[arwier]

suddenly when I click run and type ipconfig it opens the normal window then closes it right away and I am hearing like a typewriter sound from my speakers when I am typing on my keyboard and the computer is running a bit slow. I recently had phone calls from persons claiming to be afilliated with microsoft tech support caliming my computer is sending error messages to them but I didnot give them access to my computer and did not do anything they wanted me to here is the otl file I just got and any help would be greatly appreciated and thank you in advance


OTL logfile created on: 3/7/2014 7:34:41 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 71.60% Memory free
3.85 Gb Paging File | 3.41 Gb Available in Paging File | 88.52% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 52.25 Gb Free Space | 70.11% Space Free | Partition Type: NTFS
Drive E: | 6.00 Gb Total Space | 0.46 Gb Free Space | 7.67% Space Free | Partition Type: NTFS
Drive X: | 18.53 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS
Drive Y: | 18.10 Gb Total Space | 8.55 Gb Free Space | 47.22% Space Free | Partition Type: NTFS
Drive Z: | 18.06 Gb Total Space | 16.60 Gb Free Space | 91.95% Space Free | Partition Type: NTFS

Computer Name: ARTSOLD | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/03/07 19:34:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\desktop\OTL.exe
PRC - [2013/12/18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2001/07/31 09:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014/02/20 18:11:42 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/18 10:46:48 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2012/09/18 10:46:26 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\nielprt.sys -- (nielprt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nielgfx.sys -- (NielGfx)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014/03/07 18:58:21 | 000,039,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E1E87AC9-3D6B-4D40-8664-81F7DDCB222C}\MpKsldb5534e1.sys -- (MpKsldb5534e1)
DRV - [2013/08/27 22:34:27 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2013/04/19 15:27:52 | 000,017,408 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\nnrnstdi.sys -- (nnrnstdi)
DRV - [2013/04/19 15:27:50 | 000,010,240 | ---- | M] (The Nielsen Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\km_filter.sys -- (km_filter)
DRV - [2013/02/13 15:26:02 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2012/09/18 10:46:32 | 000,063,864 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys -- (BstHdDrv)
DRV - [2011/12/26 14:34:30 | 000,010,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ampa.sys -- (ampa)
DRV - [2011/02/14 02:42:36 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2011/02/14 02:42:34 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2011/02/14 02:42:32 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2004/09/17 08:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/03/05 21:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 21:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 21:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 21:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/08/29 03:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem)
DRV - [2003/06/30 17:11:52 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2001/02/28 10:42:44 | 000,034,712 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {2B014730-4077-46FC-87B5-02505DB70D73}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...referrer:source?}
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.tb.ask...or={searchTerms}
IE - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9221F584-BC06-4811-951E-4CCD6D780B19}: "URL" = http://start.mysearc...r=2062670299=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 AE E5 05 45 4D CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {7292B97E-0E48-4BE0-B2F5-F37E93092400}
IE - HKCU\..\SearchScopes\{7292B97E-0E48-4BE0-B2F5-F37E93092400}: "URL" = http://search.yahoo....rtPage?}&fr=ie8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1


FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

[2013/05/09 09:13:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2014/01/25 22:04:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions
[2013/08/15 03:02:42 | 000,000,000 | ---D | M] (WhiteSmoke New) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
[2014/01/25 18:18:34 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2013/08/11 07:37:28 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\searchplugins\conduit.xml
[2014/01/25 18:18:27 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\searchplugins\Mysearchdial.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Call of Gods = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hjjhhaomadclifdoodgbkgdodjbkhkma\0.0.0.2_0\
CHR - Extension: Dragons of Atlantis = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\manlnjcghdempjdpndlcmaaobbighhcf\1.6.1_0\
CHR - Extension: Firing Rage - Shooting Game! = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfbnajlkodkbdljddpmcpicfddnjehhe\1.0_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2002/09/03 10:34:19 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {300BEC06-B743-4D19-86B9-11DC711D7FFB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BYR_AGENT] C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe (LG Electronics)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1341499958296 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1341517241187 (MUWebControl Class)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6085798C-9B35-4FC0-8061-C90547BFC397}: DhcpNameServer = 192.168.0.1
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\251005~1.80\{c16c1~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/05 07:21:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\Shell\AutoRun\command - "" = F:\TL_Bootstrap.exe
O33 - MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\Shell\AutoRun\command - "" = G:\VerizonSWUpgradeAssistantLauncher.exe
O33 - MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe
O33 - MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/03/07 19:34:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2014/03/07 01:39:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe
[2014/03/07 01:39:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe
[2014/02/27 10:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\LogMeIn Rescue Applet
[2014/02/27 08:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Revo Uninstaller
[2014/02/07 03:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2013/11/04 02:17:49 | 005,402,832 | ---- | C] (PC Cleaners) -- C:\Documents and Settings\All Users\Application Data\pclunst.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Owner\*.tmp files -> C:\Documents and Settings\Owner\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/03/07 19:34:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2014/03/07 19:11:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/03/07 19:04:56 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2014/03/07 18:55:22 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2014/03/07 18:55:11 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2014/03/07 18:55:03 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/03/07 18:54:59 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-682003330-1614895754-1801674531-1003.job
[2014/03/07 18:54:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/03/07 18:04:04 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2014/03/07 12:13:55 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/03/07 12:07:59 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/07 01:44:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/03/04 09:16:25 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\GME Tech.env
[2014/03/04 08:52:15 | 000,000,083 | ---- | M] () -- C:\WINDOWS\ImportClient.INI
[2014/03/02 09:09:30 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Sauce.lnk
[2014/03/01 14:51:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-682003330-1614895754-1801674531-1003.job
[2014/03/01 06:43:01 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics Disk Defrag Sheduled Defragmentation.job
[2014/02/27 08:20:15 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Revo Uninstaller.lnk
[2014/02/25 19:59:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe
[2014/02/25 19:59:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe
[2014/02/20 18:11:41 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/02/20 18:11:40 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/02/18 13:04:59 | 000,008,657 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\2013_Online_K40_Filing_Review-WIERTZARTHUR-20140218130439033.pdf
[2014/02/14 14:41:03 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/14 14:41:02 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/13 03:14:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/02/13 03:12:02 | 000,453,882 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/02/13 03:12:02 | 000,074,848 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/02/08 09:27:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2014/02/06 03:54:08 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2014/02/06 03:54:08 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Owner\*.tmp files -> C:\Documents and Settings\Owner\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/03/07 12:08:02 | 000,000,222 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/03/07 12:07:58 | 000,000,216 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/04 09:16:25 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\GME Tech.env
[2014/02/18 13:04:57 | 000,008,657 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\2013_Online_K40_Filing_Review-WIERTZARTHUR-20140218130439033.pdf
[2014/01/25 18:19:04 | 000,000,060 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\WB.CFG
[2013/10/26 02:01:19 | 000,136,289 | ---- | C] () -- C:\WINDOWS\hpwins10.dat
[2013/10/26 01:58:41 | 000,010,376 | ---- | C] () -- C:\WINDOWS\hpwscr10.dat
[2013/10/26 01:58:41 | 000,001,042 | ---- | C] () -- C:\WINDOWS\hpwmdl10.dat
[2013/05/09 12:14:11 | 000,042,776 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2013/04/19 10:57:55 | 000,002,395 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2013/03/22 23:58:46 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ImportClient.INI
[2013/03/22 23:32:13 | 000,116,640 | ---- | C] () -- C:\WINDOWS\System32\Ptsaci40.dll
[2013/03/22 23:32:13 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\Ptabimp3.exe
[2013/03/18 23:32:32 | 000,010,936 | ---- | C] () -- C:\WINDOWS\System32\ampa.sys
[2013/03/18 23:32:31 | 001,421,752 | ---- | C] () -- C:\WINDOWS\ampa.exe
[2013/02/26 22:35:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2013/02/26 22:35:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2013/02/26 06:56:49 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2013/02/26 06:56:46 | 000,000,913 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2013/02/26 06:56:45 | 000,007,406 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2012/07/05 13:37:59 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\FASTWiz.html
[2012/07/05 10:14:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/07/05 07:23:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/05 07:18:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/07/05 02:12:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/07/05 02:10:58 | 000,228,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2012/07/05 11:45:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2012/04/20 13:29:52 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/14 04:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

[Advertisements]

Hello and welcome to Geeks to Go! My nickname is Pystryker , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you

• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  
• Please subscribe to this topic. By subscribing, the board will notify you when a new reply is added to your topic. You can find instructions on how to do that by clicking here.

• If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  
  
• Please read through my instructions carefully and completely before executing them.
  
• Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  
• Please make sure you print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  
• Please read through my instructions carefully and make sure you complete them from start to finish. I will make sure that I lay the instructions out in a step by step order to make them easy to follow
  
• This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  
• Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  
• Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  
• It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  
• If possible, please have your original Windows installation disks handy, just in case.
  
• If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  
• If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  
• Please copy and paste the contents of any requested logs in your replies. Do not attach the log files in your replies unless requested to do so.
  
• Please remember, the fixes are for your machine and your machine ONLY!

Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future

Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.

Now, let's get started, shall we?

suddenly when I click run and type ipconfig it opens the normal window then closes it right away

You need to be at a command prompt to use ipconfig properly.

There should be another log that was produced when you first ran OTL called Extras.txt and it will be located in the same place as where you ran OTL from. In this case here: C:\Documents and Settings\Owner\Desktop

Please post that log in your next reply along with the other logs that will be produced. In the meantime, please follow the steps below.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: OTL Fix

Let's run an OTL fix:

Warning: This fix is to be used on this system and this system ONLY. Using this fix on any other machine other than yours can seriously damage it.

Be advised that when the fix commences, it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.

Run OTL by double clicking it (Windows Vista, Windows 7, and 8, right click and select "Run as Administrator)

• Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

:Commands
[createrestorepoint]

:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {2B014730-4077-46FC-87B5-02505DB70D73}
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.tb.ask...r={searchTerms}
IE - HKLM\..\SearchScopes\{9221F584-BC06-4811-951E-4CCD6D780B19}: "URL" = http://start.mysearc...r=2062670299=
[2013/08/15 03:02:42 | 000,000,000 | ---D | M] (WhiteSmoke New) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
[2014/01/25 18:18:34 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2013/08/11 07:37:28 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\searchplugins\conduit.xml
[2014/01/25 18:18:27 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\searchplugins\Mysearchdial.xml
O2 - BHO: (no name) - {300BEC06-B743-4D19-86B9-11DC711D7FFB} - No CLSID value found.
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\251005~1.80\{c16c1~1\browse~1.dll) - File not found
O33 - MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\Shell\AutoRun\command - "" = F:\TL_Bootstrap.exe
O33 - MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\Shell\AutoRun\command - "" = G:\VerizonSWUpgradeAssistantLauncher.exe
O33 - MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe
O33 - MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe

:Commands
[resethosts]
[emptytemp]

• Click the Run Fix button at the top of the OTL control panel.
  
• Let the program run until it's finished and then reboot the computer.
  
• Once your machine has rebooted, a log will open. Please post that log in your next reply.

If you have any problems, questions, or need further explanation, please post a message in this thread and I will get back to you asap.


Step 2: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop

• Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  
• Close any open windows or browsers.
  
• Pause your Anti-Virus program if it is running.
  
• Once it starts, click on the Scan button.
  
• Let the scan complete itself. This may take a few minutes.
  
• Once the scan has finished, "Pending, uncheck elements you don't want to remove." click the Clean button. When finished, it will ask to reboot. Please reboot.
  
• When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
  
• Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.

This report is also saved at C:\AdwCleaner[R0].txt

Step 3: Junkware Removal Tool


Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 4: TDSSKiller


Please download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
  
• Put a checkmark beside loaded modules.
  
  
  
• A reboot will be needed to apply the changes. Do it.
• TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
• Then click on Change parameters in TDSSKiller.
• Check all boxes then click OK.
  
  
• Click the Start Scan button.
  
  
  
• The scan should take no longer than 2 minutes.
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
  
• If malicious objects are found, they will show in the Scan results - Select action for found objects, it will offer three options.
  Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  
  
  
  Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
• A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Things I need to see in your next post:

Extras.txt Log (If available.)

OTL Fix Log

AdwCleaner Log

Junkware Removal Tool Log

TDSSKiller Log

[pystryker]

Hello and welcome to Geeks to Go! My nickname is Pystryker , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you

• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  
• Please subscribe to this topic. By subscribing, the board will notify you when a new reply is added to your topic. You can find instructions on how to do that by clicking here.

• If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  
  
• Please read through my instructions carefully and completely before executing them.
  
• Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  
• Please make sure you print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  
• Please read through my instructions carefully and make sure you complete them from start to finish. I will make sure that I lay the instructions out in a step by step order to make them easy to follow
  
• This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  
• Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  
• Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  
• It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  
• If possible, please have your original Windows installation disks handy, just in case.
  
• If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  
• If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  
• Please copy and paste the contents of any requested logs in your replies. Do not attach the log files in your replies unless requested to do so.
  
• Please remember, the fixes are for your machine and your machine ONLY!

Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future

Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.

Now, let's get started, shall we?

suddenly when I click run and type ipconfig it opens the normal window then closes it right away

You need to be at a command prompt to use ipconfig properly.

There should be another log that was produced when you first ran OTL called Extras.txt and it will be located in the same place as where you ran OTL from. In this case here: C:\Documents and Settings\Owner\Desktop

Please post that log in your next reply along with the other logs that will be produced. In the meantime, please follow the steps below.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: OTL Fix

Let's run an OTL fix:

Warning: This fix is to be used on this system and this system ONLY. Using this fix on any other machine other than yours can seriously damage it.

Be advised that when the fix commences, it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.

Run OTL by double clicking it (Windows Vista, Windows 7, and 8, right click and select "Run as Administrator)

• Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

:Commands
[createrestorepoint]

:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {2B014730-4077-46FC-87B5-02505DB70D73}
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.tb.ask...r={searchTerms}
IE - HKLM\..\SearchScopes\{9221F584-BC06-4811-951E-4CCD6D780B19}: "URL" = http://start.mysearc...r=2062670299=
[2013/08/15 03:02:42 | 000,000,000 | ---D | M] (WhiteSmoke New) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
[2014/01/25 18:18:34 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2013/08/11 07:37:28 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\searchplugins\conduit.xml
[2014/01/25 18:18:27 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\searchplugins\Mysearchdial.xml
O2 - BHO: (no name) - {300BEC06-B743-4D19-86B9-11DC711D7FFB} - No CLSID value found.
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\251005~1.80\{c16c1~1\browse~1.dll) - File not found
O33 - MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\Shell\AutoRun\command - "" = F:\TL_Bootstrap.exe
O33 - MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\Shell\AutoRun\command - "" = G:\VerizonSWUpgradeAssistantLauncher.exe
O33 - MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe
O33 - MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\Shell - "" = AutoRun
O33 - MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe

:Commands
[resethosts]
[emptytemp]

• Click the Run Fix button at the top of the OTL control panel.
  
• Let the program run until it's finished and then reboot the computer.
  
• Once your machine has rebooted, a log will open. Please post that log in your next reply.

If you have any problems, questions, or need further explanation, please post a message in this thread and I will get back to you asap.


Step 2: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop

• Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  
• Close any open windows or browsers.
  
• Pause your Anti-Virus program if it is running.
  
• Once it starts, click on the Scan button.
  
• Let the scan complete itself. This may take a few minutes.
  
• Once the scan has finished, "Pending, uncheck elements you don't want to remove." click the Clean button. When finished, it will ask to reboot. Please reboot.
  
• When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
  
• Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.

This report is also saved at C:\AdwCleaner[R0].txt

Step 3: Junkware Removal Tool


Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 4: TDSSKiller


Please download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
  
• Put a checkmark beside loaded modules.
  
  
  
• A reboot will be needed to apply the changes. Do it.
• TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
• Then click on Change parameters in TDSSKiller.
• Check all boxes then click OK.
  
  
• Click the Start Scan button.
  
  
  
• The scan should take no longer than 2 minutes.
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
  
• If malicious objects are found, they will show in the Scan results - Select action for found objects, it will offer three options.
  Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  
  
  
  Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
• A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Things I need to see in your next post:

Extras.txt Log (If available.)

OTL Fix Log

AdwCleaner Log

Junkware Removal Tool Log

TDSSKiller Log

[arwier]

the extras.txt I do not have because I ran otl once then uninstalled a few junk programs to attempt to clean up some of the issues and when it didn't work I deleted the otl and txt files and then downloaded it again and ran it but it didn't give me a new extras file but here are the other files you aske for

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9221F584-BC06-4811-951E-4CCD6D780B19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9221F584-BC06-4811-951E-4CCD6D780B19}\ not found.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\Plugins folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\modules folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\META-INF folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\lib folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\defaults folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\components folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\sl folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib\jquery.alerts folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\lib folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\core folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\WEATHER folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\TWITTER folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\SEARCH folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\Optimizer folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\wa folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu\img folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\menu folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf\img folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gf folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui\dlg folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ui folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spsd\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spsd folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spbd\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\spbd folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\sp folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\js\resources folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\options folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\msd folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\api folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac\res folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac\img folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\ac folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\aboutBox\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\aboutBox\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al\aboutBox folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb\al folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\tb folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog\js folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall\dialog folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic\uninstall folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content\logic folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847\content folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome\CT3289847 folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\chrome folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a} folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales\en-US folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\searchplugins\Mysearchdial.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{300BEC06-B743-4D19-86B9-11DC711D7FFB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{300BEC06-B743-4D19-86B9-11DC711D7FFB}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\docume~1\alluse~1\applic~1\browse~1\251005~1.80\{c16c1~1\browse~1.dll deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2175b971-624b-11e2-a394-000f1f7ac61c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2175b971-624b-11e2-a394-000f1f7ac61c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2175b971-624b-11e2-a394-000f1f7ac61c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2175b971-624b-11e2-a394-000f1f7ac61c}\ not found.
File F:\TL_Bootstrap.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad33cc34-8fd3-11e3-a368-000f1f7ac61c}\ not found.
File G:\VerizonSWUpgradeAssistantLauncher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d596a76f-8015-11e2-a328-000f1f7ac61c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d596a76f-8015-11e2-a328-000f1f7ac61c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d596a76f-8015-11e2-a328-000f1f7ac61c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d596a76f-8015-11e2-a328-000f1f7ac61c}\ not found.
File G:\TL_Bootstrap.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f117bbec-8c9c-11e2-a329-000f1f7ac61c}\ not found.
File G:\TL_Bootstrap.exe not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57472 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 132970 bytes

User: NetworkService
->Temp folder emptied: 2126314 bytes
->Temporary Internet Files folder emptied: 728646 bytes

User: Owner
->Temp folder emptied: 681095808 bytes
->Temporary Internet Files folder emptied: 19242556 bytes
->FireFox cache emptied: 12310797 bytes
->Google Chrome cache emptied: 228067018 bytes
->Apple Safari cache emptied: 4495360 bytes
->Opera cache emptied: 2016239 bytes
->Flash cache emptied: 102672 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1145933 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16912055 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 517592502 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 63382 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,417.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03082014_093133

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WAALIQZJ\,generator,,servo,controller,dds,usa;lkw=starrett+micrometer+starrett+micrometer+personality+key+k13+battery+lg+octane;cg=63b26f9c1430a5edcdc4bf84f0823113;ord=1389596321971;[1].htm not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WAALIQZJ\;dcopt=ist;tile=1;ot=1;um=9;eb_trk=401317;fbi=11700;sbi=159912;fbo=12576;sbo=92074;fse=58058;sse=;fvi=11700;svi=159912;cg=63b26f9c1430a5edcdc4bf84f0823113;ord=1389596132123;[1].htm not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WAALIQZJ\;dcopt=ist;tile=1;ot=1;um=9;eb_trk=401317;fbi=11700;sbi=159912;fbo=12576;sbo=92074;fse=58058;sse=;fvi=11700;svi=159912;cg=63b26f9c1430a5edcdc4bf84f0823113;ord=1389596286139;[1].htm not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WAALIQZJ\m=9;us=11;eb_trk=175506;pr=22;xp=27;np=22;fbi=11700;sbi=159912;fbo=12576;sbo=92074;fse=58058;sse=;fvi=11700;svi=159912;cg=63b26f9c1430a5edcdc4bf84f0823113;ord=1389596132186;[1].htm not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\WAALIQZJ\m=9;us=11;eb_trk=175506;pr=22;xp=27;np=22;fbi=11700;sbi=159912;fbo=12576;sbo=92074;fse=58058;sse=;fvi=11700;svi=159912;cg=63b26f9c1430a5edcdc4bf84f0823113;ord=1389596132186;[2].htm not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\KY6A976O\m=9;us=11;eb_trk=175506;pr=22;xp=27;np=22;fbi=11700;sbi=159912;fbo=12576;sbo=92074;fse=58058;sse=;fvi=11700;svi=159912;cg=63b26f9c1430a5edcdc4bf84f0823113;ord=1389596286170;[1].htm not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\KY6A976O\m=9;us=11;eb_trk=175506;pr=22;xp=27;np=22;fbi=11700;sbi=159912;fbo=12576;sbo=92074;fse=58058;sse=;fvi=11700;svi=159912;cg=63b26f9c1430a5edcdc4bf84f0823113;ord=1389596286170;[2].htm not found!
File\Folder C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\38F9LGCN\dule,sinetrianglesquare,wave,diy,kit;lkw=starrett+micrometer+starrett+micrometer+personality+key+k13+battery+lg+octane;cg=63b26f9c1430a5edcdc4bf84f0823113;ord=1389596192879;[1].htm not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


# AdwCleaner v3.020 - Report created 08/03/2014 at 09:46:20
# Updated 27/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - ARTSOLD
# Running from : C:\Documents and Settings\Owner\desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\AI_RecycleBin
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Program Files\BearShare Applications
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\File Type Assistant
Folder Deleted : C:\Program Files\OApps
Folder Deleted : C:\WINDOWS\system32\AI_RecycleBin
Folder Deleted : C:\Documents and Settings\LocalService\Application Data\hotspot shield
Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Application Data\FileTypeAssistant
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\FileTypeAssistant
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\iac
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\iLivid
File Deleted : C:\Documents and Settings\Owner\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Documents and Settings\Owner\Desktop\iLivid.lnk
File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\955dedbe76ebf12
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{268CA04C-106C-4636-B707-95E8CD5859E0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C428C4B-C9E2-4B74-B791-88C3FEE48F36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF67755F-9265-449C-87CF-B945519E073B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [C:\Documents and Settings\Owner\Local Settings\Application Data\iLivid\iLivid.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\Owner\Local Settings\Application Data\iLivid\iLivid.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\File Type Assistant\TSAssist.exe]
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\caphyon
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\prefs.js ]

Line Deleted : user_pref("CT3289847.FF19Solved", "true");
Line Deleted : user_pref("CT3289847.UserID", "UN16549575112882484");
Line Deleted : user_pref("CT3289847.fullUserID", "UN16549575112882484.IN.20130815040241");
Line Deleted : user_pref("CT3289847.installDate", "15/08/2013 04:02:41");
Line Deleted : user_pref("CT3289847.installSessionId", "{F63310A3-63B5-410C-81FF-9D1DE1C9CDA1}");
Line Deleted : user_pref("CT3289847.installSp", "false");
Line Deleted : user_pref("CT3289847.installerVersion", "1.6.0.22");
Line Deleted : user_pref("CT3289847.originalHomepage", "about:home");
Line Deleted : user_pref("CT3289847.searchRevert", "false");
Line Deleted : user_pref("CT3289847.searchUserMode", "2");
Line Deleted : user_pref("CT3289847.smartbar.homepage", "true");
Line Deleted : user_pref("CT3289847.versionFromInstaller", "10.16.9.6");
Line Deleted : user_pref("CT3289847.xpeMode", "0");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN16549575112882484&UM=2&SearchSource=13");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.machineId", "Z86AFVEVZMVPGCTWSMJXN+OJL5RJQGP+P09NBZM9/7NDCWQEIUZZDMFZ07DOHVA0MBPNC1S4H+5Z9JDMDPIIXG");
Line Deleted : user_pref("CT3289847.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");

-\\ Google Chrome v33.0.1750.146

[ File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6807 octets] - [08/03/2014 09:43:31]
AdwCleaner[S0].txt - [6709 octets] - [08/03/2014 09:46:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6769 octets] ##########



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by Owner on Sat 03/08/2014 at 10:03:20.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7561261EA855B284BA87796570DE5642
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 03/08/2014 at 10:08:33.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



10:18:40.0765 0x07b0 TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
10:18:42.0562 0x07b0 ============================================================
10:18:42.0562 0x07b0 Current date / time: 2014/03/08 10:18:42.0562
10:18:42.0562 0x07b0 SystemInfo:
10:18:42.0562 0x07b0
10:18:42.0562 0x07b0 OS Version: 5.1.2600 ServicePack: 3.0
10:18:42.0562 0x07b0 Product type: Workstation
10:18:44.0953 0x07b0 ComputerName: ARTSOLD
10:18:44.0953 0x07b0 UserName: Owner
10:18:44.0953 0x07b0 Windows directory: C:\WINDOWS
10:18:44.0953 0x07b0 System windows directory: C:\WINDOWS
10:18:44.0953 0x07b0 Processor architecture: Intel x86
10:18:44.0953 0x07b0 Number of processors: 1
10:18:44.0953 0x07b0 Page size: 0x1000
10:18:44.0953 0x07b0 Boot type: Normal boot
10:18:44.0968 0x07b0 ============================================================
10:18:44.0968 0x07b0 BG loaded
10:18:59.0171 0x07b0 System UUID: {142DDDC1-4FD7-7F02-758D-9645A1318E59}
10:19:58.0171 0x07b0 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:19:58.0328 0x07b0 Drive \Device\Harddisk1\DR1 - Size: 0x1805E2000 (6.01 Gb), SectorSize: 0x200, Cylinders: 0x310, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:19:58.0359 0x07b0 ============================================================
10:19:58.0359 0x07b0 \Device\Harddisk0\DR0:
10:19:58.0468 0x07b0 MBR partitions:
10:19:58.0468 0x07b0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
10:19:58.0468 0x07b0 \Device\Harddisk1\DR1:
10:19:58.0562 0x07b0 MBR partitions:
10:19:58.0562 0x07b0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBFF3C1
10:19:58.0562 0x07b0 ============================================================
10:19:58.0968 0x07b0 C: <-> \Device\Harddisk0\DR0\Partition1
10:19:59.0093 0x07b0 E: <-> \Device\Harddisk1\DR1\Partition1
10:19:59.0937 0x07b0 ============================================================
10:19:59.0937 0x07b0 Initialize success
10:19:59.0937 0x07b0 ============================================================
10:22:02.0906 0x0fd4 ============================================================
10:22:02.0906 0x0fd4 Scan started
10:22:02.0906 0x0fd4 Mode: Manual; SigCheck; TDLFS;
10:22:02.0906 0x0fd4 ============================================================
10:22:02.0906 0x0fd4 KSN ping started
10:22:05.0640 0x0fd4 KSN ping finished: true
10:22:07.0250 0x0fd4 ================ Scan system memory ========================
10:22:07.0250 0x0fd4 System memory - ok
10:22:07.0250 0x0fd4 ================ Scan services =============================
10:22:07.0593 0x0fd4 Abiosdsk - ok
10:22:07.0609 0x0fd4 abp480n5 - ok
10:22:07.0687 0x0fd4 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:22:09.0640 0x0fd4 ACPI - ok
10:22:09.0765 0x0fd4 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:22:09.0953 0x0fd4 ACPIEC - ok
10:22:10.0078 0x0fd4 [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:22:10.0125 0x0fd4 AdobeFlashPlayerUpdateSvc - ok
10:22:10.0140 0x0fd4 adpu160m - ok
10:22:10.0203 0x0fd4 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:22:10.0390 0x0fd4 aec - ok
10:22:10.0437 0x0fd4 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:22:10.0531 0x0fd4 AFD - ok
10:22:10.0546 0x0fd4 Aha154x - ok
10:22:10.0562 0x0fd4 aic78u2 - ok
10:22:10.0578 0x0fd4 aic78xx - ok
10:22:10.0625 0x0fd4 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:22:10.0796 0x0fd4 Alerter - ok
10:22:10.0843 0x0fd4 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
10:22:10.0937 0x0fd4 ALG - ok
10:22:10.0937 0x0fd4 AliIde - ok
10:22:11.0015 0x0fd4 [ FE62E9711285DC2002DEF9B2BC2FB220, 2AEC5309E24D1770329774E66FB588E13DD3AAD2724A41AC1D1832E6123D590F ] ampa C:\WINDOWS\system32\ampa.sys
10:22:11.0218 0x0fd4 ampa - detected UnsignedFile.Multi.Generic ( 1 )
10:22:13.0687 0x0fd4 Detect skipped due to KSN trusted
10:22:13.0687 0x0fd4 ampa - ok
10:22:13.0703 0x0fd4 amsint - ok
10:22:13.0718 0x0fd4 AppMgmt - ok
10:22:13.0734 0x0fd4 asc - ok
10:22:13.0750 0x0fd4 asc3350p - ok
10:22:13.0765 0x0fd4 asc3550 - ok
10:22:13.0953 0x0fd4 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:22:14.0000 0x0fd4 aspnet_state - ok
10:22:14.0078 0x0fd4 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:22:14.0265 0x0fd4 AsyncMac - ok
10:22:14.0312 0x0fd4 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:22:14.0500 0x0fd4 atapi - ok
10:22:14.0515 0x0fd4 Atdisk - ok
10:22:14.0546 0x0fd4 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:22:14.0734 0x0fd4 Atmarpc - ok
10:22:14.0796 0x0fd4 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:22:14.0984 0x0fd4 AudioSrv - ok
10:22:15.0046 0x0fd4 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:22:15.0265 0x0fd4 audstub - ok
10:22:15.0343 0x0fd4 [ B60F57B4D9CDBC663CC03EB8AF7EC34E, 4D4DC5D2A332C2ECDAD22CAB5FE827761FBEDA1D3ED0FA0BF34016E230505421 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
10:22:15.0421 0x0fd4 bcm4sbxp - ok
10:22:15.0906 0x0fd4 [ 41347688046D49CDE0F6D138A534F73D, 3EF4157B47C103BC289E9C2BBDC2EFF3961EEAD0C40509076064FF7B9E75FF22 ] BCMModem C:\WINDOWS\system32\DRIVERS\BCMSM.sys
10:22:16.0718 0x0fd4 BCMModem - ok
10:22:16.0781 0x0fd4 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:22:16.0968 0x0fd4 Beep - ok
10:22:17.0203 0x0fd4 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
10:22:17.0421 0x0fd4 BITS - ok
10:22:17.0468 0x0fd4 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
10:22:17.0578 0x0fd4 Browser - ok
10:22:17.0765 0x0fd4 [ AD03E900B06A20E5EB89D44422575C23, D71357BA58E619F7C4A4B8300EC25F2C4003F605090EEB3BBE5E8441D19B85CC ] BstHdAndroidSvc C:\Program Files\BlueStacks\HD-Service.exe
10:22:17.0812 0x0fd4 BstHdAndroidSvc - ok
10:22:17.0875 0x0fd4 [ D17FB2DD3175A03BE7FC0DBEAC073F76, 2759F4770599FD4AC0767F0762E2C820EFF5619535157B83BB90D1FC9C327C92 ] BstHdDrv C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys
10:22:17.0890 0x0fd4 BstHdDrv - ok
10:22:18.0156 0x0fd4 [ 0196BB164649911260339C6C27AC1511, 4B4E322BAA1F876C843D388FE27BA7126A7F21A78FBF8131F826173780002DC2 ] BstHdLogRotatorSvc C:\Program Files\BlueStacks\HD-LogRotatorService.exe
10:22:18.0187 0x0fd4 BstHdLogRotatorSvc - ok
10:22:18.0234 0x0fd4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:22:19.0031 0x0fd4 cbidf2k - ok
10:22:19.0046 0x0fd4 cd20xrnt - ok
10:22:19.0078 0x0fd4 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:22:19.0265 0x0fd4 Cdaudio - ok
10:22:19.0312 0x0fd4 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:22:19.0500 0x0fd4 Cdfs - ok
10:22:19.0531 0x0fd4 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:22:19.0734 0x0fd4 Cdrom - ok
10:22:19.0734 0x0fd4 Changer - ok
10:22:19.0796 0x0fd4 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:22:20.0015 0x0fd4 CiSvc - ok
10:22:20.0078 0x0fd4 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:22:20.0312 0x0fd4 ClipSrv - ok
10:22:20.0359 0x0fd4 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:22:20.0406 0x0fd4 clr_optimization_v2.0.50727_32 - ok
10:22:20.0421 0x0fd4 CmdIde - ok
10:22:20.0437 0x0fd4 COMSysApp - ok
10:22:20.0468 0x0fd4 Cpqarray - ok
10:22:20.0531 0x0fd4 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:22:20.0734 0x0fd4 CryptSvc - ok
10:22:20.0750 0x0fd4 dac2w2k - ok
10:22:20.0750 0x0fd4 dac960nt - ok
10:22:20.0859 0x0fd4 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:22:21.0000 0x0fd4 DcomLaunch - ok
10:22:21.0062 0x0fd4 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:22:21.0234 0x0fd4 Dhcp - ok
10:22:21.0281 0x0fd4 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:22:21.0484 0x0fd4 Disk - ok
10:22:21.0500 0x0fd4 dmadmin - ok
10:22:21.0812 0x0fd4 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:22:22.0171 0x0fd4 dmboot - ok
10:22:22.0281 0x0fd4 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:22:22.0468 0x0fd4 dmio - ok
10:22:22.0531 0x0fd4 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:22:22.0734 0x0fd4 dmload - ok
10:22:22.0796 0x0fd4 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
10:22:23.0015 0x0fd4 dmserver - ok
10:22:23.0078 0x0fd4 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:22:23.0265 0x0fd4 DMusic - ok
10:22:23.0312 0x0fd4 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:22:23.0390 0x0fd4 Dnscache - ok
10:22:23.0484 0x0fd4 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:22:23.0640 0x0fd4 Dot3svc - ok
10:22:23.0656 0x0fd4 dpti2o - ok
10:22:23.0703 0x0fd4 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:22:23.0906 0x0fd4 drmkaud - ok
10:22:23.0968 0x0fd4 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:22:24.0140 0x0fd4 EapHost - ok
10:22:24.0203 0x0fd4 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:22:24.0390 0x0fd4 ERSvc - ok
10:22:24.0437 0x0fd4 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
10:22:24.0500 0x0fd4 Eventlog - ok
10:22:24.0578 0x0fd4 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\System32\es.dll
10:22:24.0687 0x0fd4 EventSystem - ok
10:22:24.0734 0x0fd4 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:22:24.0937 0x0fd4 Fastfat - ok
10:22:25.0000 0x0fd4 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:22:25.0062 0x0fd4 FastUserSwitchingCompatibility - ok
10:22:25.0093 0x0fd4 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:22:25.0281 0x0fd4 Fdc - ok
10:22:25.0328 0x0fd4 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:22:25.0500 0x0fd4 Fips - ok
10:22:25.0531 0x0fd4 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:22:25.0703 0x0fd4 Flpydisk - ok
10:22:25.0750 0x0fd4 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:22:25.0968 0x0fd4 FltMgr - ok
10:22:26.0093 0x0fd4 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:22:26.0109 0x0fd4 FontCache3.0.0.0 - ok
10:22:26.0140 0x0fd4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:22:26.0328 0x0fd4 Fs_Rec - ok
10:22:26.0375 0x0fd4 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:22:26.0578 0x0fd4 Ftdisk - ok
10:22:26.0625 0x0fd4 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:22:26.0796 0x0fd4 Gpc - ok
10:22:26.0937 0x0fd4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:22:26.0953 0x0fd4 gupdate - ok
10:22:26.0968 0x0fd4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:22:26.0984 0x0fd4 gupdatem - ok
10:22:27.0078 0x0fd4 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:22:27.0281 0x0fd4 helpsvc - ok
10:22:27.0296 0x0fd4 HidServ - ok
10:22:27.0343 0x0fd4 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:22:27.0531 0x0fd4 HidUsb - ok
10:22:27.0562 0x0fd4 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:22:27.0750 0x0fd4 hkmsvc - ok
10:22:27.0765 0x0fd4 hpn - ok
10:22:27.0890 0x0fd4 [ AF81F7BA6A09119006FE041A2F2F3ECE, 3488569086A851CEC0946601C4287A7C83BE6CB82F0160F5817C873A3B16FAFA ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:22:27.0921 0x0fd4 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
10:22:30.0640 0x0fd4 Detect skipped due to KSN trusted
10:22:30.0640 0x0fd4 hpqcxs08 - ok
10:22:30.0671 0x0fd4 [ 7244F63DB8EA883B3DC8E730C645D073, DB83BA959D06945CEF5CC41EDF6DBBBA5691A2F52BA1BF507B79E22A0EED7FF8 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:22:30.0687 0x0fd4 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
10:22:33.0312 0x0fd4 Detect skipped due to KSN trusted
10:22:33.0312 0x0fd4 hpqddsvc - ok
10:22:33.0359 0x0fd4 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:22:33.0656 0x0fd4 HPZid412 - ok
10:22:33.0703 0x0fd4 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:22:33.0734 0x0fd4 HPZipr12 - ok
10:22:33.0765 0x0fd4 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:22:33.0812 0x0fd4 HPZius12 - ok
10:22:33.0859 0x0fd4 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:22:33.0921 0x0fd4 HTTP - ok
10:22:34.0000 0x0fd4 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:22:34.0203 0x0fd4 HTTPFilter - ok
10:22:34.0218 0x0fd4 i2omgmt - ok
10:22:34.0234 0x0fd4 i2omp - ok
10:22:34.0281 0x0fd4 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:22:34.0468 0x0fd4 i8042prt - ok
10:22:34.0562 0x0fd4 [ 44B7D5A4F2BD9FE21AEA0BB0BACE38C4, D371103E752EF852BEDE330AB23EED4BFFD4150961EC377B03D69D871368F144 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
10:22:34.0718 0x0fd4 ialm - ok
10:22:34.0828 0x0fd4 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:22:34.0937 0x0fd4 idsvc - ok
10:22:34.0984 0x0fd4 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:22:35.0156 0x0fd4 Imapi - ok
10:22:35.0187 0x0fd4 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\System32\imapi.exe
10:22:35.0359 0x0fd4 ImapiService - ok
10:22:35.0375 0x0fd4 ini910u - ok
10:22:35.0500 0x0fd4 [ 7509C548400F4C9E0211E3F6E66ABBE6, 10884F759DE3EE38F93EF74202B0DBDA3CC5D5E7532E361DC33385D4CC18B659 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys
10:22:35.0625 0x0fd4 IntelC51 - ok
10:22:35.0687 0x0fd4 [ 9584FFDD41D37F2C239681D0DAC2513E, AB48DA5AA95C2D1F6C06EEF6635CC7DBCA64F90A5219E0A1501D46D5CD2944FA ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys
10:22:35.0781 0x0fd4 IntelC52 - ok
10:22:35.0828 0x0fd4 [ DE2686C0E012E6AE24ACD6E79EB7FF5D, 9951F93F524C4FB26961006DE500CF93CFFA33C37F73CE398B92F0F840775FB3 ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys
10:22:35.0875 0x0fd4 IntelC53 - ok
10:22:35.0906 0x0fd4 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
10:22:36.0062 0x0fd4 IntelIde - ok
10:22:36.0140 0x0fd4 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:22:36.0296 0x0fd4 intelppm - ok
10:22:36.0328 0x0fd4 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:22:36.0484 0x0fd4 ip6fw - ok
10:22:36.0515 0x0fd4 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:22:36.0671 0x0fd4 IpFilterDriver - ok
10:22:36.0703 0x0fd4 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:22:36.0859 0x0fd4 IpInIp - ok
10:22:36.0890 0x0fd4 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:22:37.0062 0x0fd4 IpNat - ok
10:22:37.0093 0x0fd4 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:22:37.0265 0x0fd4 IPSec - ok
10:22:37.0281 0x0fd4 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:22:37.0359 0x0fd4 IRENUM - ok
10:22:37.0406 0x0fd4 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:22:37.0578 0x0fd4 isapnp - ok
10:22:37.0718 0x0fd4 [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:22:37.0734 0x0fd4 JavaQuickStarterService - ok
10:22:37.0781 0x0fd4 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:22:37.0937 0x0fd4 Kbdclass - ok
10:22:38.0000 0x0fd4 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:22:38.0187 0x0fd4 kmixer - ok
10:22:38.0218 0x0fd4 [ B1C8666BAD17084C386D2575AFCDFCDD, 63F7CE6E0453F8C50B0ED8BB2DD80B8F03D451C0553DD0E4E54701690E96D09B ] km_filter C:\WINDOWS\system32\drivers\km_filter.sys
10:22:38.0234 0x0fd4 km_filter - detected UnsignedFile.Multi.Generic ( 1 )
10:22:41.0093 0x0fd4 km_filter ( UnsignedFile.Multi.Generic ) - warning
10:22:43.0656 0x0fd4 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:22:43.0734 0x0fd4 KSecDD - ok
10:22:43.0796 0x0fd4 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:22:43.0859 0x0fd4 lanmanserver - ok
10:22:43.0921 0x0fd4 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:22:43.0984 0x0fd4 lanmanworkstation - ok
10:22:44.0000 0x0fd4 lbrtfdc - ok
10:22:44.0062 0x0fd4 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:22:44.0218 0x0fd4 LmHosts - ok
10:22:44.0250 0x0fd4 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:22:44.0406 0x0fd4 Messenger - ok
10:22:44.0453 0x0fd4 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:22:44.0609 0x0fd4 mnmdd - ok
10:22:44.0656 0x0fd4 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
10:22:44.0828 0x0fd4 mnmsrvc - ok
10:22:44.0875 0x0fd4 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:22:45.0046 0x0fd4 Modem - ok
10:22:45.0093 0x0fd4 [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:22:45.0265 0x0fd4 MODEMCSA - ok
10:22:45.0296 0x0fd4 [ 59B8B11FF70728EEC60E72131C58B716, EB001E1FC17D57AE2A9D4CC7B6C45DC5C6869D3602C1B86F5D4940B11AAECA0A ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys
10:22:45.0343 0x0fd4 mohfilt - ok
10:22:45.0375 0x0fd4 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:22:45.0531 0x0fd4 Mouclass - ok
10:22:45.0578 0x0fd4 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:22:45.0734 0x0fd4 mouhid - ok
10:22:45.0781 0x0fd4 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:22:45.0937 0x0fd4 MountMgr - ok
10:22:46.0015 0x0fd4 [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
10:22:46.0062 0x0fd4 MpFilter - ok
10:22:46.0078 0x0fd4 mraid35x - ok
10:22:46.0140 0x0fd4 [ A7566DA7AA8B74F1CEBC18AFD6B6CFA0, EDCBEBE908C7654A8B99011CB53234F512A68164EF865F33FA87A95D510DF364 ] mrtRate C:\WINDOWS\system32\drivers\mrtRate.sys
10:22:46.0171 0x0fd4 mrtRate - detected UnsignedFile.Multi.Generic ( 1 )
10:22:48.0640 0x0fd4 mrtRate ( UnsignedFile.Multi.Generic ) - warning
10:22:51.0156 0x0fd4 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:22:51.0328 0x0fd4 MRxDAV - ok
10:22:51.0390 0x0fd4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:22:51.0468 0x0fd4 MRxSmb - ok
10:22:51.0546 0x0fd4 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\System32\msdtc.exe
10:22:51.0703 0x0fd4 MSDTC - ok
10:22:51.0734 0x0fd4 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:22:51.0890 0x0fd4 Msfs - ok
10:22:51.0906 0x0fd4 MSIServer - ok
10:22:51.0953 0x0fd4 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:22:52.0109 0x0fd4 MSKSSRV - ok
10:22:52.0218 0x0fd4 [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:22:52.0234 0x0fd4 MsMpSvc - ok
10:22:52.0265 0x0fd4 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:22:52.0421 0x0fd4 MSPCLOCK - ok
10:22:52.0437 0x0fd4 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:22:52.0578 0x0fd4 MSPQM - ok
10:22:52.0609 0x0fd4 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:22:52.0750 0x0fd4 mssmbios - ok
10:22:52.0812 0x0fd4 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:22:52.0875 0x0fd4 Mup - ok
10:22:52.0953 0x0fd4 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:22:53.0125 0x0fd4 napagent - ok
10:22:53.0140 0x0fd4 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:22:53.0312 0x0fd4 NDIS - ok
10:22:53.0359 0x0fd4 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:22:53.0406 0x0fd4 NdisTapi - ok
10:22:53.0468 0x0fd4 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:22:53.0625 0x0fd4 Ndisuio - ok
10:22:53.0640 0x0fd4 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:22:53.0781 0x0fd4 NdisWan - ok
10:22:53.0828 0x0fd4 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:22:53.0906 0x0fd4 NDProxy - ok
10:22:53.0937 0x0fd4 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3, 29ACA9D8A5426333F75858D9D3960A4DCDDA4ACC986B3E9E37D255E4FAECDB7C ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
10:22:53.0953 0x0fd4 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:22:56.0640 0x0fd4 Detect skipped due to KSN trusted
10:22:56.0656 0x0fd4 Net Driver HPZ12 - ok
10:22:56.0703 0x0fd4 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:22:56.0859 0x0fd4 NetBIOS - ok
10:22:56.0906 0x0fd4 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:22:57.0078 0x0fd4 NetBT - ok
10:22:57.0109 0x0fd4 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
10:22:57.0250 0x0fd4 NetDDE - ok
10:22:57.0281 0x0fd4 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:22:57.0406 0x0fd4 NetDDEdsdm - ok
10:22:57.0453 0x0fd4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\System32\lsass.exe
10:22:57.0609 0x0fd4 Netlogon - ok
10:22:57.0656 0x0fd4 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
10:22:57.0828 0x0fd4 Netman - ok
10:22:57.0859 0x0fd4 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:22:57.0890 0x0fd4 NetTcpPortSharing - ok
10:22:57.0921 0x0fd4 NielGfx - ok
10:22:57.0953 0x0fd4 nielprt - ok
10:22:57.0984 0x0fd4 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
10:22:58.0031 0x0fd4 Nla - ok
10:22:58.0062 0x0fd4 [ 7B0BC3E812A738BA8F4DC26FB9EDDEB7, 1D376FBD2D52A9D8E271F443D9052840DCC0D22B41F755AFBFA168D44A677E44 ] nnrnstdi C:\WINDOWS\system32\drivers\nnrnstdi.sys
10:22:58.0078 0x0fd4 nnrnstdi - detected UnsignedFile.Multi.Generic ( 1 )
10:23:01.0031 0x0fd4 nnrnstdi ( UnsignedFile.Multi.Generic ) - warning
10:23:03.0609 0x0fd4 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:23:03.0765 0x0fd4 Npfs - ok
10:23:03.0828 0x0fd4 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:23:04.0000 0x0fd4 Ntfs - ok
10:23:04.0046 0x0fd4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
10:23:04.0171 0x0fd4 NtLmSsp - ok
10:23:04.0250 0x0fd4 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:23:04.0453 0x0fd4 NtmsSvc - ok
10:23:04.0484 0x0fd4 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
10:23:04.0640 0x0fd4 Null - ok
10:23:04.0671 0x0fd4 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:23:04.0828 0x0fd4 NwlnkFlt - ok
10:23:04.0828 0x0fd4 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:23:04.0984 0x0fd4 NwlnkFwd - ok
10:23:05.0046 0x0fd4 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:23:05.0203 0x0fd4 Parport - ok
10:23:05.0234 0x0fd4 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:23:05.0390 0x0fd4 PartMgr - ok
10:23:05.0437 0x0fd4 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:23:05.0593 0x0fd4 ParVdm - ok
10:23:05.0625 0x0fd4 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:23:05.0765 0x0fd4 PCI - ok
10:23:05.0765 0x0fd4 PCIDump - ok
10:23:05.0781 0x0fd4 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
10:23:05.0937 0x0fd4 PCIIde - ok
10:23:06.0000 0x0fd4 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:23:06.0140 0x0fd4 Pcmcia - ok
10:23:06.0156 0x0fd4 PDCOMP - ok
10:23:06.0171 0x0fd4 PDFRAME - ok
10:23:06.0187 0x0fd4 PDRELI - ok
10:23:06.0203 0x0fd4 PDRFRAME - ok
10:23:06.0218 0x0fd4 perc2 - ok
10:23:06.0234 0x0fd4 perc2hib - ok
10:23:06.0312 0x0fd4 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
10:23:06.0343 0x0fd4 PlugPlay - ok
10:23:06.0390 0x0fd4 [ 79834AA2FBF9FE81EEBB229024F6F7FC, 4E243765C11AE9B5D003C3220B8AA0C4671B2627221D2323F80189CA3A307FEF ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
10:23:06.0421 0x0fd4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:23:08.0921 0x0fd4 Detect skipped due to KSN trusted
10:23:08.0921 0x0fd4 Pml Driver HPZ12 - ok
10:23:08.0937 0x0fd4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
10:23:09.0078 0x0fd4 PolicyAgent - ok
10:23:09.0140 0x0fd4 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:23:09.0281 0x0fd4 PptpMiniport - ok
10:23:09.0328 0x0fd4 [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
10:23:09.0484 0x0fd4 Processor - ok
10:23:09.0515 0x0fd4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:23:09.0656 0x0fd4 ProtectedStorage - ok
10:23:09.0671 0x0fd4 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:23:09.0828 0x0fd4 PSched - ok
10:23:09.0843 0x0fd4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:23:09.0984 0x0fd4 Ptilink - ok
10:23:10.0000 0x0fd4 ql1080 - ok
10:23:10.0015 0x0fd4 Ql10wnt - ok
10:23:10.0031 0x0fd4 ql12160 - ok
10:23:10.0046 0x0fd4 ql1240 - ok
10:23:10.0062 0x0fd4 ql1280 - ok
10:23:10.0093 0x0fd4 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:23:10.0218 0x0fd4 RasAcd - ok
10:23:10.0265 0x0fd4 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:23:10.0421 0x0fd4 RasAuto - ok
10:23:10.0468 0x0fd4 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:23:10.0625 0x0fd4 Rasl2tp - ok
10:23:10.0671 0x0fd4 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:23:10.0828 0x0fd4 RasMan - ok
10:23:10.0875 0x0fd4 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:23:11.0015 0x0fd4 RasPppoe - ok
10:23:11.0062 0x0fd4 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:23:11.0203 0x0fd4 Raspti - ok
10:23:11.0265 0x0fd4 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:23:11.0421 0x0fd4 Rdbss - ok
10:23:11.0453 0x0fd4 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:23:11.0609 0x0fd4 RDPCDD - ok
10:23:11.0671 0x0fd4 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:23:11.0750 0x0fd4 RDPWD - ok
10:23:11.0812 0x0fd4 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:23:12.0000 0x0fd4 RDSessMgr - ok
10:23:12.0046 0x0fd4 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:23:12.0203 0x0fd4 redbook - ok
10:23:12.0234 0x0fd4 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:23:12.0390 0x0fd4 RemoteAccess - ok
10:23:12.0468 0x0fd4 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\System32\locator.exe
10:23:12.0593 0x0fd4 RpcLocator - ok
10:23:12.0656 0x0fd4 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:23:12.0718 0x0fd4 RpcSs - ok
10:23:12.0781 0x0fd4 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\System32\rsvp.exe
10:23:12.0921 0x0fd4 RSVP - ok
10:23:12.0968 0x0fd4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
10:23:13.0093 0x0fd4 SamSs - ok
10:23:13.0156 0x0fd4 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:23:13.0328 0x0fd4 SCardSvr - ok
10:23:13.0390 0x0fd4 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:23:13.0546 0x0fd4 Schedule - ok
10:23:13.0609 0x0fd4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:23:13.0687 0x0fd4 Secdrv - ok
10:23:13.0718 0x0fd4 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:23:13.0875 0x0fd4 seclogon - ok
10:23:14.0796 0x0fd4 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8, E94F7E97AAB80600DED0310160527C3CC8CAC8593EC2FBEAED2EF5EC5A6C4086 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
10:23:14.0890 0x0fd4 senfilt - ok
10:23:14.0921 0x0fd4 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
10:23:15.0093 0x0fd4 SENS - ok
10:23:15.0125 0x0fd4 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:23:15.0281 0x0fd4 serenum - ok
10:23:15.0312 0x0fd4 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
10:23:15.0468 0x0fd4 Serial - ok
10:23:15.0546 0x0fd4 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:23:15.0687 0x0fd4 Sfloppy - ok
10:23:15.0765 0x0fd4 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:23:15.0937 0x0fd4 SharedAccess - ok
10:23:15.0984 0x0fd4 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:23:16.0015 0x0fd4 ShellHWDetection - ok
10:23:16.0046 0x0fd4 Simbad - ok
10:23:16.0140 0x0fd4 [ C6D9959E493682F872A639B6EC1B4A08, 5B6D3FD23A44422F8B3972CF47BF16B5015DC0CCF7EF59FADAFEEF1AEE32958B ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
10:23:16.0203 0x0fd4 smwdm - ok
10:23:16.0203 0x0fd4 Sparrow - ok
10:23:16.0234 0x0fd4 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:23:16.0406 0x0fd4 splitter - ok
10:23:16.0437 0x0fd4 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:23:16.0500 0x0fd4 Spooler - ok
10:23:16.0593 0x0fd4 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
10:23:16.0593 0x0fd4 Suspicious file ( NoAccess ): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
10:23:16.0593 0x0fd4 sptd - detected LockedFile.Multi.Generic ( 1 )
10:23:19.0062 0x0fd4 Detect skipped due to KSN trusted
10:23:19.0062 0x0fd4 sptd - ok
10:23:19.0078 0x0fd4 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:23:19.0156 0x0fd4 sr - ok
10:23:19.0203 0x0fd4 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\System32\srsvc.dll
10:23:19.0296 0x0fd4 srservice - ok
10:23:19.0390 0x0fd4 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:23:19.0515 0x0fd4 Srv - ok
10:23:19.0562 0x0fd4 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:23:19.0640 0x0fd4 SSDPSRV - ok
10:23:19.0718 0x0fd4 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:23:19.0890 0x0fd4 stisvc - ok
10:23:19.0937 0x0fd4 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:23:20.0078 0x0fd4 swenum - ok
10:23:20.0140 0x0fd4 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:23:20.0281 0x0fd4 swmidi - ok
10:23:20.0296 0x0fd4 SwPrv - ok
10:23:20.0328 0x0fd4 symc810 - ok
10:23:20.0343 0x0fd4 symc8xx - ok
10:23:20.0359 0x0fd4 sym_hi - ok
10:23:20.0375 0x0fd4 sym_u3 - ok
10:23:20.0421 0x0fd4 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:23:20.0562 0x0fd4 sysaudio - ok
10:23:20.0625 0x0fd4 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:23:20.0796 0x0fd4 SysmonLog - ok
10:23:20.0828 0x0fd4 [ FD90A16CEB10D4FDAA00AAF39B8FF58F, A0471D1AE2704BCFE70C61A83B24B45ED92D71706BEC7D599BB7418BF8B854F1 ] taphss C:\WINDOWS\system32\DRIVERS\taphss.sys
10:23:20.0859 0x0fd4 taphss - ok
10:23:20.0906 0x0fd4 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:23:21.0062 0x0fd4 TapiSrv - ok
10:23:21.0125 0x0fd4 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:23:21.0187 0x0fd4 Tcpip - ok
10:23:21.0218 0x0fd4 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:23:21.0375 0x0fd4 TDPIPE - ok
10:23:21.0421 0x0fd4 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:23:21.0546 0x0fd4 TDTCP - ok
10:23:21.0593 0x0fd4 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:23:21.0750 0x0fd4 TermDD - ok
10:23:21.0843 0x0fd4 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
10:23:22.0000 0x0fd4 TermService - ok
10:23:22.0046 0x0fd4 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
10:23:22.0078 0x0fd4 Themes - ok
10:23:22.0093 0x0fd4 TosIde - ok
10:23:22.0156 0x0fd4 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:23:22.0312 0x0fd4 TrkWks - ok
10:23:22.0359 0x0fd4 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:23:22.0531 0x0fd4 Udfs - ok
10:23:22.0546 0x0fd4 ultra - ok
10:23:22.0640 0x0fd4 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:23:22.0812 0x0fd4 Update - ok
10:23:22.0875 0x0fd4 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
10:23:22.0968 0x0fd4 upnphost - ok
10:23:23.0015 0x0fd4 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
10:23:23.0171 0x0fd4 UPS - ok
10:23:23.0218 0x0fd4 [ AF9388E736AF0C325067F05EDC350010, 7B0250F2DE3E7F86BDD9C726DB80A89305F0F592D423548AE6A42E39124E647E ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
10:23:23.0281 0x0fd4 usbbus - ok
10:23:23.0328 0x0fd4 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:23:23.0421 0x0fd4 usbccgp - ok
10:23:23.0468 0x0fd4 [ AE30EA96E60E823C7B525DA356283AE8, 76AE31EB21ECEAB8162A8E55DB8A41A1599D257753890123E2E4294152682A43 ] UsbDiag C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
10:23:23.0500 0x0fd4 UsbDiag - ok
10:23:23.0546 0x0fd4 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:23:23.0593 0x0fd4 usbehci - ok
10:23:23.0625 0x0fd4 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:23:23.0812 0x0fd4 usbhub - ok
10:23:23.0875 0x0fd4 [ 46AC66DF3D6EFE81F69BEA823A53AAB5, 41EA067F1BA5F5041CC5D664867DA439115B1B244DC822981BACE4AD9CBBF3C8 ] USBModem C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
10:23:23.0906 0x0fd4 USBModem - ok
10:23:23.0937 0x0fd4 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:23:24.0218 0x0fd4 usbprint - ok
10:23:24.0281 0x0fd4 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:23:24.0343 0x0fd4 usbscan - ok
10:23:24.0390 0x0fd4 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:23:24.0546 0x0fd4 USBSTOR - ok
10:23:24.0578 0x0fd4 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:23:24.0734 0x0fd4 usbuhci - ok
10:23:24.0765 0x0fd4 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:23:24.0906 0x0fd4 VgaSave - ok
10:23:24.0921 0x0fd4 ViaIde - ok
10:23:24.0937 0x0fd4 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:23:25.0093 0x0fd4 VolSnap - ok
10:23:25.0171 0x0fd4 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
10:23:25.0281 0x0fd4 VSS - ok
10:23:25.0328 0x0fd4 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\System32\w32time.dll
10:23:25.0468 0x0fd4 W32Time - ok
10:23:25.0515 0x0fd4 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:23:25.0671 0x0fd4 Wanarp - ok
10:23:25.0750 0x0fd4 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
10:23:25.0796 0x0fd4 Wdf01000 - ok
10:23:25.0812 0x0fd4 WDICA - ok
10:23:25.0843 0x0fd4 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:23:26.0000 0x0fd4 wdmaud - ok
10:23:26.0046 0x0fd4 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
10:23:26.0187 0x0fd4 WebClient - ok
10:23:26.0281 0x0fd4 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:23:26.0437 0x0fd4 winmgmt - ok
10:23:26.0500 0x0fd4 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:23:26.0515 0x0fd4 WmdmPmSN - ok
10:23:26.0578 0x0fd4 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
10:23:26.0750 0x0fd4 WmiApSrv - ok
10:23:26.0875 0x0fd4 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
10:23:27.0000 0x0fd4 WMPNetworkSvc - ok
10:23:27.0031 0x0fd4 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:23:27.0062 0x0fd4 WpdUsb - ok
10:23:27.0109 0x0fd4 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:23:27.0265 0x0fd4 wscsvc - ok
10:23:27.0281 0x0fd4 WSearch - ok
10:23:27.0328 0x0fd4 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:23:27.0484 0x0fd4 wuauserv - ok
10:23:27.0546 0x0fd4 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:23:27.0609 0x0fd4 WudfPf - ok
10:23:27.0625 0x0fd4 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:23:27.0656 0x0fd4 WudfRd - ok
10:23:27.0703 0x0fd4 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:23:27.0734 0x0fd4 WudfSvc - ok
10:23:27.0812 0x0fd4 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:23:28.0000 0x0fd4 WZCSVC - ok
10:23:28.0031 0x0fd4 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:23:28.0187 0x0fd4 xmlprov - ok
10:23:28.0187 0x0fd4 ================ Scan global ===============================
10:23:28.0265 0x0fd4 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
10:23:28.0343 0x0fd4 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
10:23:28.0406 0x0fd4 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
10:23:28.0468 0x0fd4 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
10:23:28.0468 0x0fd4 [ Global ] - ok
10:23:28.0468 0x0fd4 ================ Scan MBR ==================================
10:23:28.0500 0x0fd4 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
10:23:28.0765 0x0fd4 \Device\Harddisk0\DR0 - ok
10:23:28.0781 0x0fd4 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:23:29.0281 0x0fd4 \Device\Harddisk1\DR1 - ok
10:23:29.0281 0x0fd4 ================ Scan VBR ==================================
10:23:29.0296 0x0fd4 [ 730D280C23EB0973F795388ADDE49D01 ] \Device\Harddisk0\DR0\Partition1
10:23:29.0296 0x0fd4 \Device\Harddisk0\DR0\Partition1 - ok
10:23:29.0343 0x0fd4 [ 83DA548994032FC8EC49D79878FCD0C9 ] \Device\Harddisk1\DR1\Partition1
10:23:29.0343 0x0fd4 \Device\Harddisk1\DR1\Partition1 - ok
10:23:29.0343 0x0fd4 ================ Scan active images ========================
10:23:29.0343 0x0fd4 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] C:\WINDOWS\system32\drivers\intelppm.sys
10:23:29.0343 0x0fd4 C:\WINDOWS\system32\drivers\intelppm.sys - ok
10:23:29.0359 0x0fd4 [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
10:23:29.0359 0x0fd4 C:\WINDOWS\system32\drivers\videoprt.sys - ok
10:23:29.0375 0x0fd4 [ 44B7D5A4F2BD9FE21AEA0BB0BACE38C4, D371103E752EF852BEDE330AB23EED4BFFD4150961EC377B03D69D871368F144 ] C:\WINDOWS\system32\drivers\ialmnt5.sys
10:23:29.0375 0x0fd4 C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
10:23:29.0375 0x0fd4 [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys
10:23:29.0375 0x0fd4 C:\WINDOWS\system32\drivers\usbport.sys - ok
10:23:29.0390 0x0fd4 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
10:23:29.0390 0x0fd4 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
10:23:29.0406 0x0fd4 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys
10:23:29.0406 0x0fd4 C:\WINDOWS\system32\drivers\usbehci.sys - ok
10:23:29.0421 0x0fd4 [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
10:23:29.0421 0x0fd4 C:\WINDOWS\system32\drivers\ks.sys - ok
10:23:29.0421 0x0fd4 [ DE2686C0E012E6AE24ACD6E79EB7FF5D, 9951F93F524C4FB26961006DE500CF93CFFA33C37F73CE398B92F0F840775FB3 ] C:\WINDOWS\system32\drivers\IntelC53.sys
10:23:29.0421 0x0fd4 C:\WINDOWS\system32\drivers\IntelC53.sys - ok
10:23:29.0437 0x0fd4 [ 7509C548400F4C9E0211E3F6E66ABBE6, 10884F759DE3EE38F93EF74202B0DBDA3CC5D5E7532E361DC33385D4CC18B659 ] C:\WINDOWS\system32\drivers\IntelC51.sys
10:23:29.0437 0x0fd4 C:\WINDOWS\system32\drivers\IntelC51.sys - ok
10:23:29.0453 0x0fd4 [ 9584FFDD41D37F2C239681D0DAC2513E, AB48DA5AA95C2D1F6C06EEF6635CC7DBCA64F90A5219E0A1501D46D5CD2944FA ] C:\WINDOWS\system32\drivers\IntelC52.sys
10:23:29.0453 0x0fd4 C:\WINDOWS\system32\drivers\IntelC52.sys - ok
10:23:29.0453 0x0fd4 [ 59B8B11FF70728EEC60E72131C58B716, EB001E1FC17D57AE2A9D4CC7B6C45DC5C6869D3602C1B86F5D4940B11AAECA0A ] C:\WINDOWS\system32\drivers\mohfilt.sys
10:23:29.0453 0x0fd4 C:\WINDOWS\system32\drivers\mohfilt.sys - ok
10:23:29.0468 0x0fd4 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] C:\WINDOWS\system32\drivers\modem.sys
10:23:29.0468 0x0fd4 C:\WINDOWS\system32\drivers\modem.sys - ok
10:23:29.0484 0x0fd4 [ B60F57B4D9CDBC663CC03EB8AF7EC34E, 4D4DC5D2A332C2ECDAD22CAB5FE827761FBEDA1D3ED0FA0BF34016E230505421 ] C:\WINDOWS\system32\drivers\bcm4sbxp.sys
10:23:29.0484 0x0fd4 C:\WINDOWS\system32\drivers\bcm4sbxp.sys - ok
10:23:29.0500 0x0fd4 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
10:23:29.0500 0x0fd4 C:\WINDOWS\system32\drivers\fdc.sys - ok
10:23:29.0500 0x0fd4 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] C:\WINDOWS\system32\drivers\i8042prt.sys
10:23:29.0500 0x0fd4 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
10:23:29.0515 0x0fd4 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
10:23:29.0515 0x0fd4 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
10:23:29.0531 0x0fd4 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] C:\WINDOWS\system32\drivers\serial.sys
10:23:29.0531 0x0fd4 C:\WINDOWS\system32\drivers\serial.sys - ok
10:23:29.0531 0x0fd4 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] C:\WINDOWS\system32\drivers\serenum.sys
10:23:29.0531 0x0fd4 C:\WINDOWS\system32\drivers\serenum.sys - ok
10:23:29.0546 0x0fd4 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] C:\WINDOWS\system32\drivers\parport.sys
10:23:29.0546 0x0fd4 C:\WINDOWS\system32\drivers\parport.sys - ok
10:23:29.0562 0x0fd4 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
10:23:29.0562 0x0fd4 C:\WINDOWS\system32\drivers\cdrom.sys - ok
10:23:29.0578 0x0fd4 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
10:23:29.0578 0x0fd4 C:\WINDOWS\system32\drivers\imapi.sys - ok
10:23:29.0593 0x0fd4 [ 6CB08593487F5701D2D2254E693EAFCE, 0518A1FC540C036E6864DA8C01CADE043D4F897D7FCF8C61352865131DEB7414 ] C:\WINDOWS\system32\drivers\drmk.sys
10:23:29.0593 0x0fd4 C:\WINDOWS\system32\drivers\drmk.sys - ok
10:23:29.0593 0x0fd4 [ E82A496C3961EFC6828B508C310CE98F, E142A0809525B34A376B3063B07B8822930056BBCB886B7CF1D7585BCEC371A0 ] C:\WINDOWS\system32\drivers\portcls.sys
10:23:29.0593 0x0fd4 C:\WINDOWS\system32\drivers\portcls.sys - ok
10:23:29.0609 0x0fd4 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
10:23:29.0609 0x0fd4 C:\WINDOWS\system32\drivers\redbook.sys - ok
10:23:29.0625 0x0fd4 [ C6D9959E493682F872A639B6EC1B4A08, 5B6D3FD23A44422F8B3972CF47BF16B5015DC0CCF7EF59FADAFEEF1AEE32958B ] C:\WINDOWS\system32\drivers\smwdm.sys
10:23:29.0625 0x0fd4 C:\WINDOWS\system32\drivers\smwdm.sys - ok
10:23:29.0625 0x0fd4 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8, E94F7E97AAB80600DED0310160527C3CC8CAC8593EC2FBEAED2EF5EC5A6C4086 ] C:\WINDOWS\system32\drivers\senfilt.sys
10:23:29.0625 0x0fd4 C:\WINDOWS\system32\drivers\senfilt.sys - ok
10:23:29.0640 0x0fd4 [ B1C8666BAD17084C386D2575AFCDFCDD, 63F7CE6E0453F8C50B0ED8BB2DD80B8F03D451C0553DD0E4E54701690E96D09B ] C:\WINDOWS\system32\drivers\km_filter.sys
10:23:29.0640 0x0fd4 C:\WINDOWS\system32\drivers\km_filter.sys - ok
10:23:29.0656 0x0fd4 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys
10:23:29.0656 0x0fd4 C:\WINDOWS\system32\drivers\audstub.sys - ok
10:23:29.0671 0x0fd4 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
10:23:29.0671 0x0fd4 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
10:23:29.0671 0x0fd4 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
10:23:29.0671 0x0fd4 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
10:23:29.0687 0x0fd4 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
10:23:29.0687 0x0fd4 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
10:23:29.0703 0x0fd4 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
10:23:29.0703 0x0fd4 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
10:23:29.0703 0x0fd4 [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
10:23:29.0703 0x0fd4 C:\WINDOWS\system32\drivers\tdi.sys - ok
10:23:29.0718 0x0fd4 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
10:23:29.0718 0x0fd4 C:\WINDOWS\system32\drivers\msgpc.sys - ok
10:23:29.0734 0x0fd4 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
10:23:29.0734 0x0fd4 C:\WINDOWS\system32\drivers\psched.sys - ok
10:23:29.0750 0x0fd4 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
10:23:29.0750 0x0fd4 C:\WINDOWS\system32\drivers\raspptp.sys - ok
10:23:29.0750 0x0fd4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
10:23:29.0750 0x0fd4 C:\WINDOWS\system32\drivers\ptilink.sys - ok
10:23:29.0765 0x0fd4 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
10:23:29.0765 0x0fd4 C:\WINDOWS\system32\drivers\mouclass.sys - ok
10:23:29.0781 0x0fd4 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
10:23:29.0781 0x0fd4 C:\WINDOWS\system32\drivers\raspti.sys - ok
10:23:29.0781 0x0fd4 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
10:23:29.0781 0x0fd4 C:\WINDOWS\system32\drivers\termdd.sys - ok
10:23:29.0796 0x0fd4 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
10:23:29.0796 0x0fd4 C:\WINDOWS\system32\drivers\swenum.sys - ok
10:23:29.0812 0x0fd4 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
10:23:29.0812 0x0fd4 C:\WINDOWS\system32\drivers\update.sys - ok
10:23:29.0828 0x0fd4 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
10:23:29.0828 0x0fd4 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
10:23:29.0828 0x0fd4 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] C:\WINDOWS\system32\drivers\ndproxy.sys
10:23:29.0828 0x0fd4 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
10:23:29.0843 0x0fd4 [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys
10:23:29.0843 0x0fd4 C:\WINDOWS\system32\drivers\usbd.sys - ok
10:23:29.0859 0x0fd4 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
10:23:29.0859 0x0fd4 C:\WINDOWS\system32\drivers\usbhub.sys - ok
10:23:29.0859 0x0fd4 [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:23:29.0859 0x0fd4 C:\WINDOWS\system32\drivers\MODEMCSA.sys - ok
10:23:29.0875 0x0fd4 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] C:\WINDOWS\system32\drivers\flpydisk.sys
10:23:29.0875 0x0fd4 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
10:23:29.0875 0x0fd4 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
10:23:29.0890 0x0fd4 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
10:23:29.0890 0x0fd4 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
10:23:29.0890 0x0fd4 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
10:23:29.0906 0x0fd4 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
10:23:29.0906 0x0fd4 C:\WINDOWS\system32\drivers\beep.sys - ok
10:23:29.0906 0x0fd4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
10:23:29.0906 0x0fd4 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
10:23:29.0921 0x0fd4 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys
10:23:29.0921 0x0fd4 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
10:23:29.0937 0x0fd4 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
10:23:29.0937 0x0fd4 C:\WINDOWS\system32\drivers\null.sys - ok
10:23:29.0937 0x0fd4 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
10:23:29.0937 0x0fd4 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
10:23:29.0953 0x0fd4 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
10:23:29.0953 0x0fd4 C:\WINDOWS\system32\drivers\vga.sys - ok
10:23:29.0968 0x0fd4 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
10:23:29.0968 0x0fd4 C:\WINDOWS\system32\drivers\msfs.sys - ok
10:23:29.0968 0x0fd4 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
10:23:29.0968 0x0fd4 C:\WINDOWS\system32\drivers\npfs.sys - ok
10:23:29.0984 0x0fd4 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
10:23:29.0984 0x0fd4 C:\WINDOWS\system32\drivers\ipsec.sys - ok
10:23:30.0000 0x0fd4 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
10:23:30.0000 0x0fd4 C:\WINDOWS\system32\drivers\rasacd.sys - ok
10:23:30.0000 0x0fd4 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
10:23:30.0000 0x0fd4 C:\WINDOWS\system32\drivers\tcpip.sys - ok
10:23:30.0015 0x0fd4 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
10:23:30.0015 0x0fd4 C:\WINDOWS\system32\drivers\netbt.sys - ok
10:23:30.0031 0x0fd4 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys
10:23:30.0031 0x0fd4 C:\WINDOWS\system32\drivers\ipnat.sys - ok
10:23:30.0031 0x0fd4 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
10:23:30.0031 0x0fd4 C:\WINDOWS\system32\drivers\afd.sys - ok
10:23:30.0046 0x0fd4 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
10:23:30.0046 0x0fd4 C:\WINDOWS\system32\drivers\netbios.sys - ok
10:23:30.0046 0x0fd4 [ 7B0BC3E812A738BA8F4DC26FB9EDDEB7, 1D376FBD2D52A9D8E271F443D9052840DCC0D22B41F755AFBFA168D44A677E44 ] C:\WINDOWS\system32\drivers\nnrnstdi.sys
10:23:30.0046 0x0fd4 C:\WINDOWS\system32\drivers\nnrnstdi.sys - ok
10:23:30.0062 0x0fd4 [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] C:\WINDOWS\system32\drivers\processr.sys
10:23:30.0062 0x0fd4 C:\WINDOWS\system32\drivers\processr.sys - ok
10:23:30.0078 0x0fd4 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
10:23:30.0078 0x0fd4 C:\WINDOWS\system32\drivers\rdbss.sys - ok
10:23:30.0078 0x0fd4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
10:23:30.0078 0x0fd4 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
10:23:30.0093 0x0fd4 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] C:\WINDOWS\system32\drivers\fips.sys
10:23:30.0093 0x0fd4 C:\WINDOWS\system32\drivers\fips.sys - ok
10:23:30.0109 0x0fd4 [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
10:23:30.0109 0x0fd4 C:\WINDOWS\system32\smss.exe - ok
10:23:30.0109 0x0fd4 [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
10:23:30.0109 0x0fd4 C:\WINDOWS\system32\ntdll.dll - ok
10:23:30.0125 0x0fd4 [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
10:23:30.0125 0x0fd4 C:\WINDOWS\system32\autochk.exe - ok
10:23:30.0140 0x0fd4 [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys
10:23:30.0140 0x0fd4 C:\WINDOWS\system32\drivers\hidparse.sys - ok
10:23:30.0140 0x0fd4 [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
10:23:30.0140 0x0fd4 C:\WINDOWS\system32\drivers\hidclass.sys - ok
10:23:30.0156 0x0fd4 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
10:23:30.0156 0x0fd4 C:\WINDOWS\system32\drivers\hidusb.sys - ok
10:23:30.0171 0x0fd4 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
10:23:30.0171 0x0fd4 C:\WINDOWS\system32\drivers\mouhid.sys - ok
10:23:30.0171 0x0fd4 [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
10:23:30.0171 0x0fd4 C:\WINDOWS\system32\sfcfiles.dll - ok
10:23:30.0187 0x0fd4 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
10:23:30.0187 0x0fd4 C:\WINDOWS\system32\drivers\cdfs.sys - ok
10:23:30.0203 0x0fd4 [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
10:23:30.0203 0x0fd4 C:\WINDOWS\system32\drivers\wmilib.sys - ok
10:23:30.0203 0x0fd4 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
10:23:30.0203 0x0fd4 C:\WINDOWS\system32\drivers\atapi.sys - ok
10:23:30.0218 0x0fd4 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
10:23:30.0218 0x0fd4 C:\WINDOWS\system32\drivers\dxapi.sys - ok
10:23:30.0234 0x0fd4 [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
10:23:30.0234 0x0fd4 C:\WINDOWS\system32\watchdog.sys - ok
10:23:30.0234 0x0fd4 [ D93D1ED33957BDC6374E2D8B8FB03F9F, 12ED9DEE330E5373DE51E40657221A71507107F6D790594840524DFD1429712F ] C:\WINDOWS\system32\win32k.sys
10:23:30.0234 0x0fd4 C:\WINDOWS\system32\win32k.sys - ok
10:23:30.0250 0x0fd4 [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
10:23:30.0250 0x0fd4 C:\WINDOWS\system32\csrss.exe - ok
10:23:30.0265 0x0fd4 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] C:\WINDOWS\system32\drivers\wanarp.sys
10:23:30.0265 0x0fd4 C:\WINDOWS\system32\drivers\wanarp.sys - ok
10:23:30.0265 0x0fd4 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
10:23:30.0265 0x0fd4 C:\WINDOWS\system32\basesrv.dll - ok
10:23:30.0281 0x0fd4 [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
10:23:30.0281 0x0fd4 C:\WINDOWS\system32\csrsrv.dll - ok
10:23:30.0296 0x0fd4 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
10:23:30.0296 0x0fd4 C:\WINDOWS\system32\winsrv.dll - ok
10:23:30.0296 0x0fd4 [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll
10:23:30.0296 0x0fd4 C:\WINDOWS\system32\gdi32.dll - ok
10:23:30.0312 0x0fd4 [ 6FE42512AB1B89F32A7407F261B1D2D0, 30DCC1044BCC7108087462E173707DC8D947C4F37281686A79D3D40273901878 ] C:\WINDOWS\system32\kernel32.dll
10:23:30.0312 0x0fd4 C:\WINDOWS\system32\kernel32.dll - ok
10:23:30.0312 0x0fd4 [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
10:23:30.0312 0x0fd4 C:\WINDOWS\system32\user32.dll - ok
10:23:30.0328 0x0fd4 [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
10:23:30.0328 0x0fd4 C:\WINDOWS\system32\drivers\dxg.sys - ok
10:23:30.0343 0x0fd4 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
10:23:30.0343 0x0fd4 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
10:23:30.0343 0x0fd4 [ 0F64029D0016B3AC2EA4C2CB58E00E36, 3E4FF4447CA7ADA1673B6F43B904498D7F27760126018BD9CE988C821FDD9CED ] C:\WINDOWS\system32\ialmdnt5.dll
10:23:30.0343 0x0fd4 C:\WINDOWS\system32\ialmdnt5.dll - ok
10:23:30.0359 0x0fd4 [ C67D7C6B8D6C1C9D21935B362F0B41CA, 666141CF6F0773C43360E446194C0006CFA025C8DB8988CF25CA3D4A44E3D9C7 ] C:\WINDOWS\system32\ialmrnt5.dll
10:23:30.0359 0x0fd4 C:\WINDOWS\system32\ialmrnt5.dll - ok
10:23:30.0375 0x0fd4 [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
10:23:30.0375 0x0fd4 C:\WINDOWS\system32\vga.dll - ok
10:23:30.0375 0x0fd4 [ 420596ACBFF7D0CDD436BEC6961BE981, 9ACA9C615E41C4AC2846E9B682C62D1754BD23A9D3C2401628D9F0116D5CD0BC ] C:\WINDOWS\system32\ialmdev5.dll
10:23:30.0375 0x0fd4 C:\WINDOWS\system32\ialmdev5.dll - ok
10:23:30.0390 0x0fd4 [ D9E351A4FD48357771BD499403EAFFDA, 82048ED118AE8B8EEF479C6FDFC23EE550E6B0F37BAEA9C541AA331D98C716A8 ] C:\WINDOWS\system32\ialmdd5.dll
10:23:30.0390 0x0fd4 C:\WINDOWS\system32\ialmdd5.dll - ok
10:23:30.0406 0x0fd4 [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
10:23:30.0406 0x0fd4 C:\WINDOWS\system32\winlogon.exe - ok
10:23:30.0406 0x0fd4 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
10:23:30.0406 0x0fd4 C:\WINDOWS\system32\advapi32.dll - ok
10:23:30.0421 0x0fd4 [ 44C164B34A72F29087ECA32411F2ED44, 112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ] C:\WINDOWS\system32\rpcrt4.dll
10:23:30.0421 0x0fd4 C:\WINDOWS\system32\rpcrt4.dll - ok
10:23:30.0437 0x0fd4 [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
10:23:30.0437 0x0fd4 C:\WINDOWS\system32\authz.dll - ok
10:23:30.0437 0x0fd4 [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
10:23:30.0437 0x0fd4 C:\WINDOWS\system32\secur32.dll - ok
10:23:30.0453 0x0fd4 [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
10:23:30.0453 0x0fd4 C:\WINDOWS\system32\msvcrt.dll - ok
10:23:30.0468 0x0fd4 [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll
10:23:30.0468 0x0fd4 C:\WINDOWS\system32\crypt32.dll - ok
10:23:30.0468 0x0fd4 [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
10:23:30.0468 0x0fd4 C:\WINDOWS\system32\msasn1.dll - ok
10:23:30.0484 0x0fd4 [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
10:23:30.0484 0x0fd4 C:\WINDOWS\system32\nddeapi.dll - ok
10:23:30.0500 0x0fd4 [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
10:23:30.0500 0x0fd4 C:\WINDOWS\system32\netapi32.dll - ok
10:23:30.0500 0x0fd4 [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
10:23:30.0500 0x0fd4 C:\WINDOWS\system32\profmap.dll - ok
10:23:30.0515 0x0fd4 [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
10:23:30.0515 0x0fd4 C:\WINDOWS\system32\userenv.dll - ok
10:23:30.0531 0x0fd4 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
10:23:30.0531 0x0fd4 C:\WINDOWS\system32\psapi.dll - ok
10:23:30.0531 0x0fd4 [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
10:23:30.0531 0x0fd4 C:\WINDOWS\system32\regapi.dll - ok
10:23:30.0546 0x0fd4 [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
10:23:30.0546 0x0fd4 C:\WINDOWS\system32\setupapi.dll - ok
10:23:30.0546 0x0fd4 [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
10:23:30.0546 0x0fd4 C:\WINDOWS\system32\version.dll - ok
10:23:30.0562 0x0fd4 [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll
10:23:30.0562 0x0fd4 C:\WINDOWS\system32\imagehlp.dll - ok
10:23:30.0562 0x0fd4 [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
10:23:30.0562 0x0fd4 C:\WINDOWS\system32\winsta.dll - ok
10:23:30.0578 0x0fd4 [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
10:23:30.0578 0x0fd4 C:\WINDOWS\system32\wintrust.dll - ok
10:23:30.0593 0x0fd4 [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
10:23:30.0593 0x0fd4 C:\WINDOWS\system32\ws2help.dll - ok
10:23:30.0609 0x0fd4 [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
10:23:30.0609 0x0fd4 C:\WINDOWS\system32\ws2_32.dll - ok
10:23:30.0609 0x0fd4 [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
10:23:30.0609 0x0fd4 C:\WINDOWS\system32\imm32.dll - ok
10:23:30.0625 0x0fd4 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
10:23:30.0625 0x0fd4 C:\WINDOWS\system32\kbdus.dll - ok
10:23:30.0625 0x0fd4 [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
10:23:30.0640 0x0fd4 C:\WINDOWS\system32\msgina.dll - ok
10:23:30.0640 0x0fd4 [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
10:23:30.0640 0x0fd4 C:\WINDOWS\system32\comctl32.dll - ok
10:23:30.0656 0x0fd4 [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
10:23:30.0656 0x0fd4 C:\WINDOWS\system32\comdlg32.dll - ok
10:23:30.0656 0x0fd4 [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
10:23:30.0656 0x0fd4 C:\WINDOWS\system32\odbc32.dll - ok
10:23:30.0671 0x0fd4 [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
10:23:30.0671 0x0fd4 C:\WINDOWS\system32\shell32.dll - ok
10:23:30.0687 0x0fd4 [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
10:23:30.0687 0x0fd4 C:\WINDOWS\system32\shlwapi.dll - ok
10:23:30.0687 0x0fd4 [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
10:23:30.0687 0x0fd4 C:\WINDOWS\system32\sxs.dll - ok
10:23:30.0703 0x0fd4 [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
10:23:30.0703 0x0fd4 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
10:23:30.0718 0x0fd4 [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
10:23:30.0718 0x0fd4 C:\WINDOWS\system32\odbcint.dll - ok
10:23:30.0718 0x0fd4 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
10:23:30.0718 0x0fd4 C:\WINDOWS\system32\shsvcs.dll - ok
10:23:30.0734 0x0fd4 [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
10:23:30.0734 0x0fd4 C:\WINDOWS\system32\ole32.dll - ok
10:23:30.0750 0x0fd4 [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
10:23:30.0750 0x0fd4 C:\WINDOWS\system32\sfc.dll - ok
10:23:30.0750 0x0fd4 [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
10:23:30.0750 0x0fd4 C:\WINDOWS\system32\sfc_os.dll - ok
10:23:30.0765 0x0fd4 [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
10:23:30.0765 0x0fd4 C:\WINDOWS\system32\apphelp.dll - ok
10:23:30.0781 0x0fd4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
10:23:30.0781 0x0fd4 C:\WINDOWS\system32\lsass.exe - ok
10:23:30.0781 0x0fd4 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
10:23:30.0781 0x0fd4 C:\WINDOWS\system32\services.exe - ok
10:23:30.0796 0x0fd4 [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
10:23:30.0796 0x0fd4 C:\WINDOWS\system32\lsasrv.dll - ok
10:23:30.0812 0x0fd4 [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
10:23:30.0812 0x0fd4 C:\WINDOWS\system32\ncobjapi.dll - ok
10:23:30.0812 0x0fd4 [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
10:23:30.0812 0x0fd4 C:\WINDOWS\system32\msvcp60.dll - ok
10:23:30.0828 0x0fd4 [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
10:23:30.0828 0x0fd4 C:\WINDOWS\system32\scesrv.dll - ok
10:23:30.0828 0x0fd4 [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
10:23:30.0828 0x0fd4 C:\WINDOWS\system32\mpr.dll - ok
10:23:30.0843 0x0fd4 [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
10:23:30.0843 0x0fd4 C:\WINDOWS\system32\dnsapi.dll - ok
10:23:30.0859 0x0fd4 [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
10:23:30.0859 0x0fd4 C:\WINDOWS\system32\ntdsapi.dll - ok
10:23:30.0859 0x0fd4 [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
10:23:30.0859 0x0fd4 C:\WINDOWS\system32\umpnpmgr.dll - ok
10:23:30.0875 0x0fd4 [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
10:23:30.0875 0x0fd4 C:\WINDOWS\system32\shimeng.dll - ok
10:23:30.0890 0x0fd4 [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
10:23:30.0890 0x0fd4 C:\WINDOWS\AppPatch\acadproc.dll - ok
10:23:30.0890 0x0fd4 [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
10:23:30.0890 0x0fd4 C:\WINDOWS\system32\wldap32.dll - ok
10:23:30.0906 0x0fd4 [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
10:23:30.0906 0x0fd4 C:\WINDOWS\system32\samlib.dll - ok
10:23:30.0921 0x0fd4 [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
10:23:30.0921 0x0fd4 C:\WINDOWS\system32\samsrv.dll - ok
10:23:30.0921 0x0fd4 [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
10:23:30.0921 0x0fd4 C:\WINDOWS\AppPatch\acgenral.dll - ok
10:23:30.0937 0x0fd4 [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
10:23:30.0937 0x0fd4 C:\WINDOWS\system32\cryptdll.dll - ok
10:23:30.0953 0x0fd4 [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
10:23:30.0953 0x0fd4 C:\WINDOWS\system32\winmm.dll - ok
10:23:30.0953 0x0fd4 [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
10:23:30.0953 0x0fd4 C:\WINDOWS\system32\oleaut32.dll - ok
10:23:30.0968 0x0fd4 [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
10:23:30.0968 0x0fd4 C:\WINDOWS\system32\msacm32.dll - ok
10:23:30.0984 0x0fd4 [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
10:23:30.0984 0x0fd4 C:\WINDOWS\system32\uxtheme.dll - ok
10:23:30.0984 0x0fd4 [ E73F18195CCF4AAAA87B2D22E83F791C, D15F9D27F9F2182A97AD9D221520675465487CC3B7CFA80B210925FC5D5C42E1 ] C:\WINDOWS\system32\serwvdrv.dll
10:23:30.0984 0x0fd4 C:\WINDOWS\system32\serwvdrv.dll - ok
10:23:31.0000 0x0fd4 [ EC2AD9AC452E0A8D976FB1B1718517CE, 8E74CCADDB33DFDC44BC47FFB295B6A20BDEC544FBDB8ED4D8B04C50D50AEA46 ] C:\WINDOWS\system32\umdmxfrm.dll
10:23:31.0000 0x0fd4 C:\WINDOWS\system32\umdmxfrm.dll - ok
10:23:31.0015 0x0fd4 [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
10:23:31.0015 0x0fd4 C:\WINDOWS\system32\msapsspc.dll - ok
10:23:31.0015 0x0fd4 [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
10:23:31.0015 0x0fd4 C:\WINDOWS\system32\msvcrt40.dll - ok
10:23:31.0031 0x0fd4 [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
10:23:31.0031 0x0fd4 C:\WINDOWS\system32\schannel.dll - ok
10:23:31.0046 0x0fd4 [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
10:23:31.0046 0x0fd4 C:\WINDOWS\system32\digest.dll - ok
10:23:31.0046 0x0fd4 [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
10:23:31.0046 0x0fd4 C:\WINDOWS\system32\msnsspc.dll - ok
10:23:31.0062 0x0fd4 [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\msctfime.ime
10:23:31.0062 0x0fd4 C:\WINDOWS\system32\msctfime.ime - ok
10:23:31.0062 0x0fd4 [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
10:23:31.0062 0x0fd4 C:\WINDOWS\system32\msprivs.dll - ok
10:23:31.0078 0x0fd4 [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll
10:23:31.0078 0x0fd4 C:\WINDOWS\system32\atmfd.dll - ok
10:23:31.0093 0x0fd4 [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
10:23:31.0093 0x0fd4 C:\WINDOWS\system32\kerberos.dll - ok
10:23:31.0093 0x0fd4 [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
10:23:31.0093 0x0fd4 C:\WINDOWS\system32\msv1_0.dll - ok
10:23:31.0109 0x0fd4 [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
10:23:31.0109 0x0fd4 C:\WINDOWS\system32\iphlpapi.dll - ok
10:23:31.0125 0x0fd4 [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
10:23:31.0125 0x0fd4 C:\WINDOWS\system32\netlogon.dll - ok
10:23:31.0125 0x0fd4 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
10:23:31.0125 0x0fd4 C:\WINDOWS\system32\w32time.dll - ok
10:23:31.0140 0x0fd4 [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
10:23:31.0140 0x0fd4 C:\WINDOWS\system32\wdigest.dll - ok
10:23:31.0156 0x0fd4 [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
10:23:31.0156 0x0fd4 C:\WINDOWS\system32\rsaenh.dll - ok
10:23:31.0156 0x0fd4 [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
10:23:31.0156 0x0fd4 C:\WINDOWS\system32\winscard.dll - ok
10:23:31.0171 0x0fd4 [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
10:23:31.0171 0x0fd4 C:\WINDOWS\system32\wtsapi32.dll - ok
10:23:31.0171 0x0fd4 [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
10:23:31.0187 0x0fd4 C:\WINDOWS\system32\scecli.dll - ok
10:23:31.0187 0x0fd4 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
10:23:31.0187 0x0fd4 C:\WINDOWS\system32\svchost.exe - ok
10:23:31.0203 0x0fd4 [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
10:23:31.0203 0x0fd4 C:\WINDOWS\system32\ntmarta.dll - ok
10:23:31.0203 0x0fd4 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
10:23:31.0203 0x0fd4 C:\WINDOWS\system32\rpcss.dll - ok
10:23:31.0218 0x0fd4 [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
10:23:31.0218 0x0fd4 C:\WINDOWS\system32\xpsp2res.dll - ok
10:23:31.0234 0x0fd4 [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
10:23:31.0234 0x0fd4 C:\WINDOWS\system32\eventlog.dll - ok
10:23:31.0234 0x0fd4 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
10:23:31.0250 0x0fd4 C:\WINDOWS\system32\mswsock.dll - ok
10:23:31.0250 0x0fd4 [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
10:23:31.0250 0x0fd4 C:\WINDOWS\system32\hnetcfg.dll - ok
10:23:31.0265 0x0fd4 [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
10:23:31.0265 0x0fd4 C:\WINDOWS\system32\rasadhlp.dll - ok
10:23:31.0265 0x0fd4 [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
10:23:31.0265 0x0fd4 C:\WINDOWS\system32\winrnr.dll - ok
10:23:31.0281 0x0fd4 [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
10:23:31.0281 0x0fd4 C:\WINDOWS\system32\wshtcpip.dll - ok
10:23:31.0296 0x0fd4 [ EAF536CEFA2AD556160A9DDFDFB57488, B4E7E3EED21634E1417377692946D5843424C8B0DE315A2CF465EE8310C47BE1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
10:23:31.0296 0x0fd4 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
10:23:31.0296 0x0fd4 [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:23:31.0296 0x0fd4 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
10:23:31.0312 0x0fd4 [ 9DE3C7E166C53DB99EC401F81991C9B0, 927713C28F34BF0F82400E87B766912EC0A4943611C927A19D14B29D8440B181 ] C:\Program Files\Microsoft Security Client\MpClient.dll
10:23:31.0312 0x0fd4 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
10:23:31.0312 0x0fd4 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
10:23:31.0328 0x0fd4 C:\WINDOWS\system32\logonui.exe - ok
10:23:31.0328 0x0fd4 [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
10:23:31.0328 0x0fd4 C:\WINDOWS\system32\cscdll.dll - ok
10:23:31.0343 0x0fd4 [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
10:23:31.0343 0x0fd4 C:\WINDOWS\system32\dimsntfy.dll - ok
10:23:31.0343 0x0fd4 [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
10:23:31.0343 0x0fd4 C:\WINDOWS\system32\wlnotify.dll - ok
10:23:31.0359 0x0fd4 [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
10:23:31.0359 0x0fd4 C:\WINDOWS\system32\winspool.drv - ok
10:23:31.0375 0x0fd4 [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
10:23:31.0375 0x0fd4 C:\WINDOWS\system32\duser.dll - ok
10:23:31.0390 0x0fd4 [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
10:23:31.0390 0x0fd4 C:\WINDOWS\system32\msimg32.dll - ok
10:23:31.0390 0x0fd4 [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
10:23:31.0390 0x0fd4 C:\WINDOWS\system32\oleacc.dll - ok
10:23:31.0406 0x0fd4 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] C:\WINDOWS\system32\WudfSvc.dll
10:23:31.0406 0x0fd4 C:\WINDOWS\system32\WudfSvc.dll - ok
10:23:31.0421 0x0fd4 [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
10:23:31.0421 0x0fd4 C:\WINDOWS\system32\clbcatq.dll - ok
10:23:31.0421 0x0fd4 [ 5CAF91E865FE0C85048A233E594544D2, 23B16D6CB30E124D37949EFCF261BCD9D9872FE2F3852FC345F32283E3D04178 ] C:\WINDOWS\system32\WudfPlatform.dll
10:23:31.0421 0x0fd4 C:\WINDOWS\system32\WudfPlatform.dll - ok
10:23:31.0437 0x0fd4 [ 66AACC19D629336B9915F5DB1A414799, FA5ED9B5B23032A064ACD970C7EC3E82B6AD1FF603895AF2D91B0446BDF5785D ] C:\Program Files\Microsoft Security Client\MpRTP.dll
10:23:31.0437 0x0fd4 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
10:23:31.0437 0x0fd4 [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
10:23:31.0437 0x0fd4 C:\WINDOWS\system32\comres.dll - ok
10:23:31.0453 0x0fd4 [ 5D43C9A33F18C707BA169AFDA88BDF30, 6796891360B4731B4F165300BD9FAC9A2A4C54E8CFF86DEC8036D3765AE4D9A3 ] C:\WINDOWS\system32\fltlib.dll
10:23:31.0453 0x0fd4 C:\WINDOWS\system32\fltlib.dll - ok
10:23:31.0468 0x0fd4 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
10:23:31.0468 0x0fd4 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
10:23:31.0468 0x0fd4 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
10:23:31.0468 0x0fd4 C:\WINDOWS\system32\dhcpcsvc.dll - ok
10:23:31.0484 0x0fd4 [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
10:23:31.0484 0x0fd4 C:\WINDOWS\system32\shgina.dll - ok
10:23:31.0500 0x0fd4 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
10:23:31.0500 0x0fd4 C:\WINDOWS\system32\dnsrslvr.dll - ok
10:23:31.0500 0x0fd4 [ 1C6E95AE20530568BF31401C13999B02, 7645869AA3FCAA2CFAEDACBD0D61E1FF7CDC87A0590E3854F67307A390A2A7F7 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{96F92F07-9110-406E-B605-00988C8207F7}\mpengine.dll
10:23:31.0500 0x0fd4 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{96F92F07-9110-406E-B605-00988C8207F7}\mpengine.dll - ok
10:23:31.0515 0x0fd4 [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
10:23:31.0515 0x0fd4 C:\WINDOWS\system32\cscui.dll - ok
10:23:31.0531 0x0fd4 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
10:23:31.0531 0x0fd4 C:\WINDOWS\system32\lmhsvc.dll - ok
10:23:31.0531 0x0fd4 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
10:23:31.0531 0x0fd4 C:\WINDOWS\system32\wzcsvc.dll - ok
10:23:31.0546 0x0fd4 [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
10:23:31.0546 0x0fd4 C:\WINDOWS\system32\powrprof.dll - ok
10:23:31.0562 0x0fd4 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837, 78FEB881B5F1C90AD13DD69BB8C95CDF60C84E127871916D1EE8A938849E6282 ] C:\WINDOWS\system32\dpcdll.dll
10:23:31.0562 0x0fd4 C:\WINDOWS\system32\dpcdll.dll - ok
10:23:31.0562 0x0fd4 [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
10:23:31.0562 0x0fd4 C:\WINDOWS\system32\rtutils.dll - ok
10:23:31.0578 0x0fd4 [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
10:23:31.0578 0x0fd4 C:\WINDOWS\system32\wmi.dll - ok
10:23:31.0578 0x0fd4 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
10:23:31.0578 0x0fd4 C:\WINDOWS\system32\eapolqec.dll - ok
10:23:31.0593 0x0fd4 [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
10:23:31.0593 0x0fd4 C:\WINDOWS\system32\atl.dll - ok
10:23:31.0609 0x0fd4 [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
10:23:31.0609 0x0fd4 C:\WINDOWS\system32\drprov.dll - ok
10:23:31.0609 0x0fd4 [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
10:23:31.0609 0x0fd4 C:\WINDOWS\system32\qutil.dll - ok
10:23:31.0625 0x0fd4 [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
10:23:31.0625 0x0fd4 C:\WINDOWS\system32\netui0.dll - ok
10:23:31.0640 0x0fd4 [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
10:23:31.0640 0x0fd4 C:\WINDOWS\system32\ntlanman.dll - ok
10:23:31.0640 0x0fd4 [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
10:23:31.0640 0x0fd4 C:\WINDOWS\system32\dot3api.dll - ok
10:23:31.0656 0x0fd4 [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
10:23:31.0656 0x0fd4 C:\WINDOWS\system32\esent.dll - ok
10:23:31.0671 0x0fd4 [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
10:23:31.0671 0x0fd4 C:\WINDOWS\system32\netui1.dll - ok
10:23:31.0671 0x0fd4 [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
10:23:31.0671 0x0fd4 C:\WINDOWS\system32\netrap.dll - ok
10:23:31.0687 0x0fd4 [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
10:23:31.0687 0x0fd4 C:\WINDOWS\system32\davclnt.dll - ok
10:23:31.0703 0x0fd4 [ 69A5ADF546505F4C69EF3046BF798B49, 96DB5E6762BF4EDA07A1064A2E2769C64136B4FB05181778FF7E3A6BB7BA9500 ] C:\WINDOWS\system32\mprui.dll
10:23:31.0703 0x0fd4 C:\WINDOWS\system32\mprui.dll - ok
10:23:31.0703 0x0fd4 [ 1414E666316CA7D9823DBD2D4ADA5971, 0BFE29B514C15E5974D37CD402F99B7C87A57EFCF6A2419EC9B0635ACDE21E0B ] C:\WINDOWS\system32\netui2.dll
10:23:31.0703 0x0fd4 C:\WINDOWS\system32\netui2.dll - ok
10:23:31.0718 0x0fd4 [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
10:23:31.0718 0x0fd4 C:\WINDOWS\system32\netmsg.dll - ok
10:23:31.0734 0x0fd4 [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
10:23:31.0734 0x0fd4 C:\WINDOWS\system32\rastls.dll - ok
10:23:31.0734 0x0fd4 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
10:23:31.0734 0x0fd4 C:\WINDOWS\system32\cryptui.dll - ok
10:23:31.0750 0x0fd4 [ E09551776D365BCA891BBFFB31EE4B4C, 3BDF0A2544E53DDB68E5A89C39D2F9F7C6B753E27B2F3F83AC37975D2196662B ] C:\WINDOWS\system32\wininet.dll
10:23:31.0750 0x0fd4 C:\WINDOWS\system32\wininet.dll - ok
10:23:31.0765 0x0fd4 [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
10:23:31.0765 0x0fd4 C:\WINDOWS\system32\normaliz.dll - ok
10:23:31.0765 0x0fd4 [ 4A5B3897E8DE45A978899675884551CF, A1E985DB0AD26E7F088366651C3A93A0FBC8DA119C5B20A0280BA817A8619CAA ] C:\WINDOWS\system32\urlmon.dll
10:23:31.0765 0x0fd4 C:\WINDOWS\system32\urlmon.dll - ok
10:23:31.0781 0x0fd4 [ AC21AAB649E781B067DB56CFFF303CC7, 50A8EC56E06A33FBACF6ADE545B1EF212100D4A7AB2CE45F8C67B306E9A7399B ] C:\WINDOWS\system32\iertutil.dll
10:23:31.0781 0x0fd4 C:\WINDOWS\system32\iertutil.dll - ok
10:23:31.0796 0x0fd4 [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
10:23:31.0796 0x0fd4 C:\WINDOWS\system32\mprapi.dll - ok
10:23:31.0796 0x0fd4 [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
10:23:31.0796 0x0fd4 C:\WINDOWS\system32\activeds.dll - ok
10:23:31.0812 0x0fd4 [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
10:23:31.0812 0x0fd4 C:\WINDOWS\system32\adsldpc.dll - ok
10:23:31.0812 0x0fd4 [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
10:23:31.0812 0x0fd4 C:\WINDOWS\system32\rasapi32.dll - ok
10:23:31.0828 0x0fd4 [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
10:23:31.0828 0x0fd4 C:\WINDOWS\system32\rasman.dll - ok
10:23:31.0843 0x0fd4 [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
10:23:31.0843 0x0fd4 C:\WINDOWS\system32\tapi32.dll - ok
10:23:31.0843 0x0fd4 [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
10:23:31.0843 0x0fd4 C:\WINDOWS\system32\riched20.dll - ok
10:23:31.0859 0x0fd4 [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
10:23:31.0859 0x0fd4 C:\WINDOWS\system32\raschap.dll - ok
10:23:31.0875 0x0fd4 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
10:23:31.0875 0x0fd4 C:\WINDOWS\system32\netman.dll - ok
10:23:31.0890 0x0fd4 [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
10:23:31.0890 0x0fd4 C:\WINDOWS\system32\netshell.dll - ok
10:23:31.0890 0x0fd4 [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
10:23:31.0890 0x0fd4 C:\WINDOWS\system32\credui.dll - ok
10:23:31.0906 0x0fd4 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
10:23:31.0906 0x0fd4 C:\WINDOWS\system32\dot3dlg.dll - ok
10:23:31.0921 0x0fd4 [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
10:23:31.0921 0x0fd4 C:\WINDOWS\system32\onex.dll - ok
10:23:31.0921 0x0fd4 [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
10:23:31.0921 0x0fd4 C:\WINDOWS\system32\eappcfg.dll - ok
10:23:31.0937 0x0fd4 [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
10:23:31.0937 0x0fd4 C:\WINDOWS\system32\eappprxy.dll - ok
10:23:31.0953 0x0fd4 [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
10:23:31.0953 0x0fd4 C:\WINDOWS\system32\wzcsapi.dll - ok
10:23:31.0953 0x0fd4 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] C:\WINDOWS\system32\schedsvc.dll
10:23:31.0953 0x0fd4 C:\WINDOWS\system32\schedsvc.dll - ok
10:23:31.0968 0x0fd4 [ E47E364C96467FD54FA44D59F927C3AB, D48C377A7ACF805C413D4618A099A50BE6724E8996C151B00DEAFD27CA935183 ] C:\WINDOWS\system32\msidle.dll
10:23:31.0968 0x0fd4 C:\WINDOWS\system32\msidle.dll - ok
10:23:31.0984 0x0fd4 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] C:\WINDOWS\system32\spoolsv.exe
10:23:31.0984 0x0fd4 C:\WINDOWS\system32\spoolsv.exe - ok
10:23:31.0984 0x0fd4 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] C:\WINDOWS\system32\audiosrv.dll
10:23:31.0984 0x0fd4 C:\WINDOWS\system32\audiosrv.dll - ok
10:23:32.0000 0x0fd4 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
10:23:32.0000 0x0fd4 C:\WINDOWS\system32\wkssvc.dll - ok
10:23:32.0015 0x0fd4 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4, C095D8A3A1CEAD1D78B0EE17B982718CDF4B3FE1F86D9D273875B8C1893C981B ] C:\WINDOWS\system32\wdmaud.drv
10:23:32.0015 0x0fd4 C:\WINDOWS\system32\wdmaud.drv - ok
10:23:32.0015 0x0fd4 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] C:\WINDOWS\system32\drivers\wdmaud.sys
10:23:32.0015 0x0fd4 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
10:23:32.0031 0x0fd4 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] C:\WINDOWS\system32\drivers\sysaudio.sys
10:23:32.0031 0x0fd4 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
10:23:32.0046 0x0fd4 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] C:\WINDOWS\system32\drivers\splitter.sys
10:23:32.0046 0x0fd4 C:\WINDOWS\system32\drivers\splitter.sys - ok
10:23:32.0046 0x0fd4 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] C:\WINDOWS\system32\drivers\aec.sys
10:23:32.0046 0x0fd4 C:\WINDOWS\system32\drivers\aec.sys - ok
10:23:32.0062 0x0fd4 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] C:\WINDOWS\system32\drivers\swmidi.sys
10:23:32.0062 0x0fd4 C:\WINDOWS\system32\drivers\swmidi.sys - ok
10:23:32.0078 0x0fd4 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] C:\WINDOWS\system32\drivers\DMusic.sys
10:23:32.0078 0x0fd4 C:\WINDOWS\system32\drivers\DMusic.sys - ok
10:23:32.0078 0x0fd4 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] C:\WINDOWS\system32\drivers\kmixer.sys
10:23:32.0078 0x0fd4 C:\WINDOWS\system32\drivers\kmixer.sys - ok
10:23:32.0093 0x0fd4 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] C:\WINDOWS\system32\drivers\drmkaud.sys
10:23:32.0093 0x0fd4 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
10:23:32.0093 0x0fd4 [ 9A3BD5F55AADFF859539142F6328A66E, B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ] C:\WINDOWS\system32\msacm32.drv
10:23:32.0093 0x0fd4 C:\WINDOWS\system32\msacm32.drv - ok
10:23:32.0109 0x0fd4 [ 5C12660A97822F6E61576943B49AAAD6, 621BE8E009DC95A8901F701F529ED98BD8E6D62D272AE0E1FAF69889A4D5633B ] C:\WINDOWS\system32\midimap.dll
10:23:32.0109 0x0fd4 C:\WINDOWS\system32\midimap.dll - ok
10:23:32.0125 0x0fd4 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] C:\WINDOWS\system32\drivers\mrxdav.sys
10:23:32.0125 0x0fd4 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
10:23:32.0125 0x0fd4 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] C:\WINDOWS\system32\webclnt.dll
10:23:32.0125 0x0fd4 C:\WINDOWS\system32\webclnt.dll - ok
10:23:32.0140 0x0fd4 [ D17FB2DD3175A03BE7FC0DBEAC073F76, 2759F4770599FD4AC0767F0762E2C820EFF5619535157B83BB90D1FC9C327C92 ] C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys
10:23:32.0140 0x0fd4 C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys - ok
10:23:32.0140 0x0fd4 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] C:\WINDOWS\system32\drivers\parvdm.sys
10:23:32.0156 0x0fd4 C:\WINDOWS\system32\drivers\parvdm.sys - ok
10:23:32.0156 0x0fd4 [ 0196BB164649911260339C6C27AC1511, 4B4E322BAA1F876C843D388FE27BA7126A7F21A78FBF8131F826173780002DC2 ] C:\Program Files\BlueStacks\HD-LogRotatorService.exe
10:23:32.0156 0x0fd4 C:\Program Files\BlueStacks\HD-LogRotatorService.exe - ok
10:23:32.0171 0x0fd4 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] C:\WINDOWS\system32\qmgr.dll
10:23:32.0171 0x0fd4 C:\WINDOWS\system32\qmgr.dll - ok
10:23:32.0171 0x0fd4 [ 08A73B0E7EE6E32983B5F9E540A8E380, D9FC89B19C9131C2246D82942D5E6A09F20CB488C26EF007695F1CABB53C8F91 ] C:\WINDOWS\system32\mscoree.dll
10:23:32.0171 0x0fd4 C:\WINDOWS\system32\mscoree.dll - ok
10:23:32.0187 0x0fd4 [ 60F36ED5A02B41F9F60CB29D88A9CD01, 15745EB7355A350C9414BBF2054155EDE054088EB17A8F121632EB3EB8AC72F0 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
10:23:32.0187 0x0fd4 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
10:23:32.0203 0x0fd4 [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
10:23:32.0203 0x0fd4 C:\WINDOWS\system32\shfolder.dll - ok
10:23:32.0203 0x0fd4 [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
10:23:32.0203 0x0fd4 C:\WINDOWS\system32\winhttp.dll - ok
10:23:32.0218 0x0fd4 [ 1C4D0F52B4238B9388F2A28DD0903588, 5C0A154CDE14CB669C413756DEDC80B37C559BEB731F8B0061C6FE9772563226 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
10:23:32.0218 0x0fd4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll - ok
10:23:32.0234 0x0fd4 [ 50D8D8247A966DE019DA9D006C7BB706, E197FCD9FE7ED1E00194A088EDA39F13CC4D6F3FD6555CEB868B5A849A36CA73 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
10:23:32.0234 0x0fd4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll - ok
10:23:32.0234 0x0fd4 [ 8D80F5436BBEA238BD97AA98885D8B21, 8C595FDCB6F2CEA3B8AB26ED146D1A38CBC68C98BDEB40F2F23B5C1E79D68F19 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
10:23:32.0234 0x0fd4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll - ok
10:23:32.0250 0x0fd4 [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
10:23:32.0250 0x0fd4 C:\WINDOWS\system32\userinit.exe - ok
10:23:32.0265 0x0fd4 [ 1F85C6FD34E0DB0F8247AA0012D1E57A, 49A07756165447C57E0316F20AE3719B761C6FB327783318FF8172D818F39D75 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-LogRotatorService\4e42bbe9e4c273d2a9d9956e4a18379e\HD-LogRotatorService.ni.exe
10:23:32.0265 0x0fd4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-LogRotatorService\4e42bbe9e4c273d2a9d9956e4a18379e\HD-LogRotatorService.ni.exe - ok
10:23:32.0265 0x0fd4 [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
10:23:32.0265 0x0fd4 C:\WINDOWS\explorer.exe - ok
10:23:32.0281 0x0fd4 [ 260AF897A982A69FB557C146757519F1, C0659B78C713E905BB346F86A2221B950AB5AECA5CACE615540A2CDEB53BA13C ] C:\WINDOWS\system32\browseui.dll
10:23:32.0281 0x0fd4 C:\WINDOWS\system32\browseui.dll - ok
10:23:32.0296 0x0fd4 [ A80388F8BE1FE15E86747CB35D55BE5C, A4AAF7F5B66DF2E55241345C6FA758802EDA02C124A2CFEFE524C583F0609CE4 ] C:\WINDOWS\system32\shdocvw.dll
10:23:32.0296 0x0fd4 C:\WINDOWS\system32\shdocvw.dll - ok
10:23:32.0296 0x0fd4 [ FE2571A8C9FFAB1D45502D6B0BF472AA, 1442FC0180B555BC4F9B97B9A0D7674F75E67A6F61B87A6D690A20AE7D1EF360 ] C:\WINDOWS\system32\xp_eos.exe
10:23:32.0296 0x0fd4 C:\WINDOWS\system32\xp_eos.exe - ok
10:23:32.0312 0x0fd4 [ 4044E880593FE1AC9942190FCE414BE7, 1EBD42F10592D57A2C8562C641461DE5288D9E900FE91A4A1800C9AB9034F2CD ] C:\WINDOWS\system32\mstask.dll
10:23:32.0312 0x0fd4 C:\WINDOWS\system32\mstask.dll - ok
10:23:32.0328 0x0fd4 [ BEBB109910B806E988149FA9BCEABE30, 44CF8783DBDF6DE080D1FC52EA731CCEF33D09913615A49548F0A547962CC922 ] C:\Program Files\Glary Utilities\initialize.exe
10:23:32.0328 0x0fd4 C:\Program Files\Glary Utilities\initialize.exe - ok
10:23:32.0328 0x0fd4 [ 0DCD17C9A3B135C61834C716A412A5BF, 0AA9423B17431BBFBE0A194AA0BF89F41A6A068ACB740C03ABB0330E7BF4EDE0 ] C:\Program Files\Glary Utilities\rtl70.bpl
10:23:32.0328 0x0fd4 C:\Program Files\Glary Utilities\rtl70.bpl - ok
10:23:32.0343 0x0fd4 [ 7EEF92697C962900B1298F28673D3E0B, 0E78667E3C1A1EFC34E5860AF11FD0C3AFA765A85E6E523C3DA003D2C71C20D7 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
10:23:32.0343 0x0fd4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll - ok
10:23:32.0343 0x0fd4 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
10:23:32.0343 0x0fd4 C:\WINDOWS\system32\cryptsvc.dll - ok
10:23:32.0359 0x0fd4 [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
10:23:32.0359 0x0fd4 C:\WINDOWS\system32\wsock32.dll - ok
10:23:32.0375 0x0fd4 [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
10:23:32.0375 0x0fd4 C:\WINDOWS\system32\certcli.dll - ok
10:23:32.0375 0x0fd4 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] C:\WINDOWS\system32\ersvc.dll
10:23:32.0375 0x0fd4 C:\WINDOWS\system32\ersvc.dll - ok
10:23:32.0390 0x0fd4 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
10:23:32.0390 0x0fd4 C:\WINDOWS\system32\es.dll - ok
10:23:32.0406 0x0fd4 [ 599DABD485B83B3DDBFCACFD60AC8774, 76857992D7384747F28C14931E9E22F5454B3357F9EAD94D4D67F07607864619 ] C:\Program Files\Glary Utilities\vcl70.bpl
10:23:32.0406 0x0fd4 C:\Program Files\Glary Utilities\vcl70.bpl - ok
10:23:32.0406 0x0fd4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files\Google\Update\GoogleUpdate.exe
10:23:32.0406 0x0fd4 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
10:23:32.0421 0x0fd4 [ A43B937C580F5DFC43EF63EF72992FE9, 1B1C9B434BF12D39B2CC750AABB953169E3B43095827CD086750B2195BBC5B64 ] C:\Program Files\Google\Update\1.3.22.5\goopdate.dll
10:23:32.0421 0x0fd4 C:\Program Files\Google\Update\1.3.22.5\goopdate.dll - ok
10:23:32.0437 0x0fd4 [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
10:23:32.0437 0x0fd4 C:\WINDOWS\system32\desk.cpl - ok
10:23:32.0437 0x0fd4 [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
10:23:32.0437 0x0fd4 C:\WINDOWS\system32\themeui.dll - ok
10:23:32.0453 0x0fd4 [ B649CC55EAED3129159999C2A923C5B5, 1925C2035A1F28758A884D3D8415D4972F4DC079D9A6CD59150AF630A653DF46 ] C:\Program Files\BlueStacks\HD-LogRotator.exe
10:23:32.0453 0x0fd4 C:\Program Files\BlueStacks\HD-LogRotator.exe - ok
10:23:32.0468 0x0fd4 [ F282D4EDD85D53E20D902CC92190C5F5, 666E57A9C68DDE558A709EA7FA0713631D15B2215CCCB8C1CEE8202E2F925A25 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
10:23:32.0468 0x0fd4 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
10:23:32.0468 0x0fd4 [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
10:23:32.0468 0x0fd4 C:\WINDOWS\system32\cryptnet.dll - ok
10:23:32.0484 0x0fd4 [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll
10:23:32.0484 0x0fd4 C:\WINDOWS\system32\msi.dll - ok
10:23:32.0500 0x0fd4 [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
10:23:32.0500 0x0fd4 C:\WINDOWS\system32\sensapi.dll - ok
10:23:32.0500 0x0fd4 [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll
10:23:32.0500 0x0fd4 C:\WINDOWS\system32\actxprxy.dll - ok
10:23:32.0515 0x0fd4 [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
10:23:32.0515 0x0fd4 C:\WINDOWS\system32\cabinet.dll - ok
10:23:32.0531 0x0fd4 [ 994AD0D8550B8B26990A6E3AA0791502, 816CC3E7C272AEAD4623415F69150709549586CCCD348EE2D9E18D7AB43455F6 ] C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll
10:23:32.0531 0x0fd4 C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll - ok
10:23:32.0531 0x0fd4 [ 383E7A07C04099F4A910A01A2BF53E8C, E53D297BB7084F04340EB55DD2A62F22F06309DF7724B6C279105F8EFD8AA22E ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-LogRotator\381dda151b1852935dc315293ca2e96b\HD-LogRotator.ni.exe
10:23:32.0531 0x0fd4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-LogRotator\381dda151b1852935dc315293ca2e96b\HD-LogRotator.ni.exe - ok
10:23:32.0546 0x0fd4 [ 6D778E0F95447E6546553EEEA709D03C, 62ABED7D45040381BBCED97EA7B6C697B418448FD3322FD4BFB2BBFDB6155EB4 ] C:\WINDOWS\system32\cmd.exe
10:23:32.0546 0x0fd4 C:\WINDOWS\system32\cmd.exe - ok
10:23:32.0562 0x0fd4 [ DE932EC79D79C1495BF685CECB6AF0F3, 42D0C265DABC6BAC710E088EE5855660D607CE7DA6A098E4C1AC4A0BF8CC2773 ] C:\WINDOWS\system32\ieframe.dll
10:23:32.0562 0x0fd4 C:\WINDOWS\system32\ieframe.dll - ok
10:23:32.0562 0x0fd4 [ 0B467F470CC9918FDCEEDCFD7DC4D697, 87C8BCC4DFF318FC393A8C0FB0B82CCC9DA83EC0F5811CF303F3AC265A575578 ] C:\WINDOWS\system32\oledlg.dll
10:23:32.0562 0x0fd4 C:\WINDOWS\system32\oledlg.dll - ok
10:23:32.0578 0x0fd4 [ 216F25C143060EF48B1C85FE99071151, 96D4FC70D11A0F017696D16809BDD3B9FC86F11817935DF6F22F64ADAB949E47 ] C:\Program Files\Glary Utilities\VirtualTreesD7.bpl
10:23:32.0578 0x0fd4 C:\Program Files\Glary Utilities\VirtualTreesD7.bpl - ok
10:23:32.0578 0x0fd4 [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
10:23:32.0578 0x0fd4 C:\WINDOWS\system32\dbghelp.dll - ok
10:23:32.0593 0x0fd4 [ 7C64BC02E69B0366E2BA0227141C598B, 950F4C56B3AA1BE43179FFA87F1C6D24699FA7948D42E3CEEEFD9BD9E9ADF393 ] C:\Program Files\Glary Utilities\GUControlD7.bpl
10:23:32.0593 0x0fd4 C:\Program Files\Glary Utilities\GUControlD7.bpl - ok
10:23:32.0609 0x0fd4 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:23:32.0609 0x0fd4 C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
10:23:32.0609 0x0fd4 [ 7244F63DB8EA883B3DC8E730C645D073, DB83BA959D06945CEF5CC41EDF6DBBBA5691A2F52BA1BF507B79E22A0EED7FF8 ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:23:32.0609 0x0fd4 C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok
10:23:32.0625 0x0fd4 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] C:\WINDOWS\system32\drivers\http.sys
10:23:32.0625 0x0fd4 C:\WINDOWS\system32\drivers\http.sys - ok
10:23:32.0640 0x0fd4 [ C98ACDE22458C8F46FD0503CB9E2D01F, C3B06C13F2EC3DCD6B91F02D11204FE06FBEE6C673E8CDEF1134C764250438AA ] C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
10:23:32.0640 0x0fd4 C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe - ok
10:23:32.0640 0x0fd4 [ 00328F10D94E30DD1206923ED2F9400C, D5BEE7678EE662945D4816E65955DD7A05D4EF596BAD6012D9A68D3EE6C3A5A9 ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll
10:23:32.0640 0x0fd4 C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok
10:23:32.0656 0x0fd4 [ C3200506FB212A0F4FB736A80E646C40, 19D041704CB052BD52BD0DFD70E66E7A55EDEE56888DEEF56A9739476AF91944 ] C:\WINDOWS\system32\lz32.dll
10:23:32.0656 0x0fd4 C:\WINDOWS\system32\lz32.dll - ok
10:23:32.0671 0x0fd4 [ E12C66FFD510C78731D5400EDDECD8C8, 3F9CE1D5A24C429253ADF9A16CDA9B1E64FC71E834E8300371178343AEA7E1B7 ] C:\Program Files\Glary Utilities\vclx70.bpl
10:23:32.0671 0x0fd4 C:\Program Files\Glary Utilities\vclx70.bpl - ok
10:23:32.0687 0x0fd4 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] C:\WINDOWS\system32\w3ssl.dll
10:23:32.0687 0x0fd4 C:\WINDOWS\system32\w3ssl.dll - ok
10:23:32.0687 0x0fd4 [ 4A93B65CFB514F2EA76B59568D5F39CE, E94994AC5E88579786FDB95F95661ABE93992F7DC381A8C5189AE0D02AFAA46A ] C:\WINDOWS\system32\strmfilt.dll
10:23:32.0687 0x0fd4 C:\WINDOWS\system32\strmfilt.dll - ok
10:23:32.0703 0x0fd4 [ E1F3AB2CC3521E68F242FB4D60C52AE3, D0257BC92AD0673929544FB994FEB047399D911090727D54180D897AE853BD6F ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
10:23:32.0703 0x0fd4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll - ok
10:23:32.0718 0x0fd4 [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] C:\Program Files\Java\jre7\bin\jqs.exe
10:23:32.0718 0x0fd4 C:\Program Files\Java\jre7\bin\jqs.exe - ok
10:23:32.0718 0x0fd4 [ 79E3A8C328E7E569C32B0998377D9742, F5854956E452AD663004679BBDF8B006695B69C8962534CD243193F04F294DF3 ] C:\WINDOWS\system32\spoolss.dll
10:23:32.0718 0x0fd4 C:\WINDOWS\system32\spoolss.dll - ok
10:23:32.0734 0x0fd4 [ 5677DFE438EC1F009273FC84FEED6B10, 44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ] C:\WINDOWS\system32\localspl.dll
10:23:32.0734 0x0fd4 C:\WINDOWS\system32\localspl.dll - ok
10:23:32.0734 0x0fd4 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1, 997E33546757AFD04B084F91E2EDA623D1328ECB9F3D18BA8F62C257FFB4547D ] C:\WINDOWS\system32\httpapi.dll
10:23:32.0734 0x0fd4 C:\WINDOWS\system32\httpapi.dll - ok
10:23:32.0750 0x0fd4 [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Program Files\Java\jre7\bin\msvcr100.dll
10:23:32.0750 0x0fd4 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
10:23:32.0765 0x0fd4 [ 5D3D1AB0EF4EA55B731863050482C111, 8713DAA48DBC5FDF95BE993863BEE669BBB4026347DC575D72F520F423EE21BA ] C:\WINDOWS\system32\cnbjmon.dll
10:23:32.0765 0x0fd4 C:\WINDOWS\system32\cnbjmon.dll - ok
10:23:32.0765 0x0fd4 [ F672155776ABADF6A23C59E74491C9F2, B623F7901B85BA72808EC4AF9A195236C601A6B965F9202DB557746AE3FFC327 ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{3CF69E26-E837-426B-8721-C7A76A8ABB96}.exe
10:23:32.0765 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{3CF69E26-E837-426B-8721-C7A76A8ABB96}.exe - ok
10:23:32.0781 0x0fd4 [ A246F118B3247C456DC68C5B7D929E75, 139486A4D86A3A3C4EF0342859FB5D2DA60E6C58C1ECCBCC456D80E3230A316A ] C:\WINDOWS\system32\HPBMMON.DLL
10:23:32.0781 0x0fd4 C:\WINDOWS\system32\HPBMMON.DLL - ok
10:23:32.0796 0x0fd4 [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll
10:23:32.0796 0x0fd4 C:\WINDOWS\system32\msutb.dll - ok
10:23:32.0796 0x0fd4 [ AAE2820726FF1346B501610CC56A9D9C, 15E1907ED42F83C44B8BDF30F0B78E9B3270C53422F28576CAC8CB63381A7147 ] C:\WINDOWS\system32\HPDOMON.DLL
10:23:32.0796 0x0fd4 C:\WINDOWS\system32\HPDOMON.DLL - ok
10:23:32.0812 0x0fd4 [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\msctf.dll
10:23:32.0812 0x0fd4 C:\WINDOWS\system32\msctf.dll - ok
10:23:32.0828 0x0fd4 [ 222DE7F5EDB9DDBE628384A1A8BE59CE, 063AF8C6C251961ABC93A8E8A07DB9B9582CD1812CA3BB297FAFDF0AD3E5B4CC ] C:\WINDOWS\system32\pjlmon.dll
10:23:32.0828 0x0fd4 C:\WINDOWS\system32\pjlmon.dll - ok
10:23:32.0828 0x0fd4 [ F26385E8BA4549B5186B774EC0E45D86, 0BA8CA4C06918690EA68678CA5887F1B7E2B0976C99BDFAF99CC1C99F3E300A0 ] C:\WINDOWS\system32\usbmon.dll
10:23:32.0828 0x0fd4 C:\WINDOWS\system32\usbmon.dll - ok
10:23:32.0843 0x0fd4 [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
10:23:32.0843 0x0fd4 C:\WINDOWS\system32\linkinfo.dll - ok
10:23:32.0843 0x0fd4 [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
10:23:32.0843 0x0fd4 C:\WINDOWS\system32\ntshrui.dll - ok
10:23:32.0859 0x0fd4 [ 5652F6CE1D9E9D8068B9D29BC21B5409, 807A8B8FD8CCFC04409E1D64947FE35F847F194FF6FC09CCCF66F274F2A994C6 ] C:\WINDOWS\system32\olepro32.dll
10:23:32.0859 0x0fd4 C:\WINDOWS\system32\olepro32.dll - ok
10:23:32.0875 0x0fd4 [ C51A3D62B0F81897EB0CEF4E47392CB8, 5E8E171DB675416BCD6612FCDB895351A50819CFA612F3C2E79321CCF16899AB ] C:\WINDOWS\system32\HPBHEALR.DLL
10:23:32.0875 0x0fd4 C:\WINDOWS\system32\HPBHEALR.DLL - ok
10:23:32.0875 0x0fd4 [ B3CCC4241FBB6B483916736E5869AAD5, 5AF9E7C2A465DC11E16F20CFE161A0B7BCC79337F847BAEFA199AACCB128F87A ] C:\WINDOWS\system32\HPTcpMon.dll
10:23:32.0875 0x0fd4 C:\WINDOWS\system32\HPTcpMon.dll - ok
10:23:32.0890 0x0fd4 [ 9A984EB0F17A79BE8F7F0CE194A97EA5, 826D37C4DF0D3B932DA10EA5E616AB787428D42C72E1BC17008B6504B9CB583B ] C:\Program Files\Glary Utilities\lockdll.dll
10:23:32.0890 0x0fd4 C:\Program Files\Glary Utilities\lockdll.dll - ok
10:23:32.0906 0x0fd4 [ 62CF83A6989312A0DD39BBFFB3D1C166, 05FB7F06444B4958BE3EFC6909614D516BE5FE3929E0F58D2C13C2A211C1F86A ] C:\WINDOWS\system32\pdh.dll
10:23:32.0906 0x0fd4 C:\WINDOWS\system32\pdh.dll - ok
10:23:32.0906 0x0fd4 [ 22D71D1DB6FC789A1CE8AC6963580259, DD5307A108936AAE840F973F7F718A6954E173D4E210A375C75DB644B2162CFD ] C:\WINDOWS\system32\hhctrl.ocx
10:23:32.0906 0x0fd4 C:\WINDOWS\system32\hhctrl.ocx - ok
10:23:32.0921 0x0fd4 [ 09EF914A6B4102D439632DD1AC117200, 2C43B0F44CF67D1C038EB2A6E8FCD5E2F087CF3EDB79EF48F245BEBA2D5DA373 ] C:\WINDOWS\system32\HPTcpMUI.dll
10:23:32.0921 0x0fd4 C:\WINDOWS\system32\HPTcpMUI.dll - ok
10:23:32.0937 0x0fd4 [ 369F7B1A4F358B976176556A1A331F36, 65A60C4C5D816D53DDAA208FEEDD4F8C185A77BACB8736EADCAE2F454C8FFC08 ] C:\WINDOWS\system32\odbcbcp.dll
10:23:32.0937 0x0fd4 C:\WINDOWS\system32\odbcbcp.dll - ok
10:23:32.0937 0x0fd4 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll
10:23:32.0937 0x0fd4 C:\WINDOWS\system32\srvsvc.dll - ok
10:23:32.0953 0x0fd4 [ A7566DA7AA8B74F1CEBC18AFD6B6CFA0, EDCBEBE908C7654A8B99011CB53234F512A68164EF865F33FA87A95D510DF364 ] C:\WINDOWS\system32\drivers\MrtRate.sys
10:23:32.0953 0x0fd4 C:\WINDOWS\system32\drivers\MrtRate.sys - ok
10:23:32.0968 0x0fd4 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys
10:23:32.0968 0x0fd4 C:\WINDOWS\system32\drivers\srv.sys - ok
10:23:32.0968 0x0fd4 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3, 29ACA9D8A5426333F75858D9D3960A4DCDDA4ACC986B3E9E37D255E4FAECDB7C ] C:\WINDOWS\system32\HPZinw12.dll
10:23:32.0968 0x0fd4 C:\WINDOWS\system32\HPZinw12.dll - ok
10:23:32.0984 0x0fd4 [ 332760FBA1655FCFD35BD6F4FD871300, 6C539FD14B9CF9423E305EAF60CB5C12CA0F7AEF571FB09BAF64E83F108B7F2D ] C:\WINDOWS\system32\ipsecsvc.dll
10:23:32.0984 0x0fd4 C:\WINDOWS\system32\ipsecsvc.dll - ok
10:23:33.0000 0x0fd4 [ 3584A093E8778C9E5F80CED99F0B7F35, 0FEDA737A8A42BD0B93C49823D571C3F961B6B43DC0D7EF3F5F089C95E650CC3 ] C:\WINDOWS\system32\hpzjrd01.dll
10:23:33.0000 0x0fd4 C:\WINDOWS\system32\hpzjrd01.dll - ok
10:23:33.0000 0x0fd4 [ 79834AA2FBF9FE81EEBB229024F6F7FC, 4E243765C11AE9B5D003C3220B8AA0C4671B2627221D2323F80189CA3A307FEF ] C:\WINDOWS\system32\HPZipm12.dll
10:23:33.0000 0x0fd4 C:\WINDOWS\system32\HPZipm12.dll - ok
10:23:33.0015 0x0fd4 [ 584C4DA856450CB22EBBE7A68CC6250F, 56030767CFD2DAFDAE8CC767DC1EED39DD2E6E42152BFAE7904C2C8826B2C3E2 ] C:\WINDOWS\system32\oakley.dll
10:23:33.0015 0x0fd4 C:\WINDOWS\system32\oakley.dll - ok
10:23:33.0031 0x0fd4 [ E9392D9E3B82C79B31FC42CAF958D039, 37EDCD8EBB5281550C2590436B115F99EA9CDEBD3D44DC093898AB35117CC794 ] C:\WINDOWS\system32\HPTcpMib.dll
10:23:33.0031 0x0fd4 C:\WINDOWS\system32\HPTcpMib.dll - ok
10:23:33.0031 0x0fd4 [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
10:23:33.0031 0x0fd4 C:\WINDOWS\system32\winipsec.dll - ok
10:23:33.0046 0x0fd4 [ 853D0D0C6F02D7BFDF1CF99DD7553732, AC761B4CA518B787CB2C18101606E5F64245049D140C72B6B1112556DEC86B2E ] C:\WINDOWS\system32\pstorsvc.dll
10:23:33.0046 0x0fd4 C:\WINDOWS\system32\pstorsvc.dll - ok
10:23:33.0062 0x0fd4 [ ACDAFCD14EC0ECE89198503746A5C147, F90876961B6966915C4A1847F91F45282FFA48140D01503EF9013E774661C4E8 ] C:\WINDOWS\system32\perfos.dll
10:23:33.0062 0x0fd4 C:\WINDOWS\system32\perfos.dll - ok
10:23:33.0062 0x0fd4 [ 1E744353BD534405187A404667DA3DC3, ACE581FBF36BD511C64E37760526F1BB7172FD5045708BA836933D8FACC4FAFA ] C:\WINDOWS\system32\mgmtapi.dll
10:23:33.0062 0x0fd4 C:\WINDOWS\system32\mgmtapi.dll - ok
10:23:33.0078 0x0fd4 [ ABFB673B24A9B3287761D497529FB5B9, FD0DEC392BE1632C33E90981D799DD5C11C9D257F0B1D3190FA32658EB706F0A ] C:\WINDOWS\system32\perfdisk.dll
10:23:33.0078 0x0fd4 C:\WINDOWS\system32\perfdisk.dll - ok
10:23:33.0078 0x0fd4 [ 22D89D84E8E081CDA529DBF8C0255A38, 26863A2D27BE257D99EF28A612FC1B514558B27002EF10B0F682BC15C6D1CD74 ] C:\WINDOWS\system32\psbase.dll
10:23:33.0078 0x0fd4 C:\WINDOWS\system32\psbase.dll - ok
10:23:33.0093 0x0fd4 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] C:\WINDOWS\system32\seclogon.dll
10:23:33.0093 0x0fd4 C:\WINDOWS\system32\seclogon.dll - ok
10:23:33.0109 0x0fd4 [ 5C1F0537E61F87B435F56E00B4F20EE8, AA4BAD8612F45125421C13536D6E7FB4C85BA6DE7D61BDE19949286FB1910B3D ] C:\WINDOWS\system32\snmpapi.dll
10:23:33.0109 0x0fd4 C:\WINDOWS\system32\snmpapi.dll - ok
10:23:33.0109 0x0fd4 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
10:23:33.0109 0x0fd4 C:\WINDOWS\system32\sens.dll - ok
10:23:33.0125 0x0fd4 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
10:23:33.0125 0x0fd4 C:\WINDOWS\system32\termsrv.dll - ok
10:23:33.0140 0x0fd4 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
10:23:33.0140 0x0fd4 C:\WINDOWS\system32\srsvc.dll - ok
10:23:33.0140 0x0fd4 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] C:\WINDOWS\system32\ssdpsrv.dll
10:23:33.0140 0x0fd4 C:\WINDOWS\system32\ssdpsrv.dll - ok
10:23:33.0156 0x0fd4 [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
10:23:33.0156 0x0fd4 C:\WINDOWS\system32\dssenh.dll - ok
10:23:33.0171 0x0fd4 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] C:\WINDOWS\system32\wiaservc.dll
10:23:33.0171 0x0fd4 C:\WINDOWS\system32\wiaservc.dll - ok
10:23:33.0171 0x0fd4 [ 277F3E3333F1D10CA428568197FCCE70, 1AC24A8817396FA4172DC6216FBF82A1F6F8F9A1A1F87D6884FF17DCCB15C3FF ] C:\WINDOWS\system32\wsnmp32.dll
10:23:33.0171 0x0fd4 C:\WINDOWS\system32\wsnmp32.dll - ok
10:23:33.0187 0x0fd4 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll
10:23:33.0187 0x0fd4 C:\WINDOWS\system32\browser.dll - ok
10:23:33.0203 0x0fd4 [ AD03E900B06A20E5EB89D44422575C23, D71357BA58E619F7C4A4B8300EC25F2C4003F605090EEB3BBE5E8441D19B85CC ] C:\Program Files\BlueStacks\HD-Service.exe
10:23:33.0203 0x0fd4 C:\Program Files\BlueStacks\HD-Service.exe - ok
10:23:33.0203 0x0fd4 [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
10:23:33.0203 0x0fd4 C:\WINDOWS\system32\icaapi.dll - ok
10:23:33.0218 0x0fd4 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
10:23:33.0218 0x0fd4 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
10:23:33.0234 0x0fd4 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] C:\WINDOWS\system32\wuauserv.dll
10:23:33.0234 0x0fd4 C:\WINDOWS\system32\wuauserv.dll - ok
10:23:33.0234 0x0fd4 [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
10:23:33.0234 0x0fd4 C:\WINDOWS\system32\mstlsapi.dll - ok
10:23:33.0250 0x0fd4 [ AE0382AD9C73D343D85E1A50C80B7C20, 7477A5A33C0ACF80BE73F0169893A7D53AF8ABC514FCE190A6ACC677092E5A55 ] C:\WINDOWS\system32\tcpmon.dll
10:23:33.0250 0x0fd4 C:\WINDOWS\system32\tcpmon.dll - ok
10:23:33.0250 0x0fd4 [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
10:23:33.0265 0x0fd4 C:\WINDOWS\system32\vssapi.dll - ok
10:23:33.0265 0x0fd4 [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
10:23:33.0265 0x0fd4 C:\WINDOWS\system32\cfgmgr32.dll - ok
10:23:33.0281 0x0fd4 [ 399A0564614B90F47EB0918A8D0FAD5D, C17CFCBEC3DB1452D64FF55C1BE1EFFC4A6FD58AC7DA028FE7E4BF05812A3F5A ] C:\WINDOWS\system32\spool\prtprocs\w32x86\HPPRN05.DLL
10:23:33.0281 0x0fd4 C:\WINDOWS\system32\spool\prtprocs\w32x86\HPPRN05.DLL - ok
10:23:33.0281 0x0fd4 [ D2F443A7928C75186C1BE8491158F880, CB66B679D374ABB72861E73B9B5204F7AFF596B10941D35DE255F62160D00892 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-Service\db9b8045506ac30216e29f64af951f1d\HD-Service.ni.exe
10:23:33.0281 0x0fd4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-Service\db9b8045506ac30216e29f64af951f1d\HD-Service.ni.exe - ok
10:23:33.0296 0x0fd4 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1, 502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ] C:\WINDOWS\system32\mscms.dll
10:23:33.0296 0x0fd4 C:\WINDOWS\system32\mscms.dll - ok
10:23:33.0312 0x0fd4 [ EEE7F12D9FF46F68FBC0DA059A359E9E, 1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
10:23:33.0312 0x0fd4 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
10:23:33.0312 0x0fd4 [ 55EC3AC4F3159742520974D73DBC7554, 5A5D2146A1C8B50EF98DB62DE11237C72B8BD8DA0E2CBEC266518E58CFCDE343 ] C:\Program Files\BlueStacks\HD-Service-Native.dll
10:23:33.0312 0x0fd4 C:\Program Files\BlueStacks\HD-Service-Native.dll - ok
10:23:33.0328 0x0fd4 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\WINDOWS\system32\wuaueng.dll
10:23:33.0328 0x0fd4 C:\WINDOWS\system32\wuaueng.dll - ok
10:23:33.0343 0x0fd4 [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
10:23:33.0343 0x0fd4 C:\WINDOWS\system32\verclsid.exe - ok
10:23:33.0343 0x0fd4 [ 7778BDFA3F6F6FBA0E75B9594098F737, 50992333A9D31CF69C13573C24455422791199BD7C63C3FC7C3F0E4CC1BC6FA4 ] C:\WINDOWS\system32\searchindexer.exe
10:23:33.0343 0x0fd4 C:\WINDOWS\system32\searchindexer.exe - ok
10:23:33.0359 0x0fd4 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] C:\WINDOWS\system32\upnphost.dll
10:23:33.0359 0x0fd4 C:\WINDOWS\system32\upnphost.dll - ok
10:23:33.0359 0x0fd4 [ 093D3EE722542BA2E7AD929AA3CA6ABC, C96CAFE2365DB062A06CC0426C5C1519350CD2E57D2721148BC20F72130CBF5C ] C:\WINDOWS\system32\igfxtray.exe
10:23:33.0359 0x0fd4 C:\WINDOWS\system32\igfxtray.exe - ok
10:23:33.0375 0x0fd4 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C, 7123FC923BA4C3DD3EDFE9F8936442C4CCE7757D370AB799B0B5668223B965EE ] C:\WINDOWS\system32\win32spl.dll
10:23:33.0375 0x0fd4 C:\WINDOWS\system32\win32spl.dll - ok
10:23:33.0390 0x0fd4 [ 5B7473D38DFABF4C511F3BF909A225A6, 9813A6DAC5DB3ADECF9BBBDAC12194786F2A453C50A8A9664DE1AD7BFE37397B ] C:\WINDOWS\system32\hccutils.dll
10:23:33.0390 0x0fd4 C:\WINDOWS\system32\hccutils.dll - ok
10:23:33.0390 0x0fd4 [ 2D99607F21FF368C0E335A2D91A052A1, 97C8DADC411B2B2470F764CB44738F39EC4652FD021A32420D2A460B02BB4F4B ] C:\WINDOWS\BCMSMMSG.exe
10:23:33.0390 0x0fd4 C:\WINDOWS\BCMSMMSG.exe - ok
10:23:33.0406 0x0fd4 [ CC8915DB4E33E8FB29CA0D2DBF75306E, 6319C0580FFDA989A2726814667C330F6A5C864D34B8C87645DD5A98E7A2C7FB ] C:\WINDOWS\system32\webcheck.dll
10:23:33.0406 0x0fd4 C:\WINDOWS\system32\webcheck.dll - ok
10:23:33.0421 0x0fd4 [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
10:23:33.0421 0x0fd4 C:\WINDOWS\system32\ssdpapi.dll - ok
10:23:33.0421 0x0fd4 [ EE4C651A217B01D636B5364AC77DA892, E40C7DD39234673A3BA8FD87C189653C391E326ECB3E8011B5020BB9D78F56D0 ] C:\WINDOWS\system32\inetpp.dll
10:23:33.0421 0x0fd4 C:\WINDOWS\system32\inetpp.dll - ok
10:23:33.0437 0x0fd4 [ 6B906A79DF408A615E343ED54DA98D21, B78D156A1C51D880B8397797FB84A966E09C64892B7D6C88FAC7C92A6FFBA954 ] C:\Program Files\BlueStacks\HD-Network.exe
10:23:33.0437 0x0fd4 C:\Program Files\BlueStacks\HD-Network.exe - ok
10:23:33.0453 0x0fd4 [ 0CBD1906F74BEB539FCEF6493095B933, 0ED57053DB07F2C0892F785AA65FE634FC9EC8187D45193D6899EA26B7C9B274 ] C:\WINDOWS\system32\tquery.dll
10:23:33.0453 0x0fd4 C:\WINDOWS\system32\tquery.dll - ok
10:23:33.0453 0x0fd4 [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
10:23:33.0453 0x0fd4 C:\WINDOWS\system32\mlang.dll - ok
10:23:33.0468 0x0fd4 [ A167836EC7FD7793BD84B00F89E9459C, 05244E0B9E478C4A4FBB7D584B56573E829BF7E9F69C22D480DADDD3D9ADBC5A ] C:\Program Files\BlueStacks\HD-BlockDevice.exe
10:23:33.0468 0x0fd4 C:\Program Files\BlueStacks\HD-BlockDevice.exe - ok
10:23:33.0484 0x0fd4 [ 50512FC9B7878E3C2C147BC17326A7DB, 670006280CA98213C3A23B442615FD729C83953795619360F9D2988E56A602D7 ] C:\WINDOWS\system32\stobject.dll
10:23:33.0484 0x0fd4 C:\WINDOWS\system32\stobject.dll - ok
10:23:33.0484 0x0fd4 [ B85E95679B5ADC12311BCD3F5385D623, 378D304CF408AE1928EF6290A5A9F2388920B55FD69382759B356B6A3FF94F3A ] C:\WINDOWS\system32\mspatcha.dll
10:23:33.0484 0x0fd4 C:\WINDOWS\system32\mspatcha.dll - ok
10:23:33.0500 0x0fd4 [ 231A0B0E3BA7ABFE469A8262FAA1FD71, 76F8AE2680438B279081EDFC2728E3785736E82A5C6396AA705BFFFF5C361294 ] C:\WINDOWS\system32\batmeter.dll
10:23:33.0500 0x0fd4 C:\WINDOWS\system32\batmeter.dll - ok
10:23:33.0515 0x0fd4 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] C:\WINDOWS\system32\trkwks.dll
10:23:33.0515 0x0fd4 C:\WINDOWS\system32\trkwks.dll - ok
10:23:33.0515 0x0fd4 [ 045E228F71C31901084B64BE59093499, BA463D9EC2C2D266A34DBAC542CFA0403BFB03DDF3037FBD043BB691A8E493FA ] C:\WINDOWS\system32\WPDShServiceObj.dll
10:23:33.0515 0x0fd4 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
10:23:33.0531 0x0fd4 [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\WINDOWS\system32\wups.dll
10:23:33.0531 0x0fd4 C:\WINDOWS\system32\wups.dll - ok
10:23:33.0546 0x0fd4 [ ED0C0DF222209E43AD9AFBF3FE87DDE0, 927329F9244DA9F0074FA0D4C101EE793AFCF433155E58714C33444C5EF35014 ] C:\WINDOWS\system32\comsvcs.dll
10:23:33.0546 0x0fd4 C:\WINDOWS\system32\comsvcs.dll - ok
10:23:33.0546 0x0fd4 [ 89D74683C859B7982056D15938BACA3E, 57914A49A65A8FD7C7706BE78FB0F87B4C7EEB352836E28086078D07B79848AF ] C:\WINDOWS\system32\propsys.dll
10:23:33.0546 0x0fd4 C:\WINDOWS\system32\propsys.dll - ok
10:23:33.0562 0x0fd4 [ 850AFD1EB9693FAC83324C4D5CD8F510, 5C8A45EBF30EC03650CE4BBD3642695A197A09036D89F9DBF504316A7304D87E ] C:\WINDOWS\system32\igfxdev.dll
10:23:33.0562 0x0fd4 C:\WINDOWS\system32\igfxdev.dll - ok
10:23:33.0578 0x0fd4 [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
10:23:33.0578 0x0fd4 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
10:23:33.0578 0x0fd4 [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
10:23:33.0578 0x0fd4 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
10:23:33.0593 0x0fd4 [ 03396637E1E1B4E333D00AED86178918, CF582487E856D01C960392AC658E8D36A92F2B2B4B9AEA9BFC9E6F75FBAD6571 ] C:\Program Files\Microsoft Security Client\msseces.exe
10:23:33.0593 0x0fd4 C:\Program Files\Microsoft Security Client\msseces.exe - ok
10:23:33.0593 0x0fd4 [ 538A270F35A713C360B7ED4168BB7521, 47D8784C811FCADD1E78A907AF56D3D0FA5ABE9AC7DA7CB41AF60D304CAA06BA ] C:\WINDOWS\system32\mydocs.dll
10:23:33.0593 0x0fd4 C:\WINDOWS\system32\mydocs.dll - ok
10:23:33.0609 0x0fd4 [ 297F14C35BE1315574B1ABEAB361C81E, E85EAF649D35AB8BEA720D7D45C1DD4F05686DB1F1954212BC8054DDD6DEC82B ] C:\Program Files\BlueStacks\HD-SharedFolder.exe
10:23:33.0609 0x0fd4 C:\Program Files\BlueStacks\HD-SharedFolder.exe - ok
10:23:33.0625 0x0fd4 [ E5926BC2E9CFA7D13F05B5E5F8E9CD52, 51EB7EE3D8FDC5BBA9C40DF13AEBCF8CC11E55D1DD910F8A2D2CA862C1E020FE ] C:\WINDOWS\system32\igfxsrvc.dll
10:23:33.0625 0x0fd4 C:\WINDOWS\system32\igfxsrvc.dll - ok
10:23:33.0625 0x0fd4 [ 10247C15D999CC116C87DA36BD0AD64D, C2F0EE62505690DD7A11E08B555C522843B9A0902E05A6A75EB6FFFF3654606A ] C:\Program Files\Analog Devices\Core\smax4pnp.exe
10:23:33.0625 0x0fd4 C:\Program Files\Analog Devices\Core\smax4pnp.exe - ok
10:23:33.0640 0x0fd4 [ 22358578CB321F3325496A3723029409, 44535E0EFC20714CEF8FFAE51294CFC6AC53F12E464E048ECD92CDC2CA54A312 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
10:23:33.0640 0x0fd4 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
10:23:33.0656 0x0fd4 [ E65C5F612400B39D7AA83E7057D798C2, EB6A3DB47C3973D686A0F0C8DD4291A484D3CCC0C1F21EF6D1E47C5181CACFC8 ] C:\WINDOWS\system32\mssrch.dll
10:23:33.0656 0x0fd4 C:\WINDOWS\system32\mssrch.dll - ok
10:23:33.0656 0x0fd4 [ 690D97864735E8ECD87F55777E266690, 2098D2AADEF82C3EDD82FD6182C14568CDE1EF02205ED1EA4CB19252B74BB807 ] C:\WINDOWS\system32\colbact.dll
10:23:33.0656 0x0fd4 C:\WINDOWS\system32\colbact.dll - ok
10:23:33.0671 0x0fd4 [ 36795A645EAA47FE31D2A8F136A2C69B, D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ] C:\WINDOWS\system32\mtxclu.dll
10:23:33.0671 0x0fd4 C:\WINDOWS\system32\mtxclu.dll - ok
10:23:33.0687 0x0fd4 [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
10:23:33.0687 0x0fd4 C:\WINDOWS\system32\clusapi.dll - ok
10:23:33.0687 0x0fd4 [ F51EBB6FC536A6B2D588FD668D3A8249, 6C22B5FBE3F721025879447B006EC5A343D482A87E23674B5A3BB43983AB328E ] C:\WINDOWS\system32\resutils.dll
10:23:33.0687 0x0fd4 C:\WINDOWS\system32\resutils.dll - ok
10:23:33.0703 0x0fd4 [ 9D45B2201D0ECF9F42136C7B99DEB8B2, 0251BE4C23EAACE2A9725243936C5E5AC4C0BCEE10EDE85017D91936FEE8CB31 ] C:\WINDOWS\system32\PortableDeviceApi.dll
10:23:33.0703 0x0fd4 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
10:23:33.0718 0x0fd4 [ 17CC0A9B3ABB69ED96D1EEB8117DF856, 7143D93398E8C71D0B6595CAD2A58725B4E316FEAFC550F9FC6C1F4F65B33C97 ] C:\Program Files\Analog Devices\Core\smwdmif.dll
10:23:33.0718 0x0fd4 C:\Program Files\Analog Devices\Core\smwdmif.dll - ok
10:23:33.0718 0x0fd4 [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
10:23:33.0718 0x0fd4 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
10:23:33.0734 0x0fd4 [ 29ECDA17BA5E6D98430F698587569ACC, 9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
10:23:33.0734 0x0fd4 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok
10:23:33.0750 0x0fd4 [ B9D2D59FF389A8C824308A08665C97F2, 901F5545A9B435DEA8ADB5458AE7C9A5564083AF3F9606CC7F4DFD90DDFCCCA0 ] C:\WINDOWS\system32\Edcrypt.dll
10:23:33.0750 0x0fd4 C:\WINDOWS\system32\Edcrypt.dll - ok
10:23:33.0750 0x0fd4 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:23:33.0750 0x0fd4 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
10:23:33.0765 0x0fd4 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{7B64801B-3F25-4864-B214-0929D5572C70}.tmp
10:23:33.0765 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{7B64801B-3F25-4864-B214-0929D5572C70}.tmp - ok
10:23:33.0781 0x0fd4 [ 43E4758953F454090CAD65C303796ED5, 27AF5EE63BB5434098F32315EF038F6787970E5C8E551A2980006A3827254701 ] C:\WINDOWS\system32\query.dll
10:23:33.0781 0x0fd4 C:\WINDOWS\system32\query.dll - ok
10:23:33.0781 0x0fd4 [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
10:23:33.0781 0x0fd4 C:\WINDOWS\system32\wbem\esscli.dll - ok
10:23:33.0796 0x0fd4 [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files\QuickTime\QTTask.exe
10:23:33.0796 0x0fd4 C:\Program Files\QuickTime\QTTask.exe - ok
10:23:33.0812 0x0fd4 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
10:23:33.0812 0x0fd4 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
10:23:33.0812 0x0fd4 [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
10:23:33.0812 0x0fd4 C:\WINDOWS\system32\wbem\fastprox.dll - ok
10:23:33.0828 0x0fd4 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
10:23:33.0828 0x0fd4 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
10:23:33.0828 0x0fd4 [ 76848CB1AA5818DB47D5F5986E0A7485, 03BAB6981C6F447E41B78A96187FA619E4755C2101FF1A0B2ABF111BE53D9F92 ] C:\WINDOWS\system32\mfc42.dll
10:23:33.0828 0x0fd4 C:\WINDOWS\system32\mfc42.dll - ok
10:23:33.0843 0x0fd4 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
10:23:33.0843 0x0fd4 C:\WINDOWS\system32\ctfmon.exe - ok
10:23:33.0859 0x0fd4 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll
10:23:33.0859 0x0fd4 C:\WINDOWS\system32\ipnathlp.dll - ok
10:23:33.0859 0x0fd4 [ 2041E9AF08B0D0D69AF362A2425FF0A3, D1352AF6C3A774633D182118B80B441BCCB6E4AACE5ED306380CD13596FE369F ] C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe
10:23:33.0859 0x0fd4 C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe - ok
10:23:33.0875 0x0fd4 [ 7EAED08CCCA4DDDE61A388C82598CFA9, 1995067478C8C04BDAAC030C380BE59BB6BEFAE715C8BED74E7A05C40586707B ] C:\Program Files\Windows Media Player\wmpnscfg.exe
10:23:33.0875 0x0fd4 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
10:23:33.0890 0x0fd4 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{B90A5218-9114-4DC0-BE2E-9993DE703FE6}.tmp
10:23:33.0890 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{B90A5218-9114-4DC0-BE2E-9993DE703FE6}.tmp - ok
10:23:33.0890 0x0fd4 [ 88BEEF09C654252F3E46B6167B7F4ECB, 94A78D2D709AEED74BA1C29D00CFD55EF68A95764C067B470E1C19C376F32478 ] C:\WINDOWS\system32\msisip.dll
10:23:33.0890 0x0fd4 C:\WINDOWS\system32\msisip.dll - ok
10:23:33.0906 0x0fd4 [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\WINDOWS\system32\wups2.dll
10:23:33.0906 0x0fd4 C:\WINDOWS\system32\wups2.dll - ok
10:23:33.0921 0x0fd4 [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\sptip.dll
10:23:33.0921 0x0fd4 C:\WINDOWS\ime\sptip.dll - ok
10:23:33.0921 0x0fd4 [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
10:23:33.0921 0x0fd4 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
10:23:33.0937 0x0fd4 [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
10:23:33.0937 0x0fd4 C:\WINDOWS\system32\upnp.dll - ok
10:23:33.0953 0x0fd4 [ 3B8CFDA90EFAA65901ECC2EDCAD4D1EF, 1102CAC612363263924209917258157CED759ADA383DF1454B890DF45D5978CE ] C:\WINDOWS\system32\wmpmde.dll
10:23:33.0953 0x0fd4 C:\WINDOWS\system32\wmpmde.dll - ok
10:23:33.0953 0x0fd4 [ 3A6D465F379E5C815F4AD565391E654C, EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ] C:\WINDOWS\system32\wshext.dll
10:23:33.0953 0x0fd4 C:\WINDOWS\system32\wshext.dll - ok
10:23:33.0968 0x0fd4 [ D9F606BECFB04063668ADBA52796DB4A, 1073BBEF1259061EBA407D2C98CEB2D0FB9E773D32F3EC8900353F17FCE9AC3F ] C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\mfc42.dll
10:23:33.0968 0x0fd4 C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\mfc42.dll - ok
10:23:33.0984 0x0fd4 [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
10:23:33.0984 0x0fd4 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
10:23:33.0984 0x0fd4 [ E9A73E376B26D5243F7A418A0C548929, 904BF0900C1009296BB024E8A47392BC4AE88824A514E82CE329E92C629DA713 ] C:\Program Files\Windows Media Player\wmpnssci.dll
10:23:33.0984 0x0fd4 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
10:23:34.0000 0x0fd4 [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
10:23:34.0000 0x0fd4 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
10:23:34.0015 0x0fd4 [ 897CBB14ECD56948CF6A2564229C9126, 37E49379ED94994A08659C79B79415700D2A8AB617591F47E8A15B22A5EC2682 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
10:23:34.0015 0x0fd4 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
10:23:34.0015 0x0fd4 [ D1E18F4AE94FFEC7270BE0A10C0B295E, 4F22F8AB7B282C118B3458051F858D7EAB52B6459206B9CDF01FE97A9F886097 ] C:\WINDOWS\system32\xmllite.dll
10:23:34.0015 0x0fd4 C:\WINDOWS\system32\xmllite.dll - ok
10:23:34.0031 0x0fd4 [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
10:23:34.0031 0x0fd4 C:\WINDOWS\system32\netcfgx.dll - ok
10:23:34.0046 0x0fd4 [ B5C9F63C01FCFEC3F64EC6A0940A1825, 257E4DC81089F3DEA1600C45FF85B387B2C7CE318A489D33815AAD268842B508 ] C:\Program Files\Windows Desktop Search\WindowsSearch.exe
10:23:34.0046 0x0fd4 C:\Program Files\Windows Desktop Search\WindowsSearch.exe - ok
10:23:34.0046 0x0fd4 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{6A01D410-DB32-4F9D-A83C-7061A2066457}.tmp
10:23:34.0046 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{6A01D410-DB32-4F9D-A83C-7061A2066457}.tmp - ok
10:23:34.0062 0x0fd4 [ 2E0B0A051FFAA86E358465BB0880D453, 493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ] C:\WINDOWS\system32\wuauclt.exe
10:23:34.0062 0x0fd4 C:\WINDOWS\system32\wuauclt.exe - ok
10:23:34.0078 0x0fd4 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
10:23:34.0078 0x0fd4 C:\WINDOWS\system32\rasmans.dll - ok
10:23:34.0078 0x0fd4 [ 55C30168142479C602BD456AC4E230B0, 552DCA5BE08400E0881DA059AB9D3A84F4F53A85931F057230883CD3301B73D4 ] C:\WINDOWS\system32\MFPLAT.dll
10:23:34.0078 0x0fd4 C:\WINDOWS\system32\MFPLAT.dll - ok
10:23:34.0093 0x0fd4 [ BA8FDF82D0B1316D5EAF60F5A0498DE1, D2C064338E7C4A432F926608DFD68C8EE0CBD10766D81C747D7DE3C4F52CF5E4 ] C:\WINDOWS\system32\UncDMS.dll
10:23:34.0093 0x0fd4 C:\WINDOWS\system32\UncDMS.dll - ok
10:23:34.0093 0x0fd4 [ FFB3115AA757ABEFBA7FBA90BAD5DD0A, 8CBEDA612ADC463243C623A4B2E76ECB9ADFFC44CDCF9D091C49DC606CCE5B3F ] C:\WINDOWS\system32\en-us\tquery.dll.mui
10:23:34.0093 0x0fd4 C:\WINDOWS\system32\en-us\tquery.dll.mui - ok
10:23:34.0109 0x0fd4 [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
10:23:34.0109 0x0fd4 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
10:23:34.0125 0x0fd4 [ 0099D24356585743B0B35C222092FD8F, 9EBC6DF134F0A2984E6385FD9CAD25961D2D789B94A0F8AD9F255947A790655F ] C:\WINDOWS\system32\faultrep.dll
10:23:34.0125 0x0fd4 C:\WINDOWS\system32\faultrep.dll - ok
10:23:34.0125 0x0fd4 [ 4A4374946B7884D24FFDFC76BB8B3BCC, A490330ACFE8F4A37C2F00B7C3876FC478F9285B8A803F375F96A8CB09719C15 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
10:23:34.0125 0x0fd4 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
10:23:34.0140 0x0fd4 [ 8BEAF2B4BCDE405AF7EC46A9E03B2D65, 2A7785E6B6DBFF8D9313555DB0018F508B1B053A726DB67DB6D2A2EBA66CFBCD ] C:\WINDOWS\system32\mssprxy.dll
10:23:34.0140 0x0fd4 C:\WINDOWS\system32\mssprxy.dll - ok
10:23:34.0156 0x0fd4 [ 03A02D5A2D50198BDF6C62AF209438D0, 7A2577BB31B937436689EB8E3F415F71D3744209EFFC110C9B12C42025F36C88 ] C:\WINDOWS\system32\msxml3.dll
10:23:34.0156 0x0fd4 C:\WINDOWS\system32\msxml3.dll - ok
10:23:34.0156 0x0fd4 [ 8F580BCC5296ECC9DC8A649D75BE6BA5, 3F4DF0340FE3EF425FA2D88D07FC1CA7D3BF1CF0D044A1C4B0937E687FD29488 ] C:\WINDOWS\system32\msscb.dll
10:23:34.0156 0x0fd4 C:\WINDOWS\system32\msscb.dll - ok
10:23:34.0171 0x0fd4 [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
10:23:34.0171 0x0fd4 C:\WINDOWS\system32\wbem\wbemess.dll - ok
10:23:34.0187 0x0fd4 [ 44E45BD9327ABC0540593E809B32F3CA, 9808F05F0DA3775F07A88FD614F038E6F4AC5FF680C73D5FD40116A5A247A53D ] C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\msxml4.dll
10:23:34.0187 0x0fd4 C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\msxml4.dll - ok
10:23:34.0187 0x0fd4 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{85D2260F-AF69-4816-B1B7-714C74C6A47F}.tmp
10:23:34.0187 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{85D2260F-AF69-4816-B1B7-714C74C6A47F}.tmp - ok
10:23:34.0203 0x0fd4 [ 58B8702C20DE211D1FCB248D2FDD71D1, B2F6E3BA6FB5250F0E70555B39D34F19ADA760BDDA7E1A44113B97C3A1FD3F8B ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
10:23:34.0203 0x0fd4 C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
10:23:34.0218 0x0fd4 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] C:\WINDOWS\system32\wscsvc.dll
10:23:34.0218 0x0fd4 C:\WINDOWS\system32\wscsvc.dll - ok
10:23:34.0234 0x0fd4 [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\WINDOWS\system32\wuapi.dll
10:23:34.0234 0x0fd4 C:\WINDOWS\system32\wuapi.dll - ok
10:23:34.0234 0x0fd4 [ 77B4BE0C9AA0AC78884D8E7CFB315463, 8B442725CBA5DC244CBC4246772800095562FEF735852B40C694FA43716510EC ] C:\WINDOWS\system32\wmp.dll
10:23:34.0234 0x0fd4 C:\WINDOWS\system32\wmp.dll - ok
10:23:34.0250 0x0fd4 [ 855F6333E3A4DFC6F3C8B0520C261FCD, AF3F5D77FE8AF0BE09E2DD3AFDE1B1167D851D437078025E5CF82D8D0C315B34 ] C:\WINDOWS\system32\msftedit.dll
10:23:34.0250 0x0fd4 C:\WINDOWS\system32\msftedit.dll - ok
10:23:34.0265 0x0fd4 [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\WINDOWS\system32\msvcp100.dll
10:23:34.0265 0x0fd4 C:\WINDOWS\system32\msvcp100.dll - ok
10:23:34.0265 0x0fd4 [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\WINDOWS\system32\msvcr100.dll
10:23:34.0265 0x0fd4 C:\WINDOWS\system32\msvcr100.dll - ok
10:23:34.0281 0x0fd4 [ F92E1076C42FCD6DB3D72D8CFE9816D5, 94135ACF2D9426BB78E4522429120B03D94B541422C277B9ACA31410874A464C ] C:\WINDOWS\system32\wscntfy.exe
10:23:34.0281 0x0fd4 C:\WINDOWS\system32\wscntfy.exe - ok
10:23:34.0296 0x0fd4 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3, 4687B8DD40CA9B83AA5CE1268F62476EBA886C10CC8B7B5AB716E4C56AF1EEAF ] C:\WINDOWS\system32\dsound.dll
10:23:34.0296 0x0fd4 C:\WINDOWS\system32\dsound.dll - ok
10:23:34.0296 0x0fd4 [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
10:23:34.0296 0x0fd4 C:\WINDOWS\system32\wbem\ncprov.dll - ok
10:23:34.0312 0x0fd4 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{7C3FEB20-0B4C-4ABE-89A4-7782F186E1A8}.tmp
10:23:34.0312 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{7C3FEB20-0B4C-4ABE-89A4-7782F186E1A8}.tmp - ok
10:23:34.0328 0x0fd4 [ 8FED1E0A491D4990853D23F21C59C730, 4BA6C93BFD43BAEB852B5CB9129522C97DDB542D7EF8EE34AECD8CDF1BF0FC38 ] C:\WINDOWS\system32\advpack.dll
10:23:34.0328 0x0fd4 C:\WINDOWS\system32\advpack.dll - ok
10:23:34.0328 0x0fd4 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9, F64DEF5213CC6E96DD62125A3D44522200F66FF6A2CBA198096484F61D1C088B ] C:\WINDOWS\system32\ksuser.dll
10:23:34.0328 0x0fd4 C:\WINDOWS\system32\ksuser.dll - ok
10:23:34.0343 0x0fd4 [ 235B2311786AC007AD644B12A2DA8AC7, DB676642F9C0467DBC313D0B475250B247EABB281FD359896398A0E7C725F0F8 ] C:\WINDOWS\system32\msvfw32.dll
10:23:34.0343 0x0fd4 C:\WINDOWS\system32\msvfw32.dll - ok
10:23:34.0343 0x0fd4 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042, 8E9D77A216D8DD2BE2B304E60EDF85CE825309E67262FCFF1891AEDE63909599 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
10:23:34.0343 0x0fd4 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
10:23:34.0359 0x0fd4 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{3E0CFE60-1C4D-46F9-881D-7A3B00AA952A}.tmp
10:23:34.0359 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{3E0CFE60-1C4D-46F9-881D-7A3B00AA952A}.tmp - ok
10:23:34.0375 0x0fd4 [ E8885A533A3D46209851433E3B9B3BC4, C21E9B001011C9FA843FA8B5B5F8E4A0D83919BDA8469EBB13DCA013115C541F ] C:\WINDOWS\system32\wmploc.dll
10:23:34.0375 0x0fd4 C:\WINDOWS\system32\wmploc.dll - ok
10:23:34.0375 0x0fd4 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{BE969A49-8234-42B8-8B6E-4AF82491D0A6}.tmp
10:23:34.0375 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{BE969A49-8234-42B8-8B6E-4AF82491D0A6}.tmp - ok
10:23:34.0390 0x0fd4 [ 1793CC660605F63B14FB96C7707F75BA, 3B371FCB5C1D2EBB54ED579183D9AF60ABB738148F88E0DD7B3B863E304B3A37 ] C:\WINDOWS\system32\perfproc.dll
10:23:34.0390 0x0fd4 C:\WINDOWS\system32\perfproc.dll - ok
10:23:34.0406 0x0fd4 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{92C0FEAD-75ED-4C61-B586-163E73FFDE68}.tmp
10:23:34.0406 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{92C0FEAD-75ED-4C61-B586-163E73FFDE68}.tmp - ok
10:23:34.0406 0x0fd4 [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
10:23:34.0406 0x0fd4 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
10:23:34.0421 0x0fd4 [ AF81F7BA6A09119006FE041A2F2F3ECE, 3488569086A851CEC0946601C4287A7C83BE6CB82F0160F5817C873A3B16FAFA ] C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:23:34.0421 0x0fd4 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - ok
10:23:34.0437 0x0fd4 [ D59A7119054D70FC745A1BF9C06DCC65, D264A118BA2C039FE33BDC7126C2457535E629C126584322C8F6CEDC13EDCE43 ] C:\WINDOWS\system32\oeph.dll
10:23:34.0437 0x0fd4 C:\WINDOWS\system32\oeph.dll - ok
10:23:34.0437 0x0fd4 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{2C6E2379-6F32-4515-8EC6-652EB86A164E}.tmp
10:23:34.0437 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{2C6E2379-6F32-4515-8EC6-652EB86A164E}.tmp - ok
10:23:34.0453 0x0fd4 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{83B4900E-7555-4DE1-941A-B26CD6059894}.tmp
10:23:34.0453 0x0fd4 C:\DOCUME~1\Owner\LOCALS~1\Temp\{FA374492-B57A-483C-9D6D-5685CD2C29FB}\{83B4900E-7555-4DE1-941A-B26CD6059894}.tmp - ok
10:23:34.0468 0x0fd4 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] C:\WINDOWS\system32\imapi.exe
10:23:34.0468 0x0fd4 C:\WINDOWS\system32\imapi.exe - ok
10:23:34.0468 0x0fd4 [ 6E914EEDD145C5ACCE56F4D5F3D606FC, 0CFB5DEFA916CAFBF9B404DF8FF73AC0CD96B7C8F8A318001F854245F056C302 ] C:\WINDOWS\system32\mssph.dll
10:23:34.0468 0x0fd4 C:\WINDOWS\system32\mssph.dll - ok
10:23:34.0484 0x0fd4 [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
10:23:34.0484 0x0fd4 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
10:23:34.0500 0x0fd4 [ E81BBE78A8EF85ACD490B3E64EF63A7C, 8370CFA3FEBC8F74772538C17C1F153DD9D6A9DBBBCA61BA2148880D713FC90D ] C:\WINDOWS\system32\mapi32.dll
10:23:34.0500 0x0fd4 C:\WINDOWS\system32\mapi32.dll - ok
10:23:34.0500 0x0fd4 [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
10:23:34.0500 0x0fd4 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
10:23:34.0515 0x0fd4 [ 56183FB6413B7C5CB42B8AC1541A4EE8, 4916E4E0D66FAE8895C1014C428E25844F78BF74C90C234179A4FF12850EC347 ] C:\Program Files\Windows Desktop Search\en-US\WindowsSearchRes.dll.mui
10:23:34.0515 0x0fd4 C:\Program Files\Windows Desktop Search\en-US\WindowsSearchRes.dll.mui - ok
10:23:34.0531 0x0fd4 [ CBFD0FB0A9491ED3F1BAB4C64A04D2F1, 17C0649DFF5EFFD48A3A88FA1F76ABAA341C2C17999F2FAA939DA64BF48B579B ] C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll
10:23:34.0531 0x0fd4 C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll - ok
10:23:34.0531 0x0fd4 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] C:\WINDOWS\system32\alg.exe
10:23:34.0531 0x0fd4 C:\WINDOWS\system32\alg.exe - ok
10:23:34.0546 0x0fd4 [ F23A5D407B753F2E5E2BB6A95AB6D12B, 0A705051CF6171936FDEFC2E91CC07F97C3D847D7567F3A36085A288E89AEAFF ] C:\Program Files\Windows Desktop Search\WdsMktTools.dll
10:23:34.0546 0x0fd4 C:\Program Files\Windows Desktop Search\WdsMktTools.dll - ok
10:23:34.0562 0x0fd4 [ 401A8C0BE0BAA7D7A470F0942244152D, EC21ED13E526617697CD8E6D79FC706CBDA0AF36C02C05B39E8603B217E406BC ] C:\WINDOWS\system32\rasdlg.dll
10:23:34.0562 0x0fd4 C:\WINDOWS\system32\rasdlg.dll - ok
10:23:34.0562 0x0fd4 [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
10:23:34.0562 0x0fd4 C:\WINDOWS\system32\wbem\framedyn.dll - ok
10:23:34.0578 0x0fd4 [ 5CCB54A9CF8FC5E3251374E0DC9C45BB, D8D3512DBC3FFE533FCA58CE926E35B4EB9EEB0B2A4008D34041EADD47F3C874 ] C:\WINDOWS\system32\wmpps.dll
10:23:34.0578 0x0fd4 C:\WINDOWS\system32\wmpps.dll - ok
10:23:34.0593 0x0fd4 [ CDBBFFD3ADAA56C4C8E0A9690FE83476, 734C9C4BE4F70EBAEDE8E11145CF5220F785CCFDAE84F6AC0042D48E7A76C105 ] C:\Program Files\Outlook Express\msoe.dll
10:23:34.0593 0x0fd4 C:\Program Files\Outlook Express\msoe.dll - ok
10:23:34.0593 0x0fd4 [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll
10:23:34.0593 0x0fd4 C:\WINDOWS\system32\security.dll - ok
10:23:34.0609 0x0fd4 [ 4F372C68F7D7546171473870F307CA17, B3F86AABB90CEB6EA4CE40CAA13A89C8660BCAFE36ED02DF8EF08C7AA62A8528 ] C:\WINDOWS\system32\wmdrmdev.dll
10:23:34.0609 0x0fd4 C:\WINDOWS\system32\wmdrmdev.dll - ok
10:23:34.0609 0x0fd4 [ 0485AB01B862FB91C21D39BD60BDF2AC, DC3E32BDA38B5D145C06C41E24078676D68146B0C60D2450BD16D6EB474F7DEA ] C:\WINDOWS\system32\msoert2.dll
10:23:34.0609 0x0fd4 C:\WINDOWS\system32\msoert2.dll - ok
10:23:34.0625 0x0fd4 [ 871888B4AA0CA343E73C81E94AD4ED93, 5BBEEF80F3FD4077C989E8E4479B57798AA96E54782E917D9E8A3B513F1E4860 ] C:\WINDOWS\system32\msoeacct.dll
10:23:34.0625 0x0fd4 C:\WINDOWS\system32\msoeacct.dll - ok
10:23:34.0640 0x0fd4 [ 57AA18B2896055E8CB269B19DD85E7F3, 84CDFA28CB63A3A16CB8D134BC55C440BEBF00ADF0D55556471C03D547D89589 ] C:\WINDOWS\system32\inetcomm.dll
10:23:34.0640 0x0fd4 C:\WINDOWS\system32\inetcomm.dll - ok
10:23:34.0640 0x0fd4 [ C730F70351D950DDA7388C9A9763CF54, 7A9D265E4D2F76EF131D01C2EE1CDC19A8E5FDCAF97649CC562E8114B92D411F ] C:\WINDOWS\system32\wbem\wmipcima.dll
10:23:34.0640 0x0fd4 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
10:23:34.0656 0x0fd4 [ 441086F355F0DEA94621984C9A3BE765, D9D52F8991119DC841661F1C4E498FA0BAE213A535778DC96DB14E132A58EDBB ] C:\WINDOWS\system32\acctres.dll
10:23:34.0656 0x0fd4 C:\WINDOWS\system32\acctres.dll - ok
10:23:34.0671 0x0fd4 [ A6F6923B46802785B9A47A03AE3CD8BF, 29D1C5E2D20BFBC9E71BB1C32E704C70314175B96FA0055898AE06839D491BA7 ] C:\WINDOWS\system32\inetres.dll
10:23:34.0671 0x0fd4 C:\WINDOWS\system32\inetres.dll - ok
10:23:34.0671 0x0fd4 [ 116AA2B169ABD0B620961CAFF0AEAC84, 48373BDB5360362478FA5AF0DEDBBF0012B1F55810B4107F37D0B93614EEBEC6 ] C:\Program Files\Outlook Express\msoeres.dll
10:23:34.0671 0x0fd4 C:\Program Files\Outlook Express\msoeres.dll - ok
10:23:34.0687 0x0fd4 [ E989E4BADCCCF78E18AABF3D42B306CE, B3363CF047F276378DD286E982992E76A2BD0523FDE2C8C1A72FA74C4F8E68FB ] C:\WINDOWS\system32\drmv2clt.dll
10:23:34.0687 0x0fd4 C:\WINDOWS\system32\drmv2clt.dll - ok
10:23:34.0703 0x0fd4 [ 85AC5F11D4759D13674B3E92EAC3F140, 314DEB4083B7300D1B8E47B8109CE2745A927211A6856457898D377344D63FB4 ] C:\WINDOWS\system32\msident.dll
10:23:34.0703 0x0fd4 C:\WINDOWS\system32\msident.dll - ok
10:23:34.0703 0x0fd4 [ 7ED041C7F82A381417AA3F43AB55F95A, E96A2B64AD0C3C79A218643A2C658F7792A06735AF6F6656FA0FDEB65214E92D ] C:\WINDOWS\system32\msidntld.dll
10:23:34.0703 0x0fd4 C:\WINDOWS\system32\msidntld.dll - ok
10:23:34.0718 0x0fd4 [ A14D324C50EB71FB480DDD60481D0C04, 15F1EF7CA639AF0B235493DF0934B4C525C3F4E4DEB3310B70EDDF43869BCA4D ] C:\WINDOWS\system32\pstorec.dll
10:23:34.0718 0x0fd4 C:\WINDOWS\system32\pstorec.dll - ok
10:23:34.0734 0x0fd4 [ A0C2CB21F4B521429F033FDEB18D63D7, 36EF7A4D7085E59C511351AB1711AE29BCCB1CE33EEF46DA3BB4A2A58A197EE2 ] C:\Program Files\Common Files\System\directdb.dll
10:23:34.0734 0x0fd4 C:\Program Files\Common Files\System\directdb.dll - ok
10:23:34.0734 0x0fd4 [ C4894B3B448B647BEDC9E916D181BDBE, 03736539FEDC2367E00BF1CCC46C1EDCF9506AC2F34D2B007903F7C8CD298099 ] C:\WINDOWS\system32\searchprotocolhost.exe
10:23:34.0734 0x0fd4 C:\WINDOWS\system32\searchprotocolhost.exe - ok
10:23:34.0750 0x0fd4 [ 4774D83BE60B7F47C612E25D6FE0F010, 1071E5859B1D452A3BCEE3DC1413BDCD125796B7479E69D1154ED76A7A7E00CB ] C:\WINDOWS\system32\msshooks.dll
10:23:34.0750 0x0fd4 C:\WINDOWS\system32\msshooks.dll - ok
10:23:34.0765 0x0fd4 [ A7FEC6F59AC939489BD1C452857C4913, 0825288411A5A4F7E9A5F64D3BB9F8CD129B7DE7E4D1B42D37464718E0ED76C0 ] C:\WINDOWS\system32\msfeeds.dll
10:23:34.0765 0x0fd4 C:\WINDOWS\system32\msfeeds.dll - ok
10:23:34.0781 0x0fd4 [ CA4603AB0CB1C86736302BAA0AB5177C, 64C3336A0B552CF10AFC94615AD9FA7EB64B71B67C5CE5160164591FD567C58A ] C:\WINDOWS\system32\blackbox.dll
10:23:34.0781 0x0fd4 C:\WINDOWS\system32\blackbox.dll - ok
10:23:34.0796 0x0fd4 [ 79ED352549EB6D5B1A454916C37D2E85, 1BCAB9EAAFC8E362B38A4070E68B7D472C00E6914947138114865FDD97FDC577 ] C:\WINDOWS\system32\UncPH.dll
10:23:34.0796 0x0fd4 C:\WINDOWS\system32\UncPH.dll - ok
10:23:34.0796 0x0fd4 [ 01446ACA514121E876126C13B1332102, 5E7CF83EA666B055D9D00495CFC193600167799C3D57743039226CFA265D2BF2 ] C:\WINDOWS\system32\wmdrmnet.dll
10:23:34.0796 0x0fd4 C:\WINDOWS\system32\wmdrmnet.dll - ok
10:23:34.0812 0x0fd4 [ DFFEC6479C5E00A103A44AC33A1058AA, 518C660B2F7FE29E21241780BA9C5DF2615A8F84B04D5FE500CD6BE6C1DE99A6 ] C:\WINDOWS\system32\WMVCore.dll
10:23:34.0812 0x0fd4 C:\WINDOWS\system32\WMVCore.dll - ok
10:23:34.0812 0x0fd4 [ 87889A983C015080FA813D7E32910D1E, 7CDB618AB145CB0E2B2AB3C87542E56624C6FB075C7806494936BF52A9467AAB ] C:\WINDOWS\system32\searchfilterhost.exe
10:23:34.0812 0x0fd4 C:\WINDOWS\system32\searchfilterhost.exe - ok
10:23:34.0828 0x0fd4 [ 7365B5CA9747C84178D42CCA72486277, C056EA9FCDA15964409DAAEB7B6FB2C21A306AA2744B1F1A19E6277A4351BD97 ] C:\WINDOWS\system32\wmasf.dll
10:23:34.0828 0x0fd4 C:\WINDOWS\system32\wmasf.dll - ok
10:23:34.0843 0x0fd4 [ 20FA028CB6506591A99C51432A3C0174, ABBA56DA951AAE999A9B8C93816FD98C8F66B0DB463EAB4A5E9F84DD2C8BFC69 ] C:\WINDOWS\system32\langwrbk.dll
10:23:34.0843 0x0fd4 C:\WINDOWS\system32\langwrbk.dll - ok
10:23:34.0843 0x0fd4 [ B6932761058DC21BEAA7A1245B1B20E6, 10CF23D7AED54B2E64238DA0E6A0BA94C9A9FE00E076570A6F99FEE78134FDCD ] C:\WINDOWS\system32\infosoft.dll
10:23:34.0843 0x0fd4 C:\WINDOWS\system32\infosoft.dll - ok
10:23:34.0906 0x0fd4 AV detected via SS1: PC Cleaner Pro, , disabled, updated
10:23:34.0906 0x0fd4 AV detected via SS1: Microsoft Security Essentials, 4.4.0304.0, disabled, updated
10:23:34.0906 0x0fd4 Win FW state via NFM: enabled
10:23:37.0421 0x0fd4 ============================================================
10:23:37.0421 0x0fd4 Scan finished
10:23:37.0421 0x0fd4 ============================================================
10:23:37.0453 0x0fcc Detected object count: 3
10:23:37.0453 0x0fcc Actual detected object count: 3
10:27:34.0812 0x0fcc km_filter ( UnsignedFile.Multi.Generic ) - skipped by user
10:27:34.0812 0x0fcc km_filter ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:27:34.0828 0x0fcc mrtRate ( UnsignedFile.Multi.Generic ) - skipped by user
10:27:34.0828 0x0fcc mrtRate ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:27:34.0828 0x0fcc nnrnstdi ( UnsignedFile.Multi.Generic ) - skipped by user
10:27:34.0828 0x0fcc nnrnstdi ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:14.0453 0x05f0 Deinitialize success

[pystryker]

the extras.txt I do not have because I ran otl once then uninstalled a few junk programs to attempt to clean up some of the issues and when it didn't work I deleted the otl and txt files and then downloaded it again and ran it but it didn't give me a new extras file but here are the other files you aske for

Hi No worries.

How is the machine running? Let's reset your firewall in case some of the malware had access through it, then check for remnants and out of date programs.




Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Reset your firewall


Click on Start >> Run... and cut/paste in the following and click on OK

firewall.cpl


Click on the Advanced tab >> Restore Defaults >> At the prompt click on Yes >> OK

Now click on the General tab >> and ensure On(recommended) is selected >> OK



Step 2: Scan with Malwarebytes

Please download Malwarebytes' Anti-Malware from Here.

• Double Click mbam-setup.exe to install the application (Windows 7 users, right click and select Run as Administrator.)
• Proceed through the setup
  
  • Choose your language
  • Accept the License Agreement
  • Select Destination Location
  • Select Start Menu Folder
  • Select Addtional Tasks
  • Click Install
  • In the Completeing the Malwarebytes Anti-Malware Setup Wizard Window
    
    • Uncheck Enable free trial of Malwarebytes Anti-Malware PRO
    • Keep the check mark beside Update Malwarebytes' Anti-Malware
    • Keep the check mark beside Launch Malwarebytes' Anti-Malware
  • Click Finish.
  • If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform Quick Scan
• Click Scan. The scan may take some time to finish,so please be patient.
  
  
  
• When the scan is complete, click OK, then Show Results to view the results.
  
  
  
• Make sure that everything is checked, and click Remove Selected.
  
  
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and Paste the entire report in your next reply.

Step 3: ESET Online Virus Scan

Please note: You can use Internet Explorer or Firefox for this step.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->

• Select the option YES, I accept the Terms of Use then click on Start
  
• When prompted allow the Add-On/Active X to install.
  
• Make sure that the option Remove found threats is NOT checked.
  
• Make sure that the option Scan archives is checked.
  
• Now click on Advanced Settings and select the following:
• Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology
  
• Now click on Start
  
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  
• When completed the Online Scan will begin automatically. The scan may take several hours.
  
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  
• Now click on Finish
  
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  
• Copy and paste that log as a reply to this topic.

Step 4: SecurityCheck Scan


Download Security Check by screen317 from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Things I need to see in your next post:

• ESET Scan Log
  
• MBAM Log
  
• SecurityCheck Log
  
• How is the machine running?

[arwier]

the machine seems to be running alot better thank you and thank you very much for getting back to me as fast as you did
here are the reports you asked for

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=8
# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b5d6e554be9c094eba38c1a39207e171
# engine=17367
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-03-08 10:39:50
# local_time=2014-03-08 04:39:50 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5892 16777213 88 94 8562041 44925893 0 0
# scanned=53841
# found=26
# cleaned=0
# scan_time=11651
sh=B8327B48CD9453BA2BBF8762EA9D13CB23170F36 ft=1 fh=10d8d035eed22a53 vn="a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Owner\Local Settings\Application Data\iLivid\Helper.dll.vir"
sh=4D7990298B46CADEC12EA404ADA251E5B49438C6 ft=1 fh=1bb944f06bb54d45 vn="a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Owner\Local Settings\Application Data\iLivid\Uninstall.exe.vir"
sh=447CDE03138D86852A0E07BBB548BDEB6478A3D6 ft=1 fh=fd34e3074c39693f vn="Win32/DownloadAdmin.G potentially unwanted application" ac=I fn="C:\Documents and Settings\Owner\desktop\misc\cbsidlm-tra1-BlueStacks_App_Player-SEO2-75593133.exe"
sh=375AA44B70DEC3C1E9EBBEA1C0A8368E620A404E ft=1 fh=6f55b756944fff42 vn="a variant of Win32/DomaIQ.A potentially unwanted application" ac=I fn="C:\Documents and Settings\Owner\desktop\misc\openoffice.exe"
sh=020E229BE19C9FCF8B17EC81A7876DDC449AABB7 ft=1 fh=44bc2673b0639117 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Documents and Settings\Owner\My Documents\Downloads\AuslogicsDiskDefragSetup.exe"
sh=B20B0BD8E5CDD280C5DC922FFD896DF50D208CB7 ft=1 fh=59ddf8c2c6946d84 vn="a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application" ac=I fn="C:\Program Files\Cheat Engine 6.3\cheatengine-i386.exe"
sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application" ac=I fn="C:\Program Files\Cheat Engine 6.3\standalonephase1.dat"
sh=2514D9EF4DAB50204101FF162151E8544E4FDA77 ft=1 fh=33ef5f8e61908f45 vn="Win32/Toolbar.Alot potentially unwanted application" ac=I fn="C:\server\disk1 on 'File Server (Freenas)' (Y)\misc inst\alot-appbar-installer.exe"
sh=B876F5F15137EF8A1680C2AC04DC786D2A191DC9 ft=1 fh=850ac12ce80cbbb1 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\server\disk1 on 'File Server (Freenas)' (Y)\misc inst\ccsetup322.exe"
sh=F7123A3CD55C4F3273883D05246FC1BECF1A3BAA ft=1 fh=e975a75a11953998 vn="Win32/AdInstaller potentially unwanted application" ac=I fn="C:\server\disk1 on 'File Server (Freenas)' (Y)\misc inst\TelevisionFanatic.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe"
sh=D3616602E94CC562F8258B4290E6B463FCA1F379 ft=1 fh=08d142b513fb67d1 vn="multiple threats" ac=I fn="E:\misc install\69babes.exe"
sh=495B28560759237CC70CBC461320388E07B0B91D ft=1 fh=57b601d7ad1064ed vn="Win32/Toolbar.SearchSuite potentially unwanted application" ac=I fn="E:\misc install\BearShareSetup-r1328-n-bc.exe"
sh=42B880E54EFB48709DD660C368A192304BA5AC0B ft=1 fh=5d9ccabad4053bbb vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="E:\misc install\burnaware_free.exe"
sh=104FB6843F23D760F8AE357A6E5C7297B9402651 ft=1 fh=cbcff19174039424 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="E:\misc install\dfsetup214.exe"
sh=AE759BB60B39C72F48381C6B23B145DFEC996CE6 ft=1 fh=709f069f6e08922e vn="Win32/MyPCBackup.A potentially unwanted application" ac=I fn="E:\misc install\FreeAllInOneMediaPlayerZenSetup.exe"
sh=FDBE4385E181820CA8D0B31E2A419F0651E98054 ft=1 fh=00fc697fc04adefa vn="multiple threats" ac=I fn="E:\misc install\hotchix2006.exe"
sh=AFFE6E9713E9A978FB02DDE2DC7B140AE7D49EEC ft=1 fh=ddacea57b1eca302 vn="Win32/Toolbar.SearchSuite potentially unwanted application" ac=I fn="E:\misc install\iLividSetup-r420-n-bi.exe"
sh=2562BFFE3EECC91CA17316CA127D0EBA63FE9B8C ft=1 fh=3dc85a9828d85bf4 vn="probably a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="E:\misc install\LimeWireWin.exe"
sh=245AD7D5BC6725D4D5051D32573C242D631E03B0 ft=1 fh=aa73dc50fa634d54 vn="a variant of Win32/InstallIQ.A potentially unwanted application" ac=I fn="E:\misc install\musicoasis.exe"
sh=330C838212A9AA723D6C3CA3DDEE170E8E63180F ft=1 fh=dda415ca5345c651 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="E:\misc install\SetupSoft32Updater_V1.0.1.3adm.exe"
sh=D6129881A4A212080CE68E390848B23865F4EA19 ft=1 fh=9baf23667bbe2c91 vn="Win32/SoftonicDownloader.E potentially unwanted application" ac=I fn="E:\misc install\SoftonicDownloader_for_safari.exe"
sh=BB4BF64C447505841BCE3C6C90D6F1A9D548331E ft=1 fh=a288a94766b0d3ce vn="Win32/SoftonicDownloader.E potentially unwanted application" ac=I fn="E:\misc install\SoftonicDownloader_for_windowsandroid.exe"
sh=0B92A137365AEABADCDAFEA73BA4183FE133AFB6 ft=1 fh=0d4f2c25c69501a7 vn="a variant of Win32/FirseriaInstaller.C potentially unwanted application" ac=I fn="E:\misc install\Sony Ericsson PC Companion.exe"
sh=84764F8BB5AF7FDD178B27974BA62C2171F9F2FD ft=1 fh=a0db3ef41fe945de vn="Win32/AdInstaller potentially unwanted application" ac=I fn="E:\misc install\WeatherBlink.exe"
sh=5CD09A38C1839DE456CA9DAECB7BEFF92AFB0D30 ft=1 fh=a32156e667dbeb97 vn="a variant of Win32/Verti.A potentially unwanted application" ac=I fn="E:\misc install\junk\Xvid_RocketFuelInstaller.exe"


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.08.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: ARTSOLD [administrator]

3/8/2014 1:06:12 PM
mbam-log-2014-03-08 (13-06-12).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211583
Time elapsed: 8 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Results of screen317's Security Check version 0.99.80
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
ESET Online Scanner v3
Microsoft Security Essentials
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 51
Adobe Reader XI
Google Chrome 32.0.1700.107
Google Chrome 33.0.1750.146
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 1%
````````````````````End of Log``````````````````````

[pystryker]

the machine seems to be running alot better thank you and thank you very much for getting back to me as fast as you did
here are the reports you asked for

Good to hear, and you're welcome I do have some information for you regarding P2P programs.

The Dangers of P2P Programs

I noticed that you have a P2P file sharing program on your computer . I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more likely than not infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

Here are some information sources about the dangers of P2P programs:

FBI - Peer to Peer Scams

USA Today Artticle on P2P Programs

File Sharing Infects 500,000 Computers





We have a few remnants to get rid of, so please follow the instructions below.


Let's run an OTL fix:

Warning: This fix is to be used on this system and this system ONLY. Using this fix on any other machine other than yours can seriously damage it.

Be advised that when the fix commences, it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.

Run OTL by double clicking it (Windows Vista, Windows 7, and 8, right click and select "Run as Administrator)

• Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

:Commands
[createrestorepoint]

:Files
C:\Documents and Settings\Owner\desktop\misc\cbsidlm-tra1-BlueStacks_App_Player-SEO2-75593133.exe
C:\Documents and Settings\Owner\desktop\misc\openoffice.exe
C:\Documents and Settings\Owner\My Documents\Downloads\AuslogicsDiskDefragSetup.exe
C:\Program Files\Cheat Engine 6.3\cheatengine-i386.exe
C:\Program Files\Cheat Engine 6.3\standalonephase1.dat
C:\server\disk1 on 'File Server (Freenas)' (Y)\misc inst\alot-appbar-installer.exe
C:\server\disk1 on 'File Server (Freenas)' (Y)\misc inst\ccsetup322.exe
C:\server\disk1 on 'File Server (Freenas)' (Y)\misc inst\TelevisionFanatic.exe
C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe
E:\misc install\69babes.exe
E:\misc install\BearShareSetup-r1328-n-bc.exe
E:\misc install\burnaware_free.exe
E:\misc install\dfsetup214.exe
E:\misc install\FreeAllInOneMediaPlayerZenSetup.exe
E:\misc install\hotchix2006.exe
E:\misc install\iLividSetup-r420-n-bi.exe
E:\misc install\LimeWireWin.exe
E:\misc install\musicoasis.exe
E:\misc install\SetupSoft32Updater_V1.0.1.3adm.exe
E:\misc install\SoftonicDownloader_for_safari.exe
E:\misc install\SoftonicDownloader_for_windowsandroid.exe
E:\misc install\Sony Ericsson PC Companion.exe
E:\misc install\WeatherBlink.exe
E:\misc install\junk\Xvid_RocketFuelInstaller.exe

:Commands
[reboot]

• Click the Run Fix button at the top of the OTL control panel.
  
• Let the program run until it's finished and then reboot the computer.
  
• Once your machine has rebooted, a log will open. If the log doesn't open, you can find it here: C:\_OTL\MovedFiles Please post that log in your next reply.

If you have any problems, questions, or need further explanation, please post a message in this thread and I will get back to you asap.

[arwier]

I believe this is the log you asked for


========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Documents and Settings\Owner\desktop\misc\cbsidlm-tra1-BlueStacks_App_Player-SEO2-75593133.exe moved successfully.
C:\Documents and Settings\Owner\desktop\misc\openoffice.exe moved successfully.
C:\Documents and Settings\Owner\My Documents\Downloads\AuslogicsDiskDefragSetup.exe moved successfully.
C:\Program Files\Cheat Engine 6.3\cheatengine-i386.exe moved successfully.
C:\Program Files\Cheat Engine 6.3\standalonephase1.dat moved successfully.
C:\server\disk1 on 'File Server (Freenas)' (Y)\misc inst\alot-appbar-installer.exe moved successfully.
C:\server\disk1 on 'File Server (Freenas)' (Y)\misc inst\ccsetup322.exe moved successfully.
C:\server\disk1 on 'File Server (Freenas)' (Y)\misc inst\TelevisionFanatic.exe moved successfully.
C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe moved successfully.
E:\misc install\69babes.exe moved successfully.
E:\misc install\BearShareSetup-r1328-n-bc.exe moved successfully.
E:\misc install\burnaware_free.exe moved successfully.
E:\misc install\dfsetup214.exe moved successfully.
E:\misc install\FreeAllInOneMediaPlayerZenSetup.exe moved successfully.
E:\misc install\hotchix2006.exe moved successfully.
E:\misc install\iLividSetup-r420-n-bi.exe moved successfully.
E:\misc install\LimeWireWin.exe moved successfully.
E:\misc install\musicoasis.exe moved successfully.
E:\misc install\SetupSoft32Updater_V1.0.1.3adm.exe moved successfully.
E:\misc install\SoftonicDownloader_for_safari.exe moved successfully.
E:\misc install\SoftonicDownloader_for_windowsandroid.exe moved successfully.
E:\misc install\Sony Ericsson PC Companion.exe moved successfully.
E:\misc install\WeatherBlink.exe moved successfully.
E:\misc install\junk\Xvid_RocketFuelInstaller.exe moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 03082014_182151

[pystryker]

Well done Let's have one more look with OTL and make sure everything is gone.

Start OTL and this time click the Quick Scan button. When finished, OTL will produce a single log for you. Please post that log in your next reply.

[arwier]

here it is

OTL logfile created on: 3/9/2014 12:27:43 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 74.18% Memory free
3.85 Gb Paging File | 3.37 Gb Available in Paging File | 87.63% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 53.83 Gb Free Space | 72.23% Space Free | Partition Type: NTFS
Drive E: | 6.00 Gb Total Space | 0.46 Gb Free Space | 7.67% Space Free | Partition Type: NTFS
Drive X: | 18.53 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS
Drive Y: | 18.10 Gb Total Space | 8.55 Gb Free Space | 47.22% Space Free | Partition Type: NTFS
Drive Z: | 18.06 Gb Total Space | 16.60 Gb Free Space | 91.95% Space Free | Partition Type: NTFS

Computer Name: ARTSOLD | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/03/07 19:34:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\desktop\OTL.exe
PRC - [2014/03/02 09:08:57 | 011,996,160 | ---- | M] () -- C:\Program Files\sauce\Sauce v12.8.exe
PRC - [2013/12/18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2014/03/02 09:08:57 | 011,996,160 | ---- | M] () -- C:\Program Files\sauce\Sauce v12.8.exe
MOD - [2001/07/31 09:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014/02/20 18:11:42 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/18 10:46:48 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2012/09/18 10:46:26 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\nielprt.sys -- (nielprt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nielgfx.sys -- (NielGfx)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014/03/08 18:27:40 | 000,039,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9C464839-092A-46CA-A58A-5F279F86A1BE}\MpKsl868c620d.sys -- (MpKsl868c620d)
DRV - [2013/08/27 22:34:27 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2013/04/19 15:27:52 | 000,017,408 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\nnrnstdi.sys -- (nnrnstdi)
DRV - [2013/04/19 15:27:50 | 000,010,240 | ---- | M] (The Nielsen Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\km_filter.sys -- (km_filter)
DRV - [2013/02/13 15:26:02 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2012/09/18 10:46:32 | 000,063,864 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys -- (BstHdDrv)
DRV - [2011/12/26 14:34:30 | 000,010,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ampa.sys -- (ampa)
DRV - [2011/02/14 02:42:36 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2011/02/14 02:42:34 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2011/02/14 02:42:32 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2004/09/17 08:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/03/05 21:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 21:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 21:13:52 | 000,060,949 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 21:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/08/29 03:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem)
DRV - [2003/06/30 17:11:52 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2001/02/28 10:42:44 | 000,034,712 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 AE E5 05 45 4D CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {7292B97E-0E48-4BE0-B2F5-F37E93092400}
IE - HKCU\..\SearchScopes\{7292B97E-0E48-4BE0-B2F5-F37E93092400}: "URL" = http://search.yahoo....rtPage?}&fr=ie8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

[2013/05/09 09:13:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2014/03/08 09:31:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\u0678pe0.default\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Call of Gods = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hjjhhaomadclifdoodgbkgdodjbkhkma\0.0.0.2_0\
CHR - Extension: Dragons of Atlantis = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\manlnjcghdempjdpndlcmaaobbighhcf\1.6.1_0\
CHR - Extension: Firing Rage - Shooting Game! = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfbnajlkodkbdljddpmcpicfddnjehhe\1.0_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014/03/08 09:32:00 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BYR_AGENT] C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe (LG Electronics)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1341499958296 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1341517241187 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6085798C-9B35-4FC0-8061-C90547BFC397}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/05 07:21:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/03/08 13:21:50 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/03/08 10:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\tdsskiller
[2014/03/08 10:11:02 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2014/03/08 10:00:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/03/08 09:59:46 | 001,037,734 | ---- | C] (Thisisu) -- C:\Documents and Settings\Owner\Desktop\JRT.exe
[2014/03/08 09:43:01 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/08 09:31:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/03/07 19:34:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2014/02/27 10:51:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\LogMeIn Rescue Applet
[2014/02/27 08:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Revo Uninstaller
[2014/02/07 03:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2013/11/04 02:17:49 | 005,402,832 | ---- | C] (PC Cleaners) -- C:\Documents and Settings\All Users\Application Data\pclunst.exe
[1 C:\Documents and Settings\Owner\*.tmp files -> C:\Documents and Settings\Owner\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/03/09 00:11:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/03/08 18:33:45 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2014/03/08 18:24:18 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2014/03/08 18:23:51 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/03/08 18:23:49 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2014/03/08 18:23:48 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-682003330-1614895754-1801674531-1003.job
[2014/03/08 18:23:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/03/08 18:04:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2014/03/08 16:56:13 | 000,987,442 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SecurityCheck.exe
[2014/03/08 16:50:56 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/08 14:51:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-682003330-1614895754-1801674531-1003.job
[2014/03/08 10:13:49 | 004,110,135 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
[2014/03/08 10:11:11 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2014/03/08 09:59:48 | 001,037,734 | ---- | M] (Thisisu) -- C:\Documents and Settings\Owner\Desktop\JRT.exe
[2014/03/08 09:41:53 | 001,244,192 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2014/03/08 09:32:00 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2014/03/08 04:30:22 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics Disk Defrag Sheduled Defragmentation.job
[2014/03/07 19:34:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2014/03/07 12:13:55 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/03/07 01:44:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/03/04 09:16:25 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\GME Tech.env
[2014/03/04 08:52:15 | 000,000,083 | ---- | M] () -- C:\WINDOWS\ImportClient.INI
[2014/03/02 09:09:30 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Sauce.lnk
[2014/02/27 08:20:15 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Revo Uninstaller.lnk
[2014/02/18 13:04:59 | 000,008,657 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\2013_Online_K40_Filing_Review-WIERTZARTHUR-20140218130439033.pdf
[2014/02/14 14:41:03 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/14 14:41:02 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/13 03:14:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/02/13 03:12:02 | 000,453,882 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/02/13 03:12:02 | 000,074,848 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/02/08 09:27:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[1 C:\Documents and Settings\Owner\*.tmp files -> C:\Documents and Settings\Owner\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/03/08 16:55:55 | 000,987,442 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SecurityCheck.exe
[2014/03/08 10:13:34 | 004,110,135 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
[2014/03/08 09:41:50 | 001,244,192 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2014/03/07 12:08:02 | 000,000,222 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/03/07 12:07:58 | 000,000,216 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/04 09:16:25 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\GME Tech.env
[2014/02/18 13:04:57 | 000,008,657 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\2013_Online_K40_Filing_Review-WIERTZARTHUR-20140218130439033.pdf
[2014/01/25 18:19:04 | 000,000,060 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\WB.CFG
[2013/10/26 02:01:19 | 000,136,289 | ---- | C] () -- C:\WINDOWS\hpwins10.dat
[2013/10/26 01:58:41 | 000,010,376 | ---- | C] () -- C:\WINDOWS\hpwscr10.dat
[2013/10/26 01:58:41 | 000,001,042 | ---- | C] () -- C:\WINDOWS\hpwmdl10.dat
[2013/05/09 12:14:11 | 000,042,776 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2013/04/19 10:57:55 | 000,002,395 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2013/03/22 23:58:46 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ImportClient.INI
[2013/03/22 23:32:13 | 000,116,640 | ---- | C] () -- C:\WINDOWS\System32\Ptsaci40.dll
[2013/03/22 23:32:13 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\Ptabimp3.exe
[2013/03/18 23:32:32 | 000,010,936 | ---- | C] () -- C:\WINDOWS\System32\ampa.sys
[2013/03/18 23:32:31 | 001,421,752 | ---- | C] () -- C:\WINDOWS\ampa.exe
[2013/02/26 22:35:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2013/02/26 22:35:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2013/02/26 06:56:49 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2013/02/26 06:56:46 | 000,000,913 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2013/02/26 06:56:45 | 000,007,406 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2012/07/05 13:37:59 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\FASTWiz.html
[2012/07/05 10:14:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/07/05 07:23:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/05 07:18:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/07/05 02:12:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/07/05 02:10:58 | 000,228,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2012/07/05 11:45:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2012/04/20 13:29:52 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/14 04:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/10/10 04:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/09/12 11:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BlueStacks
[2014/02/11 11:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BlueStacksSetup
[2012/12/29 20:54:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/03/18 23:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Auslogics
[2013/04/22 23:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Glarysoft
[2013/11/24 22:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MusicOasis
[2013/01/19 09:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OpenOffice.org
[2013/05/09 11:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Opera
[2013/11/04 02:40:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VSRevoGroup
[2012/07/05 11:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Desktop Search
[2013/09/14 13:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Search

========== Purity Check ==========



< End of report >

[pystryker]

Hello

Great news, your logs are CLEAN! I see no signs of infection in the last logs you posted, but we still have a few things we need to address namely:

• I need to remove the tools we installed on your machine.
  
• We also need to install some security programs on your machine to reduce your chances of infection.

Step 1: Tool Removal and Creation of a new clean restore point

• Download Delfix from here
• Ensure Remove disinfection tools is ticked
  Also tick:
  
  • Create registry backup
  • Purge system restore
  
  
• Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

• You can uninstall ESET Online Scanner at this time.
  
• I'd recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week.

Step 2:Install an Anti-Virus Program and a warning about Java.


Here are three good antivirus free for personal use:

• Avast
• Microsoft Security Essentials
• AVIRA Note: AVIRA free comes with adware that promotes their paid for version each time it updates. A small price to pay for an excellant anti-virus program

My personal choice would be Avast!, as that's what I use on my machine and it's quite good. Last on the list would be Avira, as it comes bundled with the Ask Toolbar.


A word about Java

Java has become the #1 program exploited by thieves and hackers as of today. It's gotten so bad, the Department of Homeland Security recently recommended that users disable Java on their machines.

For more information regarding this, see the two articles below:

Forbes: US Department of Homeland Security Calls on user do disable Java

US warns on Java software

Unless you have software on your machine that absolutely requires Java, I highly recommend you completely remove it from your system.

If you do have software that requires it, then disable it until such time as it's needed by those programs.

Please click the link below for instructions to disable Java.

How to Disable Java in your Web Browser


If you wish to continue to use Java on your machine, please be sure to keep it updated by following the instructions below.

• Click on this link Java Website and click Do I Have Java?
  
• Then click the Verify Java Version button. It will scan your current version and show you if you have the most current version.

You can also download a tool called JavaRa that will automatically search for new updates and remove older versions of Java.
Click the link below to go to the download page to get the tool.

JavaRa

Once you have downloaded JavaRa

• Unzip the files to the directory of your choice.
  
• Double click the JavaRa icon in the directory and choose your language preference.
  
• Click Remove Older Versions from the menu.
  
• Click Yes.
  
• If you get a warning that Internet Explorer needs to be closed, close it, then click ok.
  
• JavaRa will then search for and remove old versions of Java from your machine.

You can find instructions for manually removing older versions for Windows XP, Vista, and 7 by clicking the link below:

Instructions for manually removing old versions of Java



Step 3: Tips, Information, and protection against CryptoLocker

• Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
  
• Be careful of the websites you visit.
  
• When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take you time and read each screen as you go.

To help protect yourself while on the web, I recommend you read How did I get infected in the first place?

A warning about CryptoLocker

CryptoLocker is a ransomware program that was released around the beginning of September 2013 that targets all versions of Windows including Windows XP, Windows Vista, Windows 7, and Windows 8. This ransomware will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 72 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted.

Please download and install CryptoPrevent to lock your machine down from this infection.




Are there any further issues I can assist you with?

[arwier]

I want to thank you again for the rapid response and all the help and info you have given me.
here is the log you asked for


# DelFix v10.6 - Logfile created 09/03/2014 at 10:26:20
# Updated 11/11/2013 by Xplode
# Username : Owner - ARTSOLD
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\AdwCleaner
Deleted : C:\TDSSKiller.2.8.16.0_08.03.2014_10.13.15_log.txt
Deleted : C:\TDSSKiller.3.0.0.25_08.03.2014_10.14.53_log.txt
Deleted : C:\TDSSKiller.3.0.0.25_08.03.2014_10.18.40_log.txt
Deleted : C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
Deleted : C:\Documents and Settings\Owner\Desktop\AdwCleaner[S0].txt
Deleted : C:\Documents and Settings\Owner\Desktop\JRT.exe
Deleted : C:\Documents and Settings\Owner\Desktop\JRT.txt
Deleted : C:\Documents and Settings\Owner\Desktop\OTL.Txt
Deleted : C:\Documents and Settings\Owner\Desktop\OTL.exe
Deleted : C:\Documents and Settings\Owner\Desktop\SecurityCheck.exe
Deleted : C:\Documents and Settings\Owner\Desktop\TDSSKiller.3.0.0.25_08.03.2014_10.18.40_log.txt
Deleted : C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
Deleted : C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #577 [Installed Jasc Paint Shop Pro 8 | 01/21/2014 07:34:28]
Deleted : RP #578 [Software Distribution Service 3.0 | 01/21/2014 09:26:01]
Deleted : RP #579 [Software Distribution Service 3.0 | 01/22/2014 09:25:43]
Deleted : RP #580 [Software Distribution Service 3.0 | 01/23/2014 09:23:50]
Deleted : RP #581 [Software Distribution Service 3.0 | 01/24/2014 09:24:15]
Deleted : RP #582 [Software Distribution Service 3.0 | 01/25/2014 09:27:58]
Deleted : RP #583 [Revo Uninstaller's restore point - Mysearchdial | 01/26/2014 04:04:00]
Deleted : RP #584 [Revo Uninstaller's restore point - ZenSearch | 01/26/2014 04:07:17]
Deleted : RP #585 [Revo Uninstaller's restore point - RightSurf | 01/26/2014 04:08:41]
Deleted : RP #586 [Software Distribution Service 3.0 | 01/26/2014 07:51:23]
Deleted : RP #587 [Software Distribution Service 3.0 | 01/26/2014 09:14:18]
Deleted : RP #588 [Software Distribution Service 3.0 | 01/27/2014 09:14:23]
Deleted : RP #589 [Software Distribution Service 3.0 | 01/28/2014 09:15:44]
Deleted : RP #590 [Software Distribution Service 3.0 | 01/29/2014 09:14:30]
Deleted : RP #591 [Software Distribution Service 3.0 | 01/30/2014 09:14:29]
Deleted : RP #592 [Software Distribution Service 3.0 | 01/31/2014 09:14:27]
Deleted : RP #593 [Software Distribution Service 3.0 | 02/01/2014 09:14:44]
Deleted : RP #594 [Software Distribution Service 3.0 | 02/02/2014 07:57:38]
Deleted : RP #595 [Software Distribution Service 3.0 | 02/02/2014 15:35:43]
Deleted : RP #596 [Software Distribution Service 3.0 | 02/03/2014 15:35:40]
Deleted : RP #597 [Software Distribution Service 3.0 | 02/04/2014 15:35:44]
Deleted : RP #598 [System Checkpoint | 02/05/2014 16:27:55]
Deleted : RP #599 [Software Distribution Service 3.0 | 02/05/2014 22:33:25]
Deleted : RP #600 [Software Distribution Service 3.0 | 02/06/2014 22:33:20]
Deleted : RP #601 [Install LG UNITED Drivers | 02/07/2014 08:43:10]
Deleted : RP #602 [System Checkpoint | 02/08/2014 09:26:25]
Deleted : RP #603 [Software Distribution Service 3.0 | 02/08/2014 22:33:34]
Deleted : RP #604 [Software Distribution Service 3.0 | 02/09/2014 08:26:09]
Deleted : RP #605 [Software Distribution Service 3.0 | 02/09/2014 22:33:21]
Deleted : RP #606 [Software Distribution Service 3.0 | 02/10/2014 22:33:21]
Deleted : RP #607 [Software Distribution Service 3.0 | 02/11/2014 22:33:58]
Deleted : RP #608 [Software Distribution Service 3.0 | 02/12/2014 22:35:28]
Deleted : RP #609 [Software Distribution Service 3.0 | 02/13/2014 09:00:17]
Deleted : RP #610 [Software Distribution Service 3.0 | 02/14/2014 09:41:55]
Deleted : RP #611 [Software Distribution Service 3.0 | 02/15/2014 09:41:58]
Deleted : RP #612 [Software Distribution Service 3.0 | 02/16/2014 08:09:11]
Deleted : RP #613 [Software Distribution Service 3.0 | 02/16/2014 09:42:08]
Deleted : RP #614 [Software Distribution Service 3.0 | 02/17/2014 09:42:19]
Deleted : RP #615 [Software Distribution Service 3.0 | 02/18/2014 09:43:22]
Deleted : RP #616 [Software Distribution Service 3.0 | 02/19/2014 09:42:50]
Deleted : RP #617 [Software Distribution Service 3.0 | 02/20/2014 09:42:58]
Deleted : RP #618 [Software Distribution Service 3.0 | 02/21/2014 09:43:13]
Deleted : RP #619 [Software Distribution Service 3.0 | 02/22/2014 09:43:37]
Deleted : RP #620 [Software Distribution Service 3.0 | 02/23/2014 08:20:46]
Deleted : RP #621 [Software Distribution Service 3.0 | 02/23/2014 09:43:46]
Deleted : RP #622 [Software Distribution Service 3.0 | 02/24/2014 09:44:15]
Deleted : RP #623 [Software Distribution Service 3.0 | 02/25/2014 09:44:13]
Deleted : RP #624 [Software Distribution Service 3.0 | 02/26/2014 09:45:14]
Deleted : RP #625 [Software Distribution Service 3.0 | 02/27/2014 09:45:05]
Deleted : RP #626 [Software Distribution Service 3.0 | 02/28/2014 16:38:35]
Deleted : RP #627 [Software Distribution Service 3.0 | 03/01/2014 16:37:43]
Deleted : RP #628 [Software Distribution Service 3.0 | 03/02/2014 08:14:59]
Deleted : RP #629 [Software Distribution Service 3.0 | 03/02/2014 16:38:04]
Deleted : RP #630 [System Checkpoint | 03/03/2014 17:16:19]
Deleted : RP #631 [Software Distribution Service 3.0 | 03/04/2014 05:26:19]
Deleted : RP #632 [Software Distribution Service 3.0 | 03/05/2014 05:26:08]
Deleted : RP #633 [Software Distribution Service 3.0 | 03/06/2014 05:26:26]
Deleted : RP #634 [System Checkpoint | 03/07/2014 05:33:34]
Deleted : RP #635 [Software Distribution Service 3.0 | 03/07/2014 07:39:39]
Deleted : RP #636 [Software Distribution Service 3.0 | 03/07/2014 07:42:04]
Deleted : RP #637 [Revo Uninstaller's restore point - BearShare | 03/08/2014 01:30:40]
Deleted : RP #638 [Revo Uninstaller's restore point - BearShare | 03/08/2014 01:33:37]
Deleted : RP #639 [OTL Restore Point - 3/8/2014 9:31:44 AM | 03/08/2014 15:31:50]
Deleted : RP #640 [Software Distribution Service 3.0 | 03/08/2014 15:46:00]
Deleted : RP #641 [OTL Restore Point - 3/8/2014 6:22:01 PM | 03/09/2014 00:22:07]

New restore point created !

########## - EOF - ##########

[pystryker]

I want to thank you again for the rapid response and all the help and info you have given me.

You're very welcome, please don't hesitate to come back if you need us again.

[pystryker]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

[pystryker]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

[pystryker]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.