C0467DBC313D0B475250B247EABB281FD359896398A0E7C725F0F8 ] C:\WINDOWS\system32\msvfw32.dll

20:16:22.0906 0x05c0  C:\WINDOWS\system32\msvfw32.dll - ok

20:16:22.0921 0x05c0  [ 45236AC7BD6D978F8536CB69642CCDB7, 3014CD7E78840F665D1D3A8153F297B9811FE4237959B8A99BD241580C94DC46 ] C:\Program Files\Logitech Gaming Software\QtCore4.dll

20:16:22.0921 0x05c0  C:\Program Files\Logitech Gaming Software\QtCore4.dll - ok

20:16:22.0937 0x05c0  [ 49311F77799C91BC320528CE26E49ABB, 356D86E76BD325C104BCB53EE9F1ECD8054435E6D44DE46E4EBFBBD0DB69B536 ] C:\Program Files\DellTPad\Apoint.dll

20:16:22.0937 0x05c0  C:\Program Files\DellTPad\Apoint.dll - ok

20:16:22.0937 0x05c0  [ E95D120D6EA2A55F3C908D0C652EDD8C, 7881F675AE4C511BCC5AD20BB95B6D01C67AE917A3B409B79A6D9D26E5B98D8A ] C:\Program Files\Dell Webcam\Dell Webcam Central\CTPicCtrlDe.dll

20:16:22.0937 0x05c0  C:\Program Files\Dell Webcam\Dell Webcam Central\CTPicCtrlDe.dll - ok

20:16:22.0953 0x05c0  [ 29911251C966D137311DBC43DF49A7F4, 6EECC7A00738E28D5982205D597F66F98047738E192012FDE906B688F891C4C2 ] C:\WINDOWS\system32\Vxdif.dll

20:16:22.0953 0x05c0  C:\WINDOWS\system32\Vxdif.dll - ok

20:16:22.0953 0x05c0  [ CCA1CC7697B61C69DBC3C30CE13861F5, 7202C8D0671B0B9F40942E3559D70A1555DE439C1D79A6B5A0A33C09D8F38082 ] C:\Program Files\Dell Webcam\Dell Webcam Central\CTPicCtrlDe.crl

20:16:22.0953 0x05c0  C:\Program Files\Dell Webcam\Dell Webcam Central\CTPicCtrlDe.crl - ok

20:16:22.0968 0x05c0  [ B9829EE922823F86D556564E6654D4E9, 4CB956C21B0CC0D15C1DBA8CD359208928AFCD2CED09B29566615E0BD3F4FFD6 ] C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\aim.exe

20:16:22.0968 0x05c0  C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\aim.exe - ok

20:16:22.0984 0x05c0  [ B2EEE3DEE31F50E082E9C720A6D7757D, 4608BEEDD8CF9C3FC5AB03716B4AB6F01C7B7D65A7C072AF04F514FFB0E02D01 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll

20:16:22.0984 0x05c0  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok

20:16:23.0000 0x05c0  [ 732D9D6B3D8A2F95F80644FF3630CDD9, 9FF1FFB6AD2AE7BBBAC88289227E52994659CEDAC2128D4B0F9F89144AC32469 ] C:\WINDOWS\system32\nview.dll

20:16:23.0000 0x05c0  C:\WINDOWS\system32\nview.dll - ok

20:16:23.0000 0x05c0  [ 9074D82B3F508BCE6792365302F6F5F5, 979D709302AC801F752758504E83F608CA6711A2580DE8FE6A748758A389A8A6 ] C:\Program Files\DellTPad\EzAuto.dll

20:16:23.0000 0x05c0  C:\Program Files\DellTPad\EzAuto.dll - ok

20:16:23.0000 0x05c0  [ 63A0A1F94807124328EB511F5935CBB6, E3CD7AF6CFCD59F4E48E2C25E2E2F0FCA9510F5BFF6D63DB8CD3DE5D1E2C1894 ] C:\Program Files\Dell Webcam\Dell Webcam Central\CTFaceT.dll

20:16:23.0000 0x05c0  C:\Program Files\Dell Webcam\Dell Webcam Central\CTFaceT.dll - ok

20:16:23.0015 0x05c0  [ 7538050656FE5D63CB4B80349DD1CFE3, E16BC9B66642151DE612EE045C2810CA6146975015BD9679A354567F56DA2099 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll

20:16:23.0015 0x05c0  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok

20:16:23.0015 0x05c0  [ 2E65F2C8D725D70882DC6DFFE1AFD62F, D9A072FDC97AD1DBD48C1F84968E533597247B7442965F6BC25346D2B21DA4DA ] C:\Program Files\Dell Webcam\Dell Webcam Central\CTFaceTDe.crl

20:16:23.0015 0x05c0  C:\Program Files\Dell Webcam\Dell Webcam Central\CTFaceTDe.crl - ok

20:16:23.0015 0x05c0  [ 8AD5D418B8C142448B5A9EE38C004BE9, A2CC53D96F0EA7696FFFC1C3F3C2F86A4A72598F5E514594B0EE8EC70BC4DEDB ] C:\WINDOWS\system32\nvwddi.dll

20:16:23.0015 0x05c0  C:\WINDOWS\system32\nvwddi.dll - ok

20:16:23.0031 0x05c0  [ 6F4122218602FF86F96F59AE558D1CE5, 32A79D7EE709F48F0599BBD3C39080BB7D7FF20B69F7B27D6A0CBAD4B8567B34 ] C:\Program Files\Dell Webcam\Dell Webcam Central\CTPanT.dll

20:16:23.0031 0x05c0  C:\Program Files\Dell Webcam\Dell Webcam Central\CTPanT.dll - ok

20:16:23.0031 0x05c0  [ 2E92352DD6AE9DD9E104A096FE0BBBCC, 29A46D590490AD494595FCE35308F4BD2EF7BE6B2D644A9695CFCBC0A0730B82 ] C:\Program Files\Dell Webcam\Dell Webcam Central\CTPanT.crl

20:16:23.0031 0x05c0  C:\Program Files\Dell Webcam\Dell Webcam Central\CTPanT.crl - ok

20:16:23.0046 0x05c0  [ 6BA03B5AF0B49BFEFC5DF84C8DBE5209, C1C77823C4E97F70CCA10777C213A70E74FD372B74C96AA6D00D147A8B9656F4 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe

20:16:23.0046 0x05c0  C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

20:16:23.0046 0x05c0  [ 8C57AFC33BFC40069FF2E0340D1A202D, 0BB98FE102F232FED0B369A42CFD25E0668DB9CA69593B867626769A1723EE35 ] C:\Program Files\Logitech Gaming Software\QtGui4.dll

20:16:23.0046 0x05c0  C:\Program Files\Logitech Gaming Software\QtGui4.dll - ok

20:16:23.0062 0x05c0  [ AF8DCB44813C1DDCB789AA8EAB2CCDC4, AEDC969F4AD0C215A68FE3B22DD921F5BBC4A6F6C40344545859B98FBA185B30 ] C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\libcef.dll

20:16:23.0062 0x05c0  C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\libcef.dll - ok

20:16:23.0062 0x05c0  [ 3FAFBCCE3F066EDCC263E25A786FFD50, 4CB24BEA4D696FA9080D73C5C8A606A77B4CBC562B43A15D6E4DDF64FA6FB57C ] C:\Program Files\Skype\Phone\Skype.exe

20:16:23.0062 0x05c0  C:\Program Files\Skype\Phone\Skype.exe - ok

20:16:23.0078 0x05c0  [ A6DB138D8E6278A90E16D5299AC8B3FC, 26FD16569AF8154DD667CCAF5596583C50CCCD1EA2218F317E50AF3D966748C2 ] C:\Program Files\Logitech Gaming Software\QtXml4.dll

20:16:23.0078 0x05c0  C:\Program Files\Logitech Gaming Software\QtXml4.dll - ok

20:16:23.0093 0x05c0  [ F108D6DD4FF65B362FAC52FE3ACA8BEE, C74E188FAE144D92203542F165649F6B825E90D11ADC4A512F1798B9B7B39F66 ] C:\Program Files\DellTPad\ApMsgFwd.exe

20:16:23.0093 0x05c0  C:\Program Files\DellTPad\ApMsgFwd.exe - ok

20:16:23.0093 0x05c0  [ D97CAD482F0ECCE41C8E6E0992495BB4, E185E903203A2F27B585C54BACB112D610C2E63C61A2D1B24635F95B9795B250 ] C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll

20:16:23.0093 0x05c0  C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll - ok

20:16:23.0109 0x05c0  [ 1E5B9201721D9B687546A982323C030E, 145D2437922BD69F8D7098ECECE717E35A871F4C715C4A89BC79474F5EFC6282 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe

20:16:23.0109 0x05c0  C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok

20:16:23.0109 0x05c0  [ 1D845821F5ADB076831DE4C2818F858B, 5F1F18042E6B16BC149F2B0F22ECE3D3668E846C843F016D33C9E6C60E2D64C6 ] C:\WINDOWS\system32\usp10.dll

20:16:23.0109 0x05c0  C:\WINDOWS\system32\usp10.dll - ok

20:16:23.0109 0x05c0  [ 3EE34ACF2920C0F37FE10E39945CE248, 9FC8C4C81A449555857DCD91AA02F6CCAA2921F24CAEF4074BC2AD40C0B08D15 ] C:\Program Files\Logitech Gaming Software\QtNetwork4.dll

20:16:23.0109 0x05c0  C:\Program Files\Logitech Gaming Software\QtNetwork4.dll - ok

20:16:23.0140 0x05c0  [ 88BEEF09C654252F3E46B6167B7F4ECB, 94A78D2D709AEED74BA1C29D00CFD55EF68A95764C067B470E1C19C376F32478 ] C:\WINDOWS\system32\msisip.dll

20:16:23.0140 0x05c0  C:\WINDOWS\system32\msisip.dll - ok

20:16:23.0140 0x05c0  [ 28D933CFEEB443CA9A5E9996B028A13A, 16CEBABC1028DF53124FEBADFF36C768BB9CCB1149A0F69F6EAF59B744693FD7 ] C:\Program Files\Logitech Gaming Software\QtScript4.dll

20:16:23.0140 0x05c0  C:\Program Files\Logitech Gaming Software\QtScript4.dll - ok

20:16:23.0156 0x05c0  [ 3A6D465F379E5C815F4AD565391E654C, EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ] C:\WINDOWS\system32\wshext.dll

20:16:23.0156 0x05c0  C:\WINDOWS\system32\wshext.dll - ok

20:16:23.0156 0x05c0  [ 47F464C5B39C374467DF69F3572D1121, 8F32A0BE2304A8FA51C770D6A80A02390D6F7DAA0C55B100AF72E12708FDC08F ] C:\Program Files\Logitech Gaming Software\QtHelp4.dll

20:16:23.0156 0x05c0  C:\Program Files\Logitech Gaming Software\QtHelp4.dll - ok

20:16:23.0156 0x05c0  [ F0B0D86C7E5CE1781BB92F300169A257, 9BA533D02C86135EB9B3579E4B15602B7ABECCCEC142B3C7A115C7DBE8A90D96 ] C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL

20:16:23.0156 0x05c0  C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL - ok

20:16:23.0156 0x05c0  [ DFC8186972EB21F75E5B532194AF4C3A, 9AD2B04FD6D76FEC8CA06611AA0701333BFA36F1B1752211E850A9C977591707 ] C:\Program Files\DellTPad\ApntEx.exe

20:16:23.0156 0x05c0  C:\Program Files\DellTPad\ApntEx.exe - ok

20:16:23.0171 0x05c0  [ D25C03D04159D462D69F294BA7142BDB, 397B0FE2BB56FFBBF1BD89273802348B3AA102A5725E2CB3670FA89526E6C5EC ] C:\WINDOWS\system32\msdmo.dll

20:16:23.0171 0x05c0  C:\WINDOWS\system32\msdmo.dll - ok

20:16:23.0187 0x05c0  [ 7A42A8E161DC32C5A40C5813ED64DF03, C4A8CB2E7610C7CF83233FC8116E948EEB5BF7E2ACC0FB5E0668A89A8BC5A45A ] C:\Program Files\DellTPad\hidfind.exe

20:16:23.0187 0x05c0  C:\Program Files\DellTPad\hidfind.exe - ok

20:16:23.0187 0x05c0  [ E01945331345F678AFAE3ECD5369D61A, 227C3F7AB61A519EC6DEF456DBD95336536E2395845480E9A3D7A2EBE45EAF29 ] C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\tbdiag.dll

20:16:23.0187 0x05c0  C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\tbdiag.dll - ok

20:16:23.0187 0x05c0  [ 5512238DB69736055565E6F5DE62574A, CA26DACA9C8731E4DE50B555F31D25921BA52000D1340389BA7A9C0189A80CC4 ] C:\Program Files\Logitech Gaming Software\EReg\eReg.exe

20:16:23.0187 0x05c0  C:\Program Files\Logitech Gaming Software\EReg\eReg.exe - ok

20:16:23.0187 0x05c0  [ 62BEF11D8A16C2986DC9E2846655CB41, 8500B7BE8DA2254A78F09766D5D9E5482F9B6559EBC9F14F8E2EDABF72FF7B04 ] C:\Program Files\Logitech Gaming Software\QtSql4.dll

20:16:23.0187 0x05c0  C:\Program Files\Logitech Gaming Software\QtSql4.dll - ok

20:16:23.0187 0x05c0  [ 1D433535F4720261D68FC6A48E3E6AA3, 0D18AFCD1AE55C7EB6BCA06D5A853AB9CAA9A190D85A47B4B483EF4C631407B8 ] C:\Program Files\Logitech Gaming Software\QtCLucene4.dll

20:16:23.0187 0x05c0  C:\Program Files\Logitech Gaming Software\QtCLucene4.dll - ok

20:16:23.0203 0x05c0  [ 401A8C0BE0BAA7D7A470F0942244152D, EC21ED13E526617697CD8E6D79FC706CBDA0AF36C02C05B39E8603B217E406BC ] C:\WINDOWS\system32\rasdlg.dll

20:16:23.0203 0x05c0  C:\WINDOWS\system32\rasdlg.dll - ok

20:16:23.0203 0x05c0  [ 0B467F470CC9918FDCEEDCFD7DC4D697, 87C8BCC4DFF318FC393A8C0FB0B82CCC9DA83EC0F5811CF303F3AC265A575578 ] C:\WINDOWS\system32\oledlg.dll

20:16:23.0203 0x05c0  C:\WINDOWS\system32\oledlg.dll - ok

20:16:23.0218 0x05c0  [ F92E1076C42FCD6DB3D72D8CFE9816D5, 94135ACF2D9426BB78E4522429120B03D94B541422C277B9ACA31410874A464C ] C:\WINDOWS\system32\wscntfy.exe

20:16:23.0218 0x05c0  C:\WINDOWS\system32\wscntfy.exe - ok

20:16:23.0234 0x05c0  [ BF107ACF2CDD552AABE14E8C3E62E3FC, 24547C7A4B99AC3B24F60D8B26A5A935FD021C530EB0662A8563097F879620EF ] C:\WINDOWS\system32\quartz.dll

20:16:23.0234 0x05c0  C:\WINDOWS\system32\quartz.dll - ok

20:16:23.0234 0x05c0  [ 5119B80BD9E57B218CAE5DBDF8E11FB2, 930570777C0690A30043C72ED5AAD3408A41D4A81E0D0DAE409A4DCA8C48B779 ] C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\icudt.dll

20:16:23.0234 0x05c0  C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\icudt.dll - ok

20:16:23.0234 0x05c0  [ 6CD42D02BD377B1FAD36E458FFE35494, B4A2468CD09544C886F06371E48F4C0137D6877E9364B70060C2025336A58BC6 ] C:\Program Files\Logitech Gaming Software\QtOpenGL4.dll

20:16:23.0234 0x05c0  C:\Program Files\Logitech Gaming Software\QtOpenGL4.dll - ok

20:16:23.0250 0x05c0  [ F5DF4C09808DBD4D84A3871A5A3DB91B, 032F6258F77770886C97421FCE472B8D820A79E52C956F5508C0507BF46E746D ] C:\WINDOWS\system32\opengl32.dll

20:16:23.0250 0x05c0  C:\WINDOWS\system32\opengl32.dll - ok

20:16:23.0250 0x05c0  [ 62CF83A6989312A0DD39BBFFB3D1C166, 05FB7F06444B4958BE3EFC6909614D516BE5FE3929E0F58D2C13C2A211C1F86A ] C:\WINDOWS\system32\pdh.dll

20:16:23.0250 0x05c0  C:\WINDOWS\system32\pdh.dll - ok

20:16:23.0265 0x05c0  [ A78516D04DD71A18FDFDF820A6413634, 4BEC0B983E72E0909E5C7CB7F8E5D3DF708A47E338DD2B764A7D9DC7A717F980 ] C:\WINDOWS\system32\glu32.dll

20:16:23.0265 0x05c0  C:\WINDOWS\system32\glu32.dll - ok

20:16:23.0281 0x05c0  [ 369F7B1A4F358B976176556A1A331F36, 65A60C4C5D816D53DDAA208FEEDD4F8C185A77BACB8736EADCAE2F454C8FFC08 ] C:\WINDOWS\system32\odbcbcp.dll

20:16:23.0281 0x05c0  C:\WINDOWS\system32\odbcbcp.dll - ok

20:16:23.0281 0x05c0  [ A7AE393515C04AC15580C82147BA5275, 0A3572585A271B5514FBCD31727DE64973F13F345D89E3E63C0D6C3A8958CF5B ] C:\WINDOWS\system32\nvoglnt.dll

20:16:23.0281 0x05c0  C:\WINDOWS\system32\nvoglnt.dll - ok

20:16:23.0296 0x05c0  [ 5F63E2B2A72E1E6448123E0920D31530, 46934E1710AB5A9B66204721904A3AE856B40F5B84E0E268B4A410C26C7FAA95 ] C:\WINDOWS\system32\windowscodecs.dll

20:16:23.0296 0x05c0  C:\WINDOWS\system32\windowscodecs.dll - ok

20:16:23.0296 0x05c0  [ 5652F6CE1D9E9D8068B9D29BC21B5409, 807A8B8FD8CCFC04409E1D64947FE35F847F194FF6FC09CCCF66F274F2A994C6 ] C:\WINDOWS\system32\olepro32.dll

20:16:23.0296 0x05c0  C:\WINDOWS\system32\olepro32.dll - ok

20:16:23.0296 0x05c0  [ E81BBE78A8EF85ACD490B3E64EF63A7C, 8370CFA3FEBC8F74772538C17C1F153DD9D6A9DBBBCA61BA2148880D713FC90D ] C:\WINDOWS\system32\mapi32.dll

20:16:23.0296 0x05c0  C:\WINDOWS\system32\mapi32.dll - ok

20:16:23.0312 0x05c0  [ 35EEBA3A664170F7E10C8BB8D1644863, 282FB1A5A15C59583C3F994B181E510FC79D0218F7B0B1695B5B65D12059FF0E ] C:\WINDOWS\system32\mcd32.dll

20:16:23.0312 0x05c0  C:\WINDOWS\system32\mcd32.dll - ok

20:16:23.0312 0x05c0  [ 9EEFE69139FDBB4A3C327630F8EB993A, 8B397F6721E7BC8AA93E9B68099084D49AC4776BACC1383089C59A52D8244B49 ] C:\WINDOWS\system32\wlanapi.dll

20:16:23.0312 0x05c0  C:\WINDOWS\system32\wlanapi.dll - ok

20:16:23.0328 0x05c0  [ 2ED7AA9E25E7BE4E4320BC8FBCD2F8EC, 31C0E531100C92AE773248BFB85F217810643C42522854743028C5F235881C07 ] C:\Program Files\Logitech Gaming Software\imageformats\qjpeg4.dll

20:16:23.0328 0x05c0  C:\Program Files\Logitech Gaming Software\imageformats\qjpeg4.dll - ok

20:16:23.0328 0x05c0  [ ED8B49890D24894167EBB84A235382D4, D52A2F027FDBF048FAD6F71E93039442957CE4CEF5AB4C33651CD3F47E3AA43F ] C:\WINDOWS\system32\dxva2.dll

20:16:23.0328 0x05c0  C:\WINDOWS\system32\dxva2.dll - ok

20:16:23.0343 0x05c0  [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys

20:16:23.0343 0x05c0  C:\WINDOWS\system32\drivers\hidclass.sys - ok

20:16:23.0359 0x05c0  [ D2DD04D1C8DF65EECD1F2C7FB947D43E, 980FCE188FCB57C8F210A4905D345D2D6D32545EFE673BE51B3D3AE18084243B ] C:\WINDOWS\system32\drivers\LGVirHid.sys

20:16:23.0359 0x05c0  C:\WINDOWS\system32\drivers\LGVirHid.sys - ok

20:16:23.0359 0x05c0  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys

20:16:23.0359 0x05c0  C:\WINDOWS\system32\drivers\mouhid.sys - ok

20:16:23.0359 0x05c0  [ 4446374C3A03EBC85574A0878779254B, 21C2C0CA2F8330F778AC0A502F0DA0738626F6095F52D2AD98D2D2BC97A6DA92 ] C:\Program Files\Skype\Updater\Updater.dll

20:16:23.0359 0x05c0  C:\Program Files\Skype\Updater\Updater.dll - ok

20:16:23.0375 0x05c0  [ F1941197A42F9F373CC70042FC82C950, CA823B1508F97DE09AD983CFEFA5A145748DA82B83EED0650175AC5934A70F31 ] C:\WINDOWS\system32\ksproxy.ax

20:16:23.0375 0x05c0  C:\WINDOWS\system32\ksproxy.ax - ok

20:16:23.0390 0x05c0  [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9, F64DEF5213CC6E96DD62125A3D44522200F66FF6A2CBA198096484F61D1C088B ] C:\WINDOWS\system32\ksuser.dll

20:16:23.0390 0x05c0  C:\WINDOWS\system32\ksuser.dll - ok

20:16:23.0390 0x05c0  [ 94BA90C6AF5C50FF5F7A6392514C4642, CBCAFEFD81BB53806423300C03BCA5257D05E12942A7C1206CC75F94189D3FC4 ] C:\WINDOWS\system32\vidcap.ax

20:16:23.0390 0x05c0  C:\WINDOWS\system32\vidcap.ax - ok

20:16:23.0390 0x05c0  [ C9EF69B25DFA1C0E7932CB02FB8A7E91, 497E8542EC09ED8FB9A68EA7F525893F068AB6AA7E0056F07DA61C5CCA0971B0 ] C:\WINDOWS\system32\kswdmcap.ax

20:16:23.0390 0x05c0  C:\WINDOWS\system32\kswdmcap.ax - ok

20:16:23.0406 0x05c0  [ 0689622E6484934EB6E5F4D3A96311F9, A7D417556512F0FB129939F70835529F3EAC3D5ACBECE5B960A97C2605AF0833 ] C:\WINDOWS\system32\jscript.dll

20:16:23.0406 0x05c0  C:\WINDOWS\system32\jscript.dll - ok

20:16:23.0421 0x05c0  [ AC08A03D7E579E2903925736E7AB48F2, B4350DFB5BF153D60C38835FD0D4A13A993B5FCEDE04F98750396EDF0070B3FE ] C:\Program Files\Google\Chrome\Application\chrome.exe

20:16:23.0421 0x05c0  C:\Program Files\Google\Chrome\Application\chrome.exe - ok

20:16:23.0421 0x05c0  [ 4BF70B35B943BD73BD6E13EB7C1BA4B3, 5450EC4B012401A06A78F92F69530BA720405B4D1A0BBD271C41E911C55803EC ] C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\NPSWF32.dll

20:16:23.0421 0x05c0  C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\NPSWF32.dll - ok

20:16:23.0421 0x05c0  [ A93DF99ADEA23202B3AC38E09797A893, BD06F586B485BD77A91E3B6A0EE48EDB57275FE6CFD4B6742E8906A232F30B6A ] C:\Program Files\Google\Chrome\Application\37.0.2062.120\chrome_elf.dll

20:16:23.0421 0x05c0  C:\Program Files\Google\Chrome\Application\37.0.2062.120\chrome_elf.dll - ok

20:16:23.0421 0x05c0  [ 284AA1D7D9440B5CA27F3AC53526AF79, 2D0A373696FF3138BCE895131AEAAB5372F284DB954213ED33309A55238B4B72 ] C:\Program Files\Google\Chrome\Application\37.0.2062.120\chrome.dll

20:16:23.0421 0x05c0  C:\Program Files\Google\Chrome\Application\37.0.2062.120\chrome.dll - ok

20:16:23.0437 0x05c0  [ 42B928FC8518D793BF7A5EAFC57B1D8B, 22C194288DB7FE6902E4BE183856A07456B764D3B123C346A63F49AE55B4EF88 ] C:\WINDOWS\system32\imgutil.dll

20:16:23.0437 0x05c0  C:\WINDOWS\system32\imgutil.dll - ok

20:16:23.0468 0x05c0  [ E5FA1B044DAC5F6F600A1742D73F6936, 8B9FC6C6388316854F101B99F0C15597DAC20CE43A4B9B151748F98070E9DF8A ] C:\WINDOWS\system32\pngfilt.dll

20:16:23.0468 0x05c0  C:\WINDOWS\system32\pngfilt.dll - ok

20:16:23.0468 0x05c0  [ 5E1A0476E009A1930A524DFF4CA13982, 02635287787412C2075F48A1BBA60B2705C13F5E0D82F82C8C048ED9D8AB5F26 ] C:\WINDOWS\system32\dxtrans.dll

20:16:23.0468 0x05c0  C:\WINDOWS\system32\dxtrans.dll - ok

20:16:23.0468 0x05c0  [ A47F6A13202AA54541CA46D6CED79F5F, D1FA5CDA2256F3B10E9306673A0E29EE7693548E29D5665BBEA2D42927D061F0 ] C:\WINDOWS\system32\ddrawex.dll

20:16:23.0468 0x05c0  C:\WINDOWS\system32\ddrawex.dll - ok

20:16:23.0484 0x05c0  [ 057D53F1490598D41D9D4DEE9A92B0B1, 3B085C27A91BF708B475250630545ECF0D57C454F8C4B21FDD40C81C0B9621B6 ] C:\WINDOWS\system32\dxtmsft.dll

20:16:23.0484 0x05c0  C:\WINDOWS\system32\dxtmsft.dll - ok

20:16:23.0484 0x05c0  [ B1C02B1C44F01AEBC0F721AC7B64D2C7, 6A60F1E0135FCEA7E4F43A10C74A401520F692D4C9AC63AC3E6063CF81E561D4 ] C:\WINDOWS\system32\Macromed\Flash\Flash32_15_0_0_152.ocx

20:16:23.0484 0x05c0  C:\WINDOWS\system32\Macromed\Flash\Flash32_15_0_0_152.ocx - ok

20:16:23.0484 0x05c0  [ AA0507F0516A4DFF1B1279AB4A2ABB37, 8EBC13ED4D96F208C5DF940EE51A4D06B64DD789425301B466C9FCD1EF78C64D ] C:\WINDOWS\system32\dinput8.dll

20:16:23.0484 0x05c0  C:\WINDOWS\system32\dinput8.dll - ok

20:16:23.0484 0x05c0  [ 764C79129C7A04EF25AEB1AD411A96DA, 000CAD2A0F0B79AE4AB48682AACD80A7920F080E80B4660EDF3E83ECCB7984C9 ] C:\Program Files\Google\Chrome\Application\37.0.2062.120\chrome_child.dll

20:16:23.0484 0x05c0  C:\Program Files\Google\Chrome\Application\37.0.2062.120\chrome_child.dll - ok

20:16:23.0500 0x05c0  [ D8D6B36006BC7754A29903048EF4EB6B, 0A0381BD457D7151F63DF4F582F397447EDDACE44BA3469C6682CD79259CB279 ] C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll

20:16:23.0500 0x05c0  C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll - ok

20:16:23.0500 0x05c0  [ 65E36813C7C0095C6DC9392EE36A904C, 26E282CDAA917143E58C70262C5700800B92F8DFF6BAA1130A77CB4D04FE6E5C ] C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppgooglenaclpluginchrome.dll

20:16:23.0500 0x05c0  C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppgooglenaclpluginchrome.dll - ok

20:16:23.0515 0x05c0  [ C9F10AC42A34F4A07236C84AE9A64B99, 9475CAEE2AAF743DD661EF3EF026B8BB3695CBBFF79D6F5897C3EF861CEEEFEC ] C:\Program Files\Google\Chrome\Application\37.0.2062.120\libpeerconnection.dll

20:16:23.0515 0x05c0  C:\Program Files\Google\Chrome\Application\37.0.2062.120\libpeerconnection.dll - ok

20:16:23.0515 0x05c0  [ 012DF358CEBAA23ACB26D82077820817, FEDD177BD4F0EB589E23AEE20FA9492FA4824478B34B46377C43E3A12F8A96D8 ] C:\WINDOWS\system32\lpk.dll

20:16:23.0515 0x05c0  C:\WINDOWS\system32\lpk.dll - ok

20:16:23.0531 0x05c0  [ B8703D5B03D330105E791BBF3ECE0455, 9AAC590BA3296CD008D3EA6B230FA657E760A3D10DFE80027CFB985B211E01F5 ] C:\Program Files\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll

20:16:23.0531 0x05c0  C:\Program Files\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll - ok

20:16:23.0531 0x05c0  [ F9712C06A56B9160EC19C12AD5F79ABC, D49EF271BD141D44405960D1727066BCD5B559954AC90A618F44C91CB70BADAD ] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.145_0\npqscan.dll

20:16:23.0531 0x05c0  C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.145_0\npqscan.dll - ok

20:16:23.0546 0x05c0  [ F51ECBBA611C75E47578295D5241630F, E4E5F7074E16D92EFB0FECFDBF9215A38BF0E9A2AE4F4195CFC18539EC656472 ] C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

20:16:23.0546 0x05c0  C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll - ok

20:16:23.0546 0x05c0  [ 28000D7EEB2FD95A36E1A7539F599C3B, DB02510B68A63F2253DFE7E61D2107666EAEBD9F0AE65E0AE9450E103F9BC609 ] C:\Program Files\Windows Media Player\npdrmv2.dll

20:16:23.0546 0x05c0  C:\Program Files\Windows Media Player\npdrmv2.dll - ok

20:16:23.0562 0x05c0  [ 5D41BCD19A3D90E4EBB58A6BFB79E4F7, FE19EA82AA0615B217972A834A97751929DBF127281A4CA794CE780BE0063BA6 ] C:\Program Files\Windows Media Player\npdsplay.dll

20:16:23.0562 0x05c0  C:\Program Files\Windows Media Player\npdsplay.dll - ok

20:16:23.0578 0x05c0  [ 8B6884E3E1E5F8ABA5FA0C6A2B13181D, 00C1D7154D83E950FD015BD568357C09FC5A5E567C7647B3C06BB7F4E7CE390E ] C:\Program Files\Windows Media Player\npwmsdrm.dll

20:16:23.0578 0x05c0  C:\Program Files\Windows Media Player\npwmsdrm.dll - ok

20:16:23.0578 0x05c0  [ D654525C0902C21118AD29217E4ECB49, 461BD1AB2E7409F0E64D8D614A601EFE471EFCCED99D2E3347D4CC07B2E78E2E ] C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

20:16:23.0578 0x05c0  C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - ok

20:16:23.0578 0x05c0  [ FB5621842FDABF9F8359775573498FBC, 77E49C2F15562DACC27A9D3512D27C74DB031813FD28A8C99A87A8F2E72016B4 ] C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

20:16:23.0578 0x05c0  C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - ok

20:16:23.0593 0x05c0  [ DFC9460CC37E5C414DC4680B10C19E7A, 688EAFF5F4BEDBEE18F25BF5EDD0A1FF6B9BA8A1676F596A00286F114C0119FB ] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

20:16:23.0593 0x05c0  C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - ok

20:16:23.0593 0x05c0  [ AB87EEFFD18F2BAAFC274E7075EA6C67, 53FDD44BEB9AA437EE3B0D77486F7A3CF7908659F78CF6D53F5A77D3A6D6980F ] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

20:16:23.0593 0x05c0  C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - ok

20:16:23.0625 0x05c0  [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll

20:16:23.0625 0x05c0  C:\WINDOWS\system32\drprov.dll - ok

20:16:23.0625 0x05c0  [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll

20:16:23.0625 0x05c0  C:\WINDOWS\system32\ntlanman.dll - ok

20:16:23.0625 0x05c0  [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll

20:16:23.0625 0x05c0  C:\WINDOWS\system32\netui0.dll - ok

20:16:23.0640 0x05c0  [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll

20:16:23.0640 0x05c0  C:\WINDOWS\system32\netui1.dll - ok

20:16:23.0656 0x05c0  [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll

20:16:23.0656 0x05c0  C:\WINDOWS\system32\davclnt.dll - ok

20:16:23.0656 0x05c0  [ 3B4C7484B461B7C159AA4FB6BCA405C7, 11F34F621921ED52466BA10C1393B8AB10BB91F66C1BC1D9BC3FD502BCC04125 ] C:\Program Files\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll

20:16:23.0656 0x05c0  C:\Program Files\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll - ok

20:16:23.0656 0x05c0  [ 855F6333E3A4DFC6F3C8B0520C261FCD, AF3F5D77FE8AF0BE09E2DD3AFDE1B1167D851D437078025E5CF82D8D0C315B34 ] C:\WINDOWS\system32\msftedit.dll

20:16:23.0656 0x05c0  C:\WINDOWS\system32\msftedit.dll - ok

20:16:23.0656 0x05c0  [ 8721A9BC4B8EC28542D3C36ECCCFC299, 92D2D1E0B70DAB758309C8EC32C65D44AB92907E50007CB373293EA446D563F5 ] C:\WINDOWS\system32\iepeers.dll

20:16:23.0656 0x05c0  C:\WINDOWS\system32\iepeers.dll - ok

20:16:23.0671 0x05c0  [ 6E83376494410F324A9698863127C4DB, 60DC45D7701D14A2E4E3B8EC684A8DF47B9D62508A546DA9F8287F6B962B37A4 ] C:\WINDOWS\system32\vbscript.dll

20:16:23.0671 0x05c0  C:\WINDOWS\system32\vbscript.dll - ok

20:16:23.0671 0x05c0  [ F3370C98F4981EDA6036689D298E67B9, E003ACCF1FEB1DF3C01BA494CC21449990249424967BFD5509949FA1D8A1E072 ] C:\WINDOWS\system32\browselc.dll

20:16:23.0671 0x05c0  C:\WINDOWS\system32\browselc.dll - ok

20:16:23.0687 0x05c0  [ BF67AC2C1F41BE892B98E9B8E91C0CB8, 431B0C05C1243864CBECE189400EC8BE7C1ABEE37360C40FED40C66051D01F3D ] C:\WINDOWS\system32\wiashext.dll

20:16:23.0687 0x05c0  C:\WINDOWS\system32\wiashext.dll - ok

20:16:23.0703 0x05c0  [ 3CAEAE7608F1BD7BA873A3B02895B106, DE36C4371FC88EE006C9F6914EB98654491D9ED90A1CEFC3D5D0C40D51FB6A6F ] C:\WINDOWS\system32\sti.dll

20:16:23.0703 0x05c0  C:\WINDOWS\system32\sti.dll - ok

20:16:23.0703 0x05c0  [ 0E876FC0327377F08657A1A0383DDA59, 679B53443BDEC1F900EDAEB56B6312E92F4F6FA0F605D44A67393F88E72041C2 ] C:\WINDOWS\system32\wiadefui.dll

20:16:23.0703 0x05c0  C:\WINDOWS\system32\wiadefui.dll - ok

20:16:23.0718 0x05c0  [ 30693433E65CC95B63C7BB69E0A23140, 8B2B6D471D75228E3EAD2C31BBBBA0B55927EA43C16350A984596E245C64777C ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll

20:16:23.0718 0x05c0  C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok

20:16:23.0734 0x05c0  [ 5E28284F9B5F9097640D58A73D38AD4C, 865F34FE7BA81E9622DDBDFC511547D190367BBF3DAD21CEB6DA3EEC621044F5 ] C:\WINDOWS\system32\notepad.exe

20:16:23.0734 0x05c0  C:\WINDOWS\system32\notepad.exe - ok

20:16:23.0750 0x05c0  [ B2764E34DD2D5DAB113C2AF3F7315FA9, 0AEC86667EDF6C1BBACA1AB98565D06C8A24DD9215F973C9E7ED5633346AACB3 ] C:\Program Files\WinRAR\RarExt.dll

20:16:23.0750 0x05c0  C:\Program Files\WinRAR\RarExt.dll - ok

20:16:23.0765 0x05c0  [ 03B4CDA2916772DC213FE4D53FBE852C, 9233B08616A3B3802BAE13745DDFB3B92CA436F25C1A94AF0429EC433A9C4FCF ] C:\Program Files\Tomabo\MP4 Player\MP4P_WS.dll

20:16:23.0765 0x05c0  C:\Program Files\Tomabo\MP4 Player\MP4P_WS.dll - ok

20:16:23.0765 0x05c0  [ 4D0689E8EF0812FCA14B4A15D3281C0C, B85F0B32BDAF5B0CA726830258AAEDBFC4A58837545499DE966BC3F832ACA582 ] C:\Program Files\Tomabo\MP4 Player\MP4C_WS.dll

20:16:23.0765 0x05c0  C:\Program Files\Tomabo\MP4 Player\MP4C_WS.dll - ok

20:16:23.0765 0x05c0  [ 95151D7903FEF5F221A3B5BE603E69BF, E13C483C06F750A15DE2791EA744A79FE5A636775BF35864648F8685FA41AC4B ] C:\Program Files\7-Zip\7-zip.dll

20:16:23.0765 0x05c0  C:\Program Files\7-Zip\7-zip.dll - ok

20:16:23.0765 0x05c0  [ 84180917AAB55EE4392C54E0E0BD4022, F9C0F7A48C26BFF4591326E2FEC6DB342AA97903B0897317D8C7BD973DDFB82C ] C:\Program Files\Google\Update\1.3.24.15\psmachine.dll

20:16:23.0765 0x05c0  C:\Program Files\Google\Update\1.3.24.15\psmachine.dll - ok

20:16:23.0781 0x05c0  [ 36FB831C6BDA449730DEAD22901C7FC0, 92F172DC44BDD6A3638FCEA6422BCCBEEFA83DFE6A585DA075160BE711A55D70 ] C:\WINDOWS\srchasst\srchui.dll

20:16:23.0781 0x05c0  C:\WINDOWS\srchasst\srchui.dll - ok

20:16:23.0796 0x05c0  [ F7B835130EA8A6D900ED425CFF42E394, DEE50E01845136E3EE2DC8FDF33E42CF8D3A0033F7B6A531A723E337EF28F567 ] C:\WINDOWS\srchasst\srchctls.dll

20:16:23.0796 0x05c0  C:\WINDOWS\srchasst\srchctls.dll - ok

20:16:23.0796 0x05c0  [ 41E107E57DD21B2A119709F0BB8CE576, 55A3E26220DBFEA3802E26ED2943B8AA95DFB3F0ED66248C7C600DC97F4D7B4C ] C:\WINDOWS\system32\dfshim.dll

20:16:23.0796 0x05c0  C:\WINDOWS\system32\dfshim.dll - ok

20:16:23.0796 0x05c0  [ 08A73B0E7EE6E32983B5F9E540A8E380, D9FC89B19C9131C2246D82942D5E6A09F20CB488C26EF007695F1CABB53C8F91 ] C:\WINDOWS\system32\mscoree.dll

20:16:23.0796 0x05c0  C:\WINDOWS\system32\mscoree.dll - ok

20:16:23.0812 0x05c0  [ 3C002CA943FEED92DF2801CE7AB34173, E690373046D4804E6BAEA0A1F1833C4B872A5D99DA1713F53638FCBCF572C6E5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll

20:16:23.0812 0x05c0  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll - ok

20:16:23.0843 0x05c0  [ 60F36ED5A02B41F9F60CB29D88A9CD01, 15745EB7355A350C9414BBF2054155EDE054088EB17A8F121632EB3EB8AC72F0 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

20:16:23.0843 0x05c0  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

20:16:23.0843 0x05c0  [ F759A6E14403BC3D7A55CCAD1B8F7B4A, 02582ABA263459D942D3EC80C2B88CEC6805DC19AF8959858779C95E9C6E7887 ] C:\WINDOWS\system32\hticons.dll

20:16:23.0843 0x05c0  C:\WINDOWS\system32\hticons.dll - ok

20:16:23.0843 0x05c0  [ 165AE7A443F2139DD2C078AD87699F91, 7DAA39FA20AA399548FE907B0614D9AA88A2FF9C0FA7E40F51BE7A0395AF31FB ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL

20:16:23.0843 0x05c0  C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok

20:16:23.0859 0x05c0  [ 1C22A3866112ED41E1F3684DAE9AD5D2, 621989160B8DCE383242FA844CA63557F7BCD4520335E7EA1AF85E7720A760CA ] C:\WINDOWS\system32\mmcshext.dll

20:16:23.0859 0x05c0  C:\WINDOWS\system32\mmcshext.dll - ok

20:16:23.0875 0x05c0  [ 72B419C3BC8BDB4D689B2007AD2289BB, 0498CB77544C66479311CEE6E5A72E7B66596934986C88379F48C0FC451A3A55 ] C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL

20:16:23.0875 0x05c0  C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL - ok

20:16:23.0875 0x05c0  [ D3E868700D9B5E3C54B7EED060215CC1, C066B0E63815018D6D345CE5DABD443C5CDA73200601FB51F67C602A4133A2C5 ] C:\WINDOWS\system32\hhsetup.dll

20:16:23.0875 0x05c0  C:\WINDOWS\system32\hhsetup.dll - ok

20:16:23.0890 0x05c0  [ 818DD7B94AF1CF471DA45FBF71513C03, CBEDCB2FACB4B304A6006EBC4E948E327A27890E29B6A36CA00DF8F9A300CD53 ] C:\Program Files\Common Files\System\MSMAPI\1033\MSMAPI32.DLL

20:16:23.0890 0x05c0  C:\Program Files\Common Files\System\MSMAPI\1033\MSMAPI32.DLL - ok

20:16:23.0890 0x05c0  [ 93DB693542F4C01BD4F63322CC4C676F, C18B7F8F99D7E0646508A71E159A7BB25CE97130E20F72F15334EB786365BCF8 ] C:\Program Files\Common Files\System\MSMAPI\1033\MAPIR.DLL

20:16:23.0890 0x05c0  C:\Program Files\Common Files\System\MSMAPI\1033\MAPIR.DLL - ok

20:16:23.0906 0x05c0  [ E518B7E8B372EE8DC9868946FAA8C4C4, CB8254A3932456B741B1223678A1866A7BBDA4D41EFB20E8ACE975512034CDE1 ] C:\WINDOWS\system32\fontext.dll

20:16:23.0906 0x05c0  C:\WINDOWS\system32\fontext.dll - ok

20:16:23.0906 0x05c0  [ C3200506FB212A0F4FB736A80E646C40, 19D041704CB052BD52BD0DFD70E66E7A55EDEE56888DEEF56A9739476AF91944 ] C:\WINDOWS\system32\lz32.dll

20:16:23.0906 0x05c0  C:\WINDOWS\system32\lz32.dll - ok

20:16:23.0906 0x05c0  [ C444B433A340C24B51A2DACE9D13FC70, 32DF665A6267231245235CC90CC17BC8F9869642D2D848E6FC8F9A417BA570FD ] C:\WINDOWS\system32\zipfldr.dll

20:16:23.0906 0x05c0  C:\WINDOWS\system32\zipfldr.dll - ok

20:16:23.0921 0x05c0  [ 8FE89FFC1AD38E9BC2F5B67769CBA6EC, 595CD3B9AE0EF9EE979D0655947A452E3CCC183EF0E90F14005AC52616E64487 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXEV.DLL

20:16:23.0921 0x05c0  C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXEV.DLL - ok

20:16:23.0937 0x05c0  [ 36BA8022693AF7E967359FF3F97531D7, 0A2CFF6BFF40C0FBC1C1ECED08DA5795639BEE2B2E7303BE23074AAC96EED005 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll

20:16:23.0937 0x05c0  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll - ok

20:16:23.0953 0x05c0  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Documents and Settings\Administrator\My Documents\Downloads\tdsskiller.exe

20:16:23.0953 0x05c0  C:\Documents and Settings\Administrator\My Documents\Downloads\tdsskiller.exe - ok

20:16:23.0953 0x05c0  [ EA3AF33A9341B88D23FDC20D6EC826FE, 8EE4CE240B037D81CE2C90DEB27F91CED8F77EB595CD4C4CD8BA206AD0E24685 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll

20:16:23.0953 0x05c0  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll - ok

20:16:23.0953 0x05c0  [ 219AF0F9A54EBEEB3E7E20025D801034, B1E5607C27A7475FFF843428F2FBFA85ACA9829D8AA218CB1AB7B8E108F74DD7 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll

20:16:23.0953 0x05c0  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok

20:16:23.0953 0x05c0  [ 327DE7A9766CC9AA302C8D7F3925C8CE, 79BC5889E52A07637B23B5BB0B03F90EC1D4EB169BDC4788780463943F4CEB24 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll

20:16:23.0953 0x05c0  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll - ok

20:16:23.0968 0x05c0  [ 1CCE844C2835F33EC15A9A8D30341C9F, 92B0CEBC7F58E279EA6B1B7E60C2D42E82F65DA525F8EC021DD271C582BFF4E8 ] C:\WINDOWS\system32\occache.dll

20:16:23.0968 0x05c0  C:\WINDOWS\system32\occache.dll - ok

20:16:23.0984 0x05c0  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{43529826-9C23-42B6-9E3E-0C2480BDFBC7}.tmp

20:16:23.0984 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{43529826-9C23-42B6-9E3E-0C2480BDFBC7}.tmp - ok

20:16:24.0000 0x05c0  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{0B8A229D-8A33-46EA-A4B4-B6D45158600C}.tmp

20:16:24.0000 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{0B8A229D-8A33-46EA-A4B4-B6D45158600C}.tmp - ok

20:16:24.0000 0x05c0  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{6A0778AE-6233-4927-A067-B007B3E49E87}.tmp

20:16:24.0000 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{6A0778AE-6233-4927-A067-B007B3E49E87}.tmp - ok

20:16:24.0015 0x05c0  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{15A97933-C369-4740-8B27-70478C6655CF}.tmp

20:16:24.0031 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{15A97933-C369-4740-8B27-70478C6655CF}.tmp - ok

20:16:24.0031 0x05c0  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{AE1D81AB-1C1C-45F0-BD92-F9370F6FCAD7}.tmp

20:16:24.0031 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{AE1D81AB-1C1C-45F0-BD92-F9370F6FCAD7}.tmp - ok

20:16:24.0031 0x05c0  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{E26C983B-ADDE-49BA-B6BD-E3C1BAD90F0F}.tmp

20:16:24.0031 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{E26C983B-ADDE-49BA-B6BD-E3C1BAD90F0F}.tmp - ok

20:16:24.0046 0x05c0  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{0A142EBF-3F07-44E8-96AB-4EE190D50ADF}.tmp

20:16:24.0046 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{0A142EBF-3F07-44E8-96AB-4EE190D50ADF}.tmp - ok

20:16:24.0078 0x05c0  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{55F78ABA-47D4-4E22-B01E-ABA092529AA4}.tmp

20:16:24.0078 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{55F78ABA-47D4-4E22-B01E-ABA092529AA4}.tmp - ok

20:16:24.0078 0x05c0  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{C7D77973-49E3-4259-BCC9-1242E523B61E}.tmp

20:16:24.0078 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{C7D77973-49E3-4259-BCC9-1242E523B61E}.tmp - ok

20:16:24.0093 0x05c0  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{047A8505-8954-40E1-BC06-D01A9189D60F}.tmp

20:16:24.0093 0x05c0  C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{8DAFE043-D495-403C-AA30-5889B1320315}\{047A8505-8954-40E1-BC06-D01A9189D60F}.tmp - ok

20:16:24.0093 0x05c0  ================ Scan generic autorun ======================

20:16:24.0250 0x05c0  [ 27183319E0A2D914390ED1CB147DA2D0, E414920A1BC3D00F46F501D841FD7E356B6C552431EDACA5C71BBE6FA27AE254 ] C:\WINDOWS\system32\WLTRAY.exe

20:16:24.0437 0x05c0  Broadcom Wireless Manager UI - detected UnsignedFile.Multi.Generic ( 1 )

20:16:29.0515 0x05c0  Detect skipped due to KSN trusted

20:16:29.0515 0x05c0  Broadcom Wireless Manager UI - ok

20:16:29.0609 0x05c0  [ A45074E85BB55EA0524F0067F00DD980, 8D410BAF9960907CBE0136C924B98EC7CC2413DDA0BF284DB731901EDD423A84 ] C:\Program Files\IDT\WDM\sttray.exe

20:16:29.0687 0x05c0  SysTrayApp - ok

20:16:29.0781 0x05c0  [ 6C03AE4B4605294928FB4BBD786B3277, 0ABA16FDE90CF1B7C3529D475985A1F49BAE5F8AB864FC46D892523F9699A465 ] C:\WINDOWS\system32\AESTFltr.exe

20:16:29.0828 0x05c0  AESTFltr - ok

20:16:29.0843 0x05c0  NvCplDaemon - ok

20:16:29.0843 0x05c0  nwiz - ok

20:16:29.0843 0x05c0  NVHotkey - ok

20:16:29.0843 0x05c0  NvMediaCenter - ok

20:16:29.0937 0x05c0  [ 9B9A7EBA37DB81D9D9F9E4A83A09BF4A, DD3FB997E6047E8D358668BBFC41404863486E640381BE2C038F5D19F6F93266 ] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDellB.exe

20:16:29.0968 0x05c0  Dell Webcam Central - detected UnsignedFile.Multi.Generic ( 1 )

20:16:34.0671 0x05c0  Detect skipped due to KSN trusted

20:16:34.0671 0x05c0  Dell Webcam Central - ok

20:16:34.0734 0x05c0  [ 186C9D39541CC0DFFCC454F79AA0B0BF, 71D333B9037362650E5E4DBF4EFA3CFD49034C53F27C7FFDE8DE6149ADB6471D ] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

20:16:34.0750 0x05c0  PDVDDXSrv - ok

20:16:34.0828 0x05c0  [ 8F64B17B4E000081C70393C24292F034, 5D6CA360E63A8AAF86D31AF182BE4CC70ED5C846422704D5480D2E598B2A1BA4 ] C:\Program Files\DellTPad\Apoint.exe

20:16:34.0890 0x05c0  Apoint - ok

20:16:35.0031 0x05c0  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

20:16:35.0140 0x05c0  Adobe ARM - ok

20:16:35.0453 0x05c0  [ 387B8DAC1A99130387DC580864F51D5D, 84E5F2DBC37B8D0DD62E6774993B3BDAEEAC0E8D2C05C889299B6DDCE0BD2929 ] C:\Program Files\Logitech Gaming Software\LCore.exe

20:16:35.0875 0x05c0  Launch LCore - ok

20:16:35.0953 0x05c0  [ 43D083268A0919F3527A2837390BAF63, 58B62697B01B8C9396271A64424178691FA85D4625DAF2AC8DE7F06A64F64C2A ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

20:16:35.0984 0x05c0  ISUSPM - ok

20:16:36.0093 0x05c0  [ B9829EE922823F86D556564E6654D4E9, 4CB956C21B0CC0D15C1DBA8CD359208928AFCD2CED09B29566615E0BD3F4FFD6 ] C:\Documents and Settings\Administrator\Local Settings\Application Data\AOL\AIM\aim.exe

20:16:36.0218 0x05c0  AIM for Windows - ok

20:16:36.0234 0x05c0  Skype - ok

20:16:36.0265 0x05c0  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe

20:16:36.0437 0x05c0  ctfmon.exe - ok

20:16:36.0437 0x05c0  Waiting for KSN requests completion. In queue: 9

20:16:37.0437 0x05c0  Waiting for KSN requests completion. In queue: 9

20:16:38.0437 0x05c0  Waiting for KSN requests completion. In queue: 9

20:16:39.0437 0x05c0  Waiting for KSN requests completion. In queue: 7

20:16:40.0437 0x05c0  Waiting for KSN requests completion. In queue: 7

20:16:41.0437 0x05c0  Waiting for KSN requests completion. In queue: 7

20:16:42.0562 0x05c0  AV detected via SS1: AVG Anti-Virus Free Edition 2012, 2012.0, enabled, updated

20:16:42.0578 0x05c0  Win FW state via NFM: enabled

20:16:47.0406 0x05c0  ============================================================

20:16:47.0406 0x05c0  Scan finished

20:16:47.0406 0x05c0  ============================================================

20:16:47.0421 0x0858  Detected object count: 1

20:16:47.0421 0x0858  Actual detected object count: 1

20:16:52.0312 0x0858  avgtp ( ForgedFile.Multi.Generic ) - skipped by user

20:16:52.0312 0x0858  avgtp ( ForgedFile.Multi.Generic ) - User select action: Skip 



#10 AliciaWestkey

AliciaWestkey
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 08:22 PM

Sorry, I had to delete a lot of stuff that looked unimportnat in that, it was way too long to be posted o.o



#11 AliciaWestkey

AliciaWestkey
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 08:36 PM

Adware Cleaner log - 

 

# AdwCleaner v3.310 - Report created 13/09/2014 at 20:33:53

# Updated 12/09/2014 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Administrator - KASEY-LATITUDE

# Running from : C:\Documents and Settings\Administrator\My Documents\Downloads\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

 

-\\ Mozilla Firefox v

 

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs1\prefs.js ]

 

 

-\\ Google Chrome v37.0.2062.120

 

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

 

*************************

 

AdwCleaner[R0].txt - [12015 octets] - [24/08/2014 12:30:48]

AdwCleaner[R1].txt - [1245 octets] - [13/09/2014 20:25:41]

AdwCleaner[R2].txt - [1305 octets] - [13/09/2014 20:32:46]

AdwCleaner[S0].txt - [12181 octets] - [24/08/2014 12:32:04]

AdwCleaner[S1].txt - [1374 octets] - [13/09/2014 20:33:53]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1434 octets] ##########



#12 AliciaWestkey

AliciaWestkey
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 08:50 PM

Junkware removal tool log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.3 (03.23.2014:1)

OS: Microsoft Windows XP x86

Ran by Administrator on Sat 09/13/2014 at 20:44:30.28

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1078081533-1532298954-1801674531-500\Software\sweetim

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{02FFF8F5-3E58-435B-A5D0-CB416AFE39D0}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{249BCCF7-B1CC-4CAC-AB15-8EF57FC4F650}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C7598D18-AD0D-4AB0-959D-FFF72522EF9E}

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sat 09/13/2014 at 20:48:21.53

Computer was rebooted

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#13 AliciaWestkey

AliciaWestkey
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 08:53 PM

Tempfile remover log - 

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

->Flash cache emptied: 56475 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: TEMP

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56475 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 2402044 bytes

%systemroot%\System32 .tmp files removed: 2577 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 17397 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 134220240 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

 

Emptying RecycleBin. Do not interrupt.

 

RecycleBin emptied: 562597769 bytes

Process complete!

 

Total Files Cleaned = 820.00 mb



#14 AliciaWestkey

AliciaWestkey
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 13 September 2014 - 09:12 PM

Ok, So I think *fingers crossed* i didn't everything properly and gave you guys the most thorough reports i could! I also took a screenshot of my Task Manager (still being at 100%) programs i have open

 

- Aim messenger (would imagine takes almost 0 resources)

- Skype (not actively in a call)

- 1 Live Stream of League of Legends Video game open, and playing.

- + 2 chrome browsers

 

blhablah_zps0f0c2a4c.jpg

 

 

Thank you, once again, my peanut butter fearing friend for helping me and taking time out of your day to assist me! 

I hope I have submitited enough information to find a solution!



#15 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,042 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:21 PM

Posted 14 September 2014 - 10:30 AM

Please post a screen shot of the Processes only.  You may need to make two screen shots in order to post the entire list.  Please post these separately, this can be posted in the same post, just don't combine the two.

 

Click on the Start orb, the type msconfig in the Search box, then right click on it when is appears under Apps., the click on Run as administrator.

 

Under System Configuration click on the Startup Tab and view this to see if there are programs which you don't need at the startup.  If there are, use Mike Lin's Startup Control Panel to remove these from the startup list.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users