Jump to content

Outgoing IP blocks to malignant sites.


Bobobot

Recommended Posts

Hello,

Full scans with Avira and mbam show nothing. About six months ago I had a similar problem and opted in the end to reset the system factory settings using the recovery partition in the laptop, since scans indicated a previous ZeroAccess rootkit infection.

I'd again prefer to reformat the drives and reset the OS to factory settings by using the recovery partition, but I'm wondering if the hard drive recovery partition can be -or was- compromised earlier. I regrettably don't have a separate dvd backup of the partition that predates the infection.

Last time:

http://forums.malwar...l=&fromsearch=1

Blocks:

94.242.251.103 (Type: outgoing, Port: 53363, Process: chrome.exe)

2012/12/27 20:21:32 +0200 DONALD-PC normi IP-BLOCK 109.236.82.186 (Type: outgoing, Port: 54803, Process: chrome.exe)

2012/12/27 20:21:32 +0200 DONALD-PC normi IP-BLOCK 94.242.251.103 (Type: outgoing, Port: 54804, Process: chrome.exe)

DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16457

Run by Donald at 5:14:11 on 2012-12-28

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4008.2063

[GMT 2:00]

.

AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-

DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://asus.msn.com

uDefault_Page_URL = hxxp://asus.msn.com

mStart Page = hxxp://asus.msn.com

mWinlogon: Userinit = userinit.exe

BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:

\ProgramData\Partner\Partner.dll

BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program

Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6}

- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live

\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-

1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion

\companioncore.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:

\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program

Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint

\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint"

UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go

\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go"

UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF

Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media

\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\HControlUser.exe

mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus

\SonicFocusTray.exe

mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console

3\wcourier.exe

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup

\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup

\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-

FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-

65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion

\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-

E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer

\WriterBrowserExtension.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-

11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll

TCP: NameServer = 192.168.254.254 192.168.254.254

TCP: Interfaces\{5BFECA8C-2C50-4D21-84A5-BC2F322CCCB6} : DHCPNameServer =

192.168.254.254 192.168.254.254

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files

(x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

x64-mStart Page = hxxp://asus.msn.com

x64-BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:

\ProgramData\Partner\Partner64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-

5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:

\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program

Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage

\SERVICE\AsusWSService.exe

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel

\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3

x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Atheros\Bluetooth Suite

\BtvStack.exe"

x64-Run: [AthBtTray] "C:\Program Files (x86)\Atheros\Bluetooth Suite

\AthBtTray.exe"

x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe

x64-Run: [setwallpaper] c:\programdata\SetWallpaper.cmd

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-10-8

30056]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package

\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-12-14 27800]

R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-3-23 379520]

R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira

\AntiVir Desktop\sched.exe [2012-12-14 85280]

R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira

\AntiVir Desktop\avguard.exe [2012-12-14 109344]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX

\ASMMAP64.sys [2009-7-3 15416]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Atheros\Bluetooth Suite

\AdminService.exe [2010-11-26 52896]

R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-12-14

99912]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-

Malware\mbamscheduler.exe [2012-12-14 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-

Malware\mbamservice.exe [2012-12-14 676936]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers

\TurboB.sys [2010-4-17 13832]

R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files

\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys

[2010-11-26 28832]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys

[2010-12-13 138024]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys

[2010-10-14 317440]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-

12-14 25928]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys

[2011-3-23 333928]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN

v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

[2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN

v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

[2010-3-18 138576]

S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers

\btath_flt.sys [2010-11-26 36000]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers

\btath_a2dp.sys [2010-11-26 298144]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers

\btath_hcrp.sys [2010-11-26 201376]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers

\btath_lwflt.sys [2010-11-26 55456]

S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers

\btath_rcp.sys [2010-11-26 154272]

S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-11-26

275616]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-3-23 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows

Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2011

-3-23 332272]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows

\System32\drivers\rdpvideominiport.sys [2012-12-14 19456]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows

\System32\drivers\rtsuvstor.sys [2011-3-23 290920]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows

\System32\drivers\SiSG664.sys [2009-6-10 56832]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-14

57856]

S3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;C:\Windows

\System32\Wat\WatAdminSvc.exe [2012-12-13 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files

\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

.

=============== Created Last 30 ================

.

2012-12-27 18:30:28 -------- d-----w- C:

\TDSSKiller_Quarantine

2012-12-22 12:43:47 46080 ----a-w- C:\Windows

\System32\atmlib.dll

2012-12-22 12:43:47 367616 ----a-w- C:\Windows

\System32\atmfd.dll

2012-12-22 12:43:47 34304 ----a-w- C:\Windows

\SysWow64\atmlib.dll

2012-12-22 12:43:46 295424 ----a-w- C:\Windows

\SysWow64\atmfd.dll

2012-12-15 11:22:52 -------- d-----w- C:\files

2012-12-14 12:50:50 -------- d-----w- C:\downloads

2012-12-14 01:21:14 -------- d-----w- C:\Users\Donald

\AppData\Roaming\Malwarebytes

2012-12-14 01:21:06 -------- d-----w- C:\ProgramData

\Malwarebytes

2012-12-14 01:21:05 25928 ----a-w- C:\Windows\System32\drivers

\mbam.sys

2012-12-14 01:21:05 -------- d-----w- C:\Program Files

(x86)\Malwarebytes' Anti-Malware

2012-12-14 00:48:26 96768 ----a-w- C:\Windows

\SysWow64\sspicli.dll

2012-12-14 00:47:22 245760 ----a-w- C:\Windows

\System32\OxpsConverter.exe

2012-12-13 23:50:54 -------- d-----w- C:\Windows

\System32\SPReview

2012-12-13 23:50:27 -------- d-----w- C:\Windows

\System32\EventProviders

2012-12-13 23:37:59 982912 ----a-w- C:\Windows\System32\drivers

\dxgkrnl.sys

2012-12-13 23:36:59 70656 ----a-w- C:\Windows

\SysWow64\amstream.dll

2012-12-13 23:34:57 529408 ----a-w- C:\Windows

\System32\wbemcomn.dll

2012-12-13 23:34:57 244736 ----a-w- C:\Program Files\Windows

Portable Devices\sqmapi.dll

2012-12-13 23:34:51 244736 ----a-w- C:\Windows

\System32\sqmapi.dll

2012-12-13 22:42:59 -------- d-----w- C:\Users\Donald

\AppData\Roaming\Avira

2012-12-13 22:40:07 -------- d-----w- C:\Users\Donald

\AppData\Local\APN

2012-12-13 22:40:02 99912 ----a-w- C:\Windows\System32\drivers

\avgntflt.sys

2012-12-13 22:40:02 27800 ----a-w- C:\Windows\System32\drivers

\avkmgr.sys

2012-12-13 22:40:01 -------- d-----w- C:\ProgramData\Avira

2012-12-13 22:40:01 -------- d-----w- C:\Program Files

(x86)\Avira

2012-12-13 22:27:42 902656 ----a-w- C:\Windows\System32\d2d1.dll

2012-12-13 22:27:42 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-12-13 22:27:42 1139200 ----a-w- C:\Windows

\System32\FntCache.dll

2012-12-13 21:50:13 -------- d-----w- C:\Windows

\SysWow64\Wat

2012-12-13 21:50:13 -------- d-----w- C:\Windows

\System32\Wat

2012-12-13 21:33:20 9125352 ----a-w- C:\ProgramData\Microsoft

\Windows Defender\Definition Updates\{F89374FA-520B-42AB-82DC-

4BB82AFBE426}\mpengine.dll

2012-12-13 21:21:44 2560 ----a-w- C:\Windows\System32\drivers

\sv-SE\wdf01000.sys.mui

2012-12-13 21:21:44 2560 ----a-w- C:\Windows\System32\drivers

\nb-NO\wdf01000.sys.mui

2012-12-13 21:21:44 2560 ----a-w- C:\Windows\System32\drivers

\fi-FI\wdf01000.sys.mui

2012-12-13 21:21:44 2560 ----a-w- C:\Windows\System32\drivers

\en-US\wdf01000.sys.mui

2012-12-13 21:21:44 2560 ----a-w- C:\Windows\System32\drivers

\da-DK\wdf01000.sys.mui

2012-12-13 21:21:43 9728 ----a-w- C:\Windows

\System32\Wdfres.dll

2012-12-13 21:21:43 785512 ----a-w- C:\Windows\System32\drivers

\Wdf01000.sys

2012-12-13 21:21:43 54376 ----a-w- C:\Windows\System32\drivers

\WdfLdr.sys

2012-12-13 21:13:04 294912 ----a-w- C:\Windows

\System32\browserchoice.exe

2012-12-13 21:07:18 87040 ----a-w- C:\Windows\System32\drivers

\WUDFPf.sys

2012-12-13 21:07:18 198656 ----a-w- C:\Windows\System32\drivers

\WUDFRd.sys

2012-12-13 21:07:17 84992 ----a-w- C:\Windows

\System32\WUDFSvc.dll

2012-12-13 21:07:17 744448 ----a-w- C:\Windows

\System32\WUDFx.dll

2012-12-13 21:07:17 45056 ----a-w- C:\Windows

\System32\WUDFCoinstaller.dll

2012-12-13 21:07:17 229888 ----a-w- C:\Windows

\System32\WUDFHost.exe

2012-12-13 21:07:17 194048 ----a-w- C:\Windows

\System32\WUDFPlatform.dll

2012-12-13 21:06:17 81408 ----a-w- C:\Windows

\System32\imagehlp.dll

2012-12-13 21:06:17 23408 ----a-w- C:\Windows\System32\drivers

\fs_rec.sys

2012-12-13 21:06:17 159232 ----a-w- C:\Windows

\SysWow64\imagehlp.dll

2012-12-13 21:06:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-12-13 21:06:16 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-12-13 21:05:14 1659760 ----a-w- C:\Windows\System32\drivers

\ntfs.sys

2012-12-13 21:05:09 1544704 ----a-w- C:\Windows

\System32\DWrite.dll

2012-12-13 21:05:09 1077248 ----a-w- C:\Windows

\SysWow64\DWrite.dll

2012-12-13 21:03:59 850944 ----a-w- C:\Windows\SysWow64\sbe.dll

2012-12-13 21:02:59 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-12-13 20:50:51 -------- d-----w- C:\Users\Donald

\AppData\Local\Google

2012-12-13 20:36:51 2622464 ----a-w- C:\Windows

\System32\wucltux.dll

2012-12-13 20:36:47 99840 ----a-w- C:\Windows

\System32\wudriver.dll

2012-12-13 20:36:45 36864 ----a-w- C:\Windows

\System32\wuapp.exe

2012-12-13 20:36:45 186752 ----a-w- C:\Windows

\System32\wuwebv.dll

2012-12-13 19:31:27 -------- d-----w- C:\Users\Donald

\AppData\Roaming\Asus WebStorage

2012-12-13 19:31:09 -------- d-----w- C:\Users\Donald

\AppData\Local\BMExplorer

.

==================== Find3M ====================

.

2012-12-14 00:39:29 45056 ----a-w- C:\Windows

\System32\acovcnt.exe

2012-12-14 00:24:12 175616 ----a-w- C:\Windows

\System32\msclmd.dll

2012-12-14 00:24:12 152576 ----a-w- C:\Windows

\SysWow64\msclmd.dll

2012-11-22 03:26:40 3149824 ----a-w- C:\Windows

\System32\win32k.sys

2012-11-09 05:45:09 2048 ----a-w- C:\Windows

\System32\tzres.dll

2012-11-09 04:42:49 2048 ----a-w- C:\Windows

\SysWow64\tzres.dll

2012-11-02 05:59:11 478208 ----a-w- C:\Windows

\System32\dpnet.dll

2012-11-02 05:11:31 376832 ----a-w- C:\Windows

\SysWow64\dpnet.dll

2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch

\AppPatch64\AcXtrnal.dll

2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch

\AppPatch64\AcLayers.dll

2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch

\AcLayers.dll

2012-10-09 18:17:13 55296 ----a-w- C:\Windows

\System32\dhcpcsvc6.dll

2012-10-09 18:17:13 226816 ----a-w- C:\Windows

\System32\dhcpcore6.dll

2012-10-09 17:40:31 44032 ----a-w- C:\Windows

\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40:31 193536 ----a-w- C:\Windows

\SysWow64\dhcpcore6.dll

2012-10-04 17:46:16 362496 ----a-w- C:\Windows

\System32\wow64win.dll

2012-10-04 17:46:15 243200 ----a-w- C:\Windows

\System32\wow64.dll

2012-10-04 17:46:15 13312 ----a-w- C:\Windows

\System32\wow64cpu.dll

2012-10-04 17:45:55 215040 ----a-w- C:\Windows

\System32\winsrv.dll

2012-10-04 17:43:28 16384 ----a-w- C:\Windows

\System32\ntvdm64.dll

2012-10-04 17:41:16 424960 ----a-w- C:\Windows

\System32\KernelBase.dll

2012-10-04 16:47:41 5120 ----a-w- C:\Windows

\SysWow64\wow32.dll

2012-10-04 16:47:41 274944 ----a-w- C:\Windows

\SysWow64\KernelBase.dll

2012-10-04 15:21:55 338432 ----a-w- C:\Windows

\System32\conhost.exe

2012-10-04 14:46:46 7680 ----a-w- C:\Windows

\SysWow64\instnm.exe

2012-10-04 14:46:46 25600 ----a-w- C:\Windows

\SysWow64\setup16.exe

2012-10-04 14:46:44 14336 ----a-w- C:\Windows

\SysWow64\ntvdm64.dll

2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-

win-security-base-l1-1-0.dll

2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-

win-core-threadpool-l1-1-0.dll

2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-

win-core-xstate-l1-1-0.dll

2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-

win-core-util-l1-1-0.dll

2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers

\tcpip.sys

2012-10-03 17:44:21 70656 ----a-w- C:\Windows

\System32\nlaapi.dll

2012-10-03 17:44:21 303104 ----a-w- C:\Windows

\System32\nlasvc.dll

2012-10-03 17:44:17 246272 ----a-w- C:\Windows

\System32\netcorehc.dll

2012-10-03 17:44:17 18944 ----a-w- C:\Windows

\System32\netevent.dll

2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll

2012-10-03 17:42:16 569344 ----a-w- C:\Windows

\System32\iphlpsvc.dll

2012-10-03 16:42:24 18944 ----a-w- C:\Windows

\SysWow64\netevent.dll

2012-10-03 16:42:24 175104 ----a-w- C:\Windows

\SysWow64\netcorehc.dll

2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll

2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers

\tcpipreg.sys

2012-10-02 19:51:15 3536817 ----a-w- C:\Windows

\System32\nvcoproc.bin

2012-10-02 19:51:11 3293544 ----a-w- C:\Windows

\System32\nvsvc64.dll

2012-10-02 19:51:04 6200680 ----a-w- C:\Windows

\System32\nvcpl.dll

2012-10-02 19:50:57 891240 ----a-w- C:\Windows

\System32\nvvsvc.exe

2012-10-02 19:50:57 866664 ----a-w- C:\Windows

\System32\nv3dappshext.dll

2012-10-02 19:50:57 63336 ----a-w- C:\Windows

\System32\nvshext.dll

2012-10-02 19:50:57 55144 ----a-w- C:\Windows

\System32\nv3dappshextr.dll

2012-10-02 19:50:57 2557800 ----a-w- C:\Windows

\System32\nvsvcr.dll

2012-10-02 19:50:57 118120 ----a-w- C:\Windows

\System32\nvmctray.dll

.

============= FINISH: 5:14:32,91 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 13.12.2012 21:29:08

System Uptime: 27.12.2012 21:40:43 (8 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K53SV

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz | CPU 1 | 782/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 444 GiB total, 408,75 GiB free.

E: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

ASUS AI Recovery

ASUS FancyStart

ASUS K3 Series ScreenSaver

ASUS LifeFrame3

ASUS Live Update

ASUS Power4Gear Hybrid

ASUS SmartLogon

ASUS Splendid Video Enhancement Technology

ASUS WebStorage

ASUS Virtual Camera

AsusVibe2.0

Atheros WLAN and Bluetooth Client Installation Program

ATK Package

Avira Free Antivirus

Bluetooth Win7 Suite (64)

Bookworm Deluxe

Cooking Dash

CyberLink LabelPrint

CyberLink Power2Go

D3DX10

ETDWare PS/2-X64 8.0.5.0_WHQL

Fast Boot

Game Park Console

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Governor of Poker

Hotel Dash Suite Success

Intel® Control Center

Intel® Processor Graphics

Intel® Turbo Boost Technology Monitor

Jewel Quest 3

Junk Mail filter update

Luxor 3

Mahjongg dimensions

Malwarebytes Anti-Malware versio 1.65.1.1000

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile FIN Language Pack

Microsoft .NET Framework 4 Client Profilen suomen kielipaketti

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB973685)

Nuance PDF Reader

NVIDIA-ohjauspaneeli 306.97

NVIDIA-päivitykset 1.10.8

NVIDIA Grafiikkaohjain 306.97

NVIDIA Install Application

NVIDIA Optimus 1.10.8

NVIDIA Update Components

Plants vs Zombies

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Realtek USB 2.0 Reader Driver

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Sonic Focus

syncables desktop SE

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinFlash

Wireless Console 3

World of Goo

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

    [*]Please do not attach logs or use code boxes, just copy and paste the text.

    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.

    [*]Please read every post completely before doing anything.

    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.

    [*]Please provide feedback about your experience as we go.

    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

 

 

 

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from
here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download
AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+

Gringo

Link to post
Share on other sites

Nothing seems different on the computer, though the ip blocks were irregular occurences to start with. I also failed to mention on the first post that I ran TDSS killer before contacting this forum. The one suspicious file it removed is mentioned below.

20:29:48.0633 3728 Detected object count: 1

20:29:48.0633 3728 Actual detected object count: 1

20:30:28.0241 3728 C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe - copied to quarantine

20:30:28.0241 3728 HKLM\SYSTEM\ControlSet001\services\Atheros Bt&Wlan Coex Agent - will be deleted on reboot

20:30:28.0287 3728 HKLM\SYSTEM\ControlSet002\services\Atheros Bt&Wlan Coex Agent - will be deleted on reboot

20:30:28.0506 3728 C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe - will be deleted on reboot

20:30:28.0506 3728 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Delete

20:31:13.0106 2472 Deinitialize success

Rest of the scans.

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Avira Desktop

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware versio 1.65.1.1000

Google Chrome 23.0.1271.97

Google Chrome 3.0.195.27

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:

````````````````````End of Log``````````````````````

# AdwCleaner v2.103 - Logfile created 12/28/2012 at 12:28:03

# Updated 25/12/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Donald - DONALD-PC

# Boot Mode : Normal

# Running from : C:\Users\Donald\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Partner

Folder Deleted : C:\Users\Donald\AppData\Local\APN

Folder Deleted : C:\Users\Donald\AppData\Local\Temp\AskSearch

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4f73-BBBA-9B2B222FB7D6}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll

Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho

Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Donald\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\normi\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

Roguekiller

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤

[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\Run : Nuance PDF Reader-reminder ("C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini") -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BPVT-80HXZT1 +++++

--- User ---

[MBR] 808d1b6df875075220a521a048472825

[bSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45062328 | Size: 454935 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_12282012_02d1235.txt >>

RKreport[1]_S_12282012_02d1235.txt

Link to post
Share on other sites

  • Staff

Hello Bobobot

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

Link 1
Link 2
Link 3

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

Link to post
Share on other sites

Combofix worked completed the scan and removals in ten minutes or so. It went otherwise normally, but at the beginning avira antivir pop up informed that it had blocked a program that tried to access registry, even though I disabled the realtime functionality of avira.

The computer seems to work fine, though the problems that I had were rather infrequent(the ip blocks, rare momentary browser freezes) to begin and the trial version of mbam has now expired, so I can't really tell if they're gone.

ComboFix 12-12-28.02 - Donald 28.12.2012 20:48:42.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4008.2625 [GMT 2:00]

Sijainti: c:\users\Donald\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Uusi palautuspiste luotu

.

.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\AsFac.log

c:\windows\msvcr71.dll

.

.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-11-28 to 2012-12-28 )))))))))))))))))

.

.

2012-12-28 18:55 . 2012-12-28 18:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-12-28 18:55 . 2012-12-28 18:55 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-27 18:30 . 2012-12-27 18:30 -------- d-----w- C:\TDSSKiller_Quarantine

2012-12-22 12:43 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-22 12:43 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-22 12:43 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-12-22 12:43 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-15 11:22 . 2012-12-28 10:46 -------- d-----w- C:\files

2012-12-14 12:50 . 2012-12-28 10:12 -------- d-----w- C:\downloads

2012-12-14 12:38 . 2012-12-14 12:39 -------- d-----w- c:\users\normi

2012-12-14 01:21 . 2012-12-14 01:21 -------- d-----w- c:\programdata\Malwarebytes

2012-12-14 01:21 . 2012-12-14 01:21 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-12-14 01:21 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-14 00:48 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-12-14 00:47 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-12-13 23:50 . 2012-12-13 23:50 -------- d-----w- c:\windows\system32\SPReview

2012-12-13 23:50 . 2012-12-13 23:50 -------- d-----w- c:\windows\system32\EventProviders

2012-12-13 23:37 . 2010-11-20 13:33 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2012-12-13 23:36 . 2010-11-20 13:27 35840 ----a-w- c:\windows\system32\msdmo.dll

2012-12-13 23:34 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll

2012-12-13 23:34 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll

2012-12-13 23:34 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll

2012-12-13 22:54 . 2012-12-13 22:54 -------- d-----w- c:\program files (x86)\Microsoft.NET

2012-12-13 22:40 . 2012-12-03 13:36 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys

2012-12-13 22:40 . 2012-12-03 13:36 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-12-13 22:40 . 2012-11-16 18:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-12-13 22:40 . 2012-12-13 22:40 -------- d-----w- c:\programdata\Avira

2012-12-13 22:40 . 2012-12-13 22:40 -------- d-----w- c:\program files (x86)\Avira

2012-12-13 22:27 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll

2012-12-13 22:27 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-12-13 22:27 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2012-12-13 21:50 . 2012-12-13 21:50 -------- d-----w- c:\windows\SysWow64\Wat

2012-12-13 21:50 . 2012-12-13 21:50 -------- d-----w- c:\windows\system32\Wat

2012-12-13 21:33 . 2012-11-18 23:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F89374FA-520B-42AB-82DC-4BB82AFBE426}\mpengine.dll

2012-12-13 21:21 . 2012-07-26 07:45 2560 ----a-w- c:\windows\system32\drivers\sv-SE\wdf01000.sys.mui

2012-12-13 21:21 . 2012-07-26 07:31 2560 ----a-w- c:\windows\system32\drivers\da-DK\wdf01000.sys.mui

2012-12-13 21:21 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\nb-NO\wdf01000.sys.mui

2012-12-13 21:21 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\fi-FI\wdf01000.sys.mui

2012-12-13 21:21 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui

2012-12-13 21:21 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-12-13 21:21 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-12-13 21:21 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-12-13 21:16 . 2012-11-28 13:58 67413224 ----a-w- c:\windows\system32\MRT.exe

2012-12-13 21:13 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe

2012-12-13 21:07 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-12-13 21:07 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-12-13 21:07 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe

2012-12-13 21:07 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-12-13 21:07 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll

2012-12-13 21:07 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-12-13 21:07 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-12-13 21:06 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-12-13 21:06 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2012-12-13 21:06 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-12-13 21:06 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2012-12-13 21:06 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-12-13 21:05 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-12-13 21:05 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll

2012-12-13 21:05 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll

2012-12-13 21:05 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-12-13 21:03 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-12-13 21:02 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll

2012-12-13 20:36 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-12-13 20:36 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-12-13 20:36 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

2012-12-13 20:36 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-12-13 20:36 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

2012-12-13 20:36 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-12-13 20:36 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-12-13 20:36 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-12-13 20:36 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-12-13 19:29 . 2012-12-14 00:39 45056 ----a-w- c:\windows\system32\acovcnt.exe

2012-12-13 19:29 . 2012-12-13 19:31 -------- d-----w- C:\ASUS.DAT

2012-12-13 19:29 . 2012-12-13 19:29 -------- d-----w- c:\users\Donald

.

.

.

(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-14 00:24 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2012-12-14 00:24 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2012-12-13 22:25 . 2010-06-24 18:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-10-16 08:38 . 2012-12-13 21:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-12-13 21:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-12-13 21:04 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-10 00:22 . 2012-10-10 00:22 80384 ----a-w- c:\windows\system32\igdde64.dll

2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc

2012-10-10 00:22 . 2012-10-10 00:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll

2012-10-10 00:22 . 2012-10-10 00:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll

2012-10-10 00:22 . 2012-10-10 00:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe

2012-10-10 00:22 . 2012-10-10 00:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc

2012-10-10 00:22 . 2012-10-10 00:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll

2012-10-10 00:22 . 2012-10-10 00:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll

2012-10-10 00:22 . 2012-10-10 00:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll

2012-10-10 00:22 . 2012-10-10 00:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll

2012-10-10 00:22 . 2012-10-10 00:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc

2012-10-10 00:22 . 2012-10-10 00:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc

2012-10-10 00:22 . 2012-10-10 00:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll

2012-10-10 00:22 . 2011-03-23 12:19 12836864 ----a-w- c:\windows\system32\igd10umd64.dll

2012-10-10 00:22 . 2011-03-23 12:19 110592 ----a-w- c:\windows\system32\hccutils.dll

2012-10-10 00:22 . 2012-10-10 00:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll

2012-10-10 00:22 . 2012-10-10 00:22 12604416 ----a-w- c:\windows\system32\igdumd64.dll

2012-10-10 00:22 . 2012-10-10 00:22 441888 ----a-w- c:\windows\system32\igfxpers.exe

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc

2012-10-10 00:22 . 2012-10-10 00:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll

2012-10-10 00:22 . 2012-10-10 00:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys

2012-10-10 00:22 . 2012-10-10 00:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll

2012-10-10 00:22 . 2012-10-10 00:22 441856 ----a-w- c:\windows\system32\igfxdev.dll

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc

2012-10-10 00:22 . 2012-10-10 00:22 399392 ----a-w- c:\windows\system32\hkcmd.exe

2012-10-10 00:22 . 2012-10-10 00:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin

2012-10-10 00:22 . 2012-10-10 00:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl

2012-10-10 00:22 . 2012-10-10 00:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll

2012-10-10 00:22 . 2011-03-23 12:19 63488 ----a-w- c:\windows\system32\igfxsrvc.dll

2012-10-10 00:22 . 2011-03-23 12:19 9007616 ----a-w- c:\windows\system32\igfxress.dll

2012-10-10 00:22 . 2012-10-10 00:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll

2012-10-10 00:22 . 2012-10-10 00:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll

2012-10-10 00:22 . 2012-10-10 00:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc

2012-10-10 00:22 . 2012-10-10 00:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc

2012-10-10 00:22 . 2012-10-10 00:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe

2012-10-10 00:22 . 2012-10-10 00:22 185376 ----a-w- c:\windows\system32\difx64.exe

2012-10-10 00:22 . 2012-10-10 00:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll

2012-10-10 00:22 . 2012-10-10 00:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll

2012-10-10 00:22 . 2012-10-10 00:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc

2012-10-10 00:22 . 2012-10-10 00:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc

2012-10-10 00:22 . 2012-10-10 00:22 171040 ----a-w- c:\windows\system32\igfxtray.exe

2012-10-10 00:22 . 2012-10-10 00:22 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll

2012-10-10 00:22 . 2012-10-10 00:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe

2012-10-10 00:22 . 2012-10-10 00:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc

2012-10-10 00:22 . 2012-10-10 00:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc

2012-10-10 00:22 . 2012-10-10 00:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc

2012-10-10 00:22 . 2012-10-10 00:22 142336 ----a-w- c:\windows\system32\igfxdo.dll

2012-10-10 00:22 . 2012-10-10 00:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin

2012-10-10 00:22 . 2012-10-10 00:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll

2012-10-10 00:22 . 2012-10-10 00:22 386048 ----a-w- c:\windows\system32\igfxpph.dll

2012-10-10 00:22 . 2012-10-10 00:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc

2012-10-10 00:22 . 2012-10-10 00:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc

2012-10-10 00:22 . 2012-10-10 00:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc

2012-10-10 00:22 . 2012-10-10 00:22 28672 ----a-w- c:\windows\system32\igfxexps.dll

2012-10-10 00:22 . 2012-10-10 00:22 252448 ----a-w- c:\windows\system32\igfxext.exe

2012-10-10 00:22 . 2011-03-23 12:19 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll

2012-10-10 00:22 . 2012-10-10 00:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll

2012-10-10 00:22 . 2012-10-10 00:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc

2012-10-08 09:42 . 2012-10-08 09:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-10-08 09:42 . 2012-10-08 09:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-08 09:42 . 2012-10-08 09:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-08 09:42 . 2012-10-08 09:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-08 09:42 . 2012-10-08 09:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-08 09:42 . 2012-10-08 09:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-08 09:42 . 2012-10-08 09:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-08 09:42 . 2011-03-23 13:12 973672 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-10-08 09:42 . 2012-10-08 09:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-08 09:42 . 2012-10-08 09:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-08 09:42 . 2012-10-08 09:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys

2012-10-08 09:42 . 2012-10-08 09:42 2747240 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-08 09:42 . 2012-10-08 09:42 25256296 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-08 09:42 . 2012-10-08 09:42 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-10-08 09:42 . 2011-03-23 13:12 247144 ----a-w- c:\windows\system32\nvinitx.dll

2012-10-08 09:42 . 2012-10-08 09:42 9146728 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-08 09:42 . 2012-10-08 09:42 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll

2012-10-08 09:42 . 2012-10-08 09:42 7414632 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-08 09:42 . 2012-10-08 09:42 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-10-08 09:42 . 2012-10-08 09:42 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-08 09:42 . 2011-03-23 13:12 202600 ----a-w- c:\windows\SysWow64\nvinit.dll

2012-10-08 09:42 . 2012-10-08 09:42 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll

.

.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]

"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]

"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]

"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-04 384800]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-3-23 548528]

FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-3-23 12862]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]

R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]

R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]

R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-13 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]

S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-11-30 379520]

S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]

S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 333928]

.

.

'Ajoitetut tehtävät'-kansion sisältö

.

2012-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]

.

2012-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-23 2188904]

"AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]

"AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Täydentävä tarkistus -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://asus.msn.com

mStart Page = hxxp://asus.msn.com

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 192.168.254.254 192.168.254.254

.

- - - - POISTETUT JÄMÄRIVIT - - - -

.

Toolbar-Locked - (no file)

SafeBoot-71783896.sys

Toolbar-Locked - (no file)

HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe

HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd

.

.

.

--------------------- LUKITUT REKISTERIAVAIMET ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Valmistumisajankohta: 2012-12-28 20:58:35

ComboFix-quarantined-files.txt 2012-12-28 18:58

.

Ennen ajoa: 439 029 219 328 tavua vapaana

Ajon jälkeen: 439 297 241 088 tavua vapaana

.

- - End Of File - - A0A96F946267540A3FAE2E2A9ED0792C

Link to post
Share on other sites

  • Staff

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.

  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo

Link to post
Share on other sites

Computer status: After running last time windows started complaining that the internet security settings are not safe. I reset security settings. Also when signing in with normal user rights windows complained that no real-time scanner is active even though avira claims to be up and running.

23:03:40.0808 3988 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

23:03:40.0855 3988 ============================================================

23:03:40.0855 3988 Current date / time: 2012/12/28 23:03:40.0855

23:03:40.0855 3988 SystemInfo:

23:03:40.0855 3988

23:03:40.0855 3988 OS Version: 6.1.7601 ServicePack: 1.0

23:03:40.0855 3988 Product type: Workstation

23:03:40.0855 3988 ComputerName: DONALD-PC

23:03:40.0855 3988 UserName: Donald

23:03:40.0855 3988 Windows directory: C:\Windows

23:03:40.0855 3988 System windows directory: C:\Windows

23:03:40.0855 3988 Running under WOW64

23:03:40.0855 3988 Processor architecture: Intel x64

23:03:40.0855 3988 Number of processors: 4

23:03:40.0855 3988 Page size: 0x1000

23:03:40.0855 3988 Boot type: Normal boot

23:03:40.0855 3988 ============================================================

23:03:41.0822 3988 BG loaded

23:03:44.0147 3988 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

23:03:44.0147 3988 ============================================================

23:03:44.0147 3988 \Device\Harddisk0\DR0:

23:03:44.0147 3988 MBR partitions:

23:03:44.0147 3988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2AF98B8, BlocksNum 0x3788BF78

23:03:44.0147 3988 ============================================================

23:03:44.0209 3988 C: <-> \Device\Harddisk0\DR0\Partition1

23:03:44.0209 3988 ============================================================

23:03:44.0209 3988 Initialize success

23:03:44.0209 3988 ============================================================

23:04:25.0370 4292 ============================================================

23:04:25.0370 4292 Scan started

23:04:25.0370 4292 Mode: Manual; SigCheck; TDLFS;

23:04:25.0370 4292 ============================================================

23:04:25.0557 4292 ================ Scan system memory ========================

23:04:25.0557 4292 System memory - ok

23:04:25.0557 4292 ================ Scan services =============================

23:04:26.0135 4292 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

23:04:26.0337 4292 1394ohci - ok

23:04:26.0384 4292 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

23:04:26.0462 4292 ACPI - ok

23:04:26.0509 4292 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

23:04:26.0696 4292 AcpiPmi - ok

23:04:26.0759 4292 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

23:04:26.0852 4292 adp94xx - ok

23:04:26.0868 4292 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

23:04:26.0930 4292 adpahci - ok

23:04:26.0930 4292 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

23:04:26.0961 4292 adpu320 - ok

23:04:27.0024 4292 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

23:04:27.0258 4292 AeLookupSvc - ok

23:04:27.0320 4292 [ 079CBA3C5C9AB11B2B4E6BD729A860F2 ] AFBAgent C:\Windows\system32\FBAgent.exe

23:04:27.0414 4292 AFBAgent - ok

23:04:27.0539 4292 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

23:04:27.0632 4292 AFD - ok

23:04:27.0710 4292 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

23:04:27.0757 4292 agp440 - ok

23:04:27.0773 4292 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

23:04:27.0851 4292 ALG - ok

23:04:27.0944 4292 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

23:04:27.0975 4292 aliide - ok

23:04:28.0038 4292 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

23:04:28.0069 4292 amdide - ok

23:04:28.0131 4292 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

23:04:28.0209 4292 AmdK8 - ok

23:04:28.0209 4292 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

23:04:28.0272 4292 AmdPPM - ok

23:04:28.0319 4292 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

23:04:28.0365 4292 amdsata - ok

23:04:28.0381 4292 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

23:04:28.0412 4292 amdsbs - ok

23:04:28.0428 4292 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

23:04:28.0459 4292 amdxata - ok

23:04:28.0662 4292 [ D89562A6AE8E07A457452E5B5560EB43 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

23:04:28.0709 4292 AntiVirSchedulerService - ok

23:04:28.0771 4292 [ E953EB70B3C4F0BA108C35D45420B86B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

23:04:28.0787 4292 AntiVirService - ok

23:04:28.0849 4292 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

23:04:29.0114 4292 AppID - ok

23:04:29.0130 4292 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

23:04:29.0255 4292 AppIDSvc - ok

23:04:29.0301 4292 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

23:04:29.0411 4292 Appinfo - ok

23:04:29.0426 4292 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

23:04:29.0457 4292 arc - ok

23:04:29.0457 4292 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

23:04:29.0489 4292 arcsas - ok

23:04:29.0520 4292 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

23:04:29.0551 4292 ASLDRService - ok

23:04:29.0567 4292 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

23:04:29.0598 4292 ASMMAP64 - ok

23:04:29.0598 4292 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

23:04:29.0707 4292 AsyncMac - ok

23:04:29.0754 4292 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

23:04:29.0785 4292 atapi - ok

23:04:29.0832 4292 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys

23:04:29.0863 4292 AthBTPort - ok

23:04:29.0957 4292 [ 749FF240DEDAFAFF94288E0307104DF3 ] AtherosSvc C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe

23:04:29.0988 4292 AtherosSvc - ok

23:04:30.0081 4292 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys

23:04:30.0222 4292 athr - ok

23:04:30.0237 4292 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

23:04:30.0269 4292 ATKGFNEXSrv - ok

23:04:30.0284 4292 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

23:04:30.0300 4292 ATKWMIACPIIO - ok

23:04:30.0347 4292 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

23:04:30.0456 4292 AudioEndpointBuilder - ok

23:04:30.0487 4292 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

23:04:30.0534 4292 AudioSrv - ok

23:04:30.0549 4292 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys

23:04:30.0581 4292 avgntflt - ok

23:04:30.0627 4292 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys

23:04:30.0674 4292 avipbb - ok

23:04:30.0690 4292 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys

23:04:30.0721 4292 avkmgr - ok

23:04:30.0768 4292 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

23:04:30.0908 4292 AxInstSV - ok

23:04:30.0971 4292 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

23:04:31.0049 4292 b06bdrv - ok

23:04:31.0095 4292 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

23:04:31.0173 4292 b57nd60a - ok

23:04:31.0220 4292 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

23:04:31.0329 4292 BDESVC - ok

23:04:31.0329 4292 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

23:04:31.0454 4292 Beep - ok

23:04:31.0532 4292 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

23:04:31.0657 4292 BFE - ok

23:04:31.0829 4292 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

23:04:32.0016 4292 BITS - ok

23:04:32.0063 4292 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

23:04:32.0141 4292 blbdrive - ok

23:04:32.0172 4292 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

23:04:32.0265 4292 bowser - ok

23:04:32.0297 4292 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

23:04:32.0499 4292 BrFiltLo - ok

23:04:32.0515 4292 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

23:04:32.0546 4292 BrFiltUp - ok

23:04:32.0640 4292 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

23:04:32.0765 4292 BridgeMP - ok

23:04:32.0827 4292 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

23:04:32.0889 4292 Browser - ok

23:04:32.0921 4292 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

23:04:32.0983 4292 Brserid - ok

23:04:33.0030 4292 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

23:04:33.0139 4292 BrSerWdm - ok

23:04:33.0170 4292 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

23:04:33.0248 4292 BrUsbMdm - ok

23:04:33.0264 4292 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

23:04:33.0311 4292 BrUsbSer - ok

23:04:33.0373 4292 [ 227C8F308DE4AF4808E587465CEAB838 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys

23:04:33.0420 4292 BTATH_A2DP - ok

23:04:33.0467 4292 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys

23:04:33.0513 4292 BTATH_BUS - ok

23:04:33.0560 4292 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys

23:04:33.0591 4292 BTATH_HCRP - ok

23:04:33.0638 4292 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys

23:04:33.0669 4292 BTATH_LWFLT - ok

23:04:33.0716 4292 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys

23:04:33.0747 4292 BTATH_RCP - ok

23:04:33.0794 4292 [ 486720DA2B3BB13D1080C83140C18B56 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys

23:04:33.0810 4292 BtFilter - ok

23:04:33.0872 4292 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

23:04:34.0013 4292 BthEnum - ok

23:04:34.0028 4292 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

23:04:34.0122 4292 BTHMODEM - ok

23:04:34.0137 4292 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

23:04:34.0184 4292 BthPan - ok

23:04:34.0231 4292 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

23:04:34.0340 4292 BTHPORT - ok

23:04:34.0434 4292 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

23:04:34.0574 4292 bthserv - ok

23:04:34.0605 4292 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

23:04:34.0715 4292 BTHUSB - ok

23:04:34.0761 4292 catchme - ok

23:04:34.0777 4292 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

23:04:34.0902 4292 cdfs - ok

23:04:34.0995 4292 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

23:04:35.0073 4292 cdrom - ok

23:04:35.0151 4292 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

23:04:35.0261 4292 CertPropSvc - ok

23:04:35.0292 4292 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

23:04:35.0339 4292 circlass - ok

23:04:35.0401 4292 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

23:04:35.0463 4292 CLFS - ok

23:04:35.0822 4292 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

23:04:35.0869 4292 clr_optimization_v2.0.50727_32 - ok

23:04:36.0103 4292 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

23:04:36.0181 4292 clr_optimization_v2.0.50727_64 - ok

23:04:36.0633 4292 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

23:04:36.0727 4292 clr_optimization_v4.0.30319_32 - ok

23:04:36.0961 4292 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

23:04:36.0992 4292 clr_optimization_v4.0.30319_64 - ok

23:04:37.0023 4292 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

23:04:37.0055 4292 CmBatt - ok

23:04:37.0055 4292 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

23:04:37.0101 4292 cmdide - ok

23:04:37.0133 4292 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys

23:04:37.0211 4292 CNG - ok

23:04:37.0242 4292 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

23:04:37.0289 4292 Compbatt - ok

23:04:37.0351 4292 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

23:04:37.0398 4292 CompositeBus - ok

23:04:37.0413 4292 COMSysApp - ok

23:04:38.0895 4292 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe

23:04:38.0958 4292 cphs - ok

23:04:38.0989 4292 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

23:04:39.0020 4292 crcdisk - ok

23:04:39.0129 4292 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

23:04:39.0285 4292 CryptSvc - ok

23:04:39.0379 4292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

23:04:39.0488 4292 DcomLaunch - ok

23:04:39.0582 4292 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

23:04:39.0800 4292 defragsvc - ok

23:04:39.0878 4292 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

23:04:40.0019 4292 DfsC - ok

23:04:40.0097 4292 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

23:04:40.0221 4292 Dhcp - ok

23:04:40.0315 4292 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

23:04:40.0440 4292 discache - ok

23:04:40.0518 4292 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

23:04:40.0549 4292 Disk - ok

23:04:40.0627 4292 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

23:04:40.0767 4292 Dnscache - ok

23:04:40.0814 4292 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

23:04:40.0892 4292 dot3svc - ok

23:04:40.0923 4292 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

23:04:41.0017 4292 DPS - ok

23:04:41.0064 4292 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

23:04:41.0111 4292 drmkaud - ok

23:04:41.0157 4292 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

23:04:41.0204 4292 DXGKrnl - ok

23:04:41.0251 4292 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

23:04:41.0345 4292 EapHost - ok

23:04:41.0485 4292 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

23:04:41.0688 4292 ebdrv - ok

23:04:41.0750 4292 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

23:04:41.0813 4292 EFS - ok

23:04:42.0015 4292 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

23:04:42.0109 4292 ehRecvr - ok

23:04:42.0156 4292 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

23:04:42.0265 4292 ehSched - ok

23:04:42.0343 4292 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

23:04:42.0405 4292 elxstor - ok

23:04:42.0452 4292 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

23:04:42.0499 4292 ErrDev - ok

23:04:42.0530 4292 [ 5B042AA9CEBDAB5B61E747DDCEBFF51B ] ETD C:\Windows\system32\DRIVERS\ETD.sys

23:04:42.0561 4292 ETD - ok

23:04:42.0608 4292 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

23:04:42.0702 4292 EventSystem - ok

23:04:42.0780 4292 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

23:04:42.0873 4292 exfat - ok

23:04:42.0905 4292 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

23:04:42.0998 4292 fastfat - ok

23:04:43.0045 4292 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

23:04:43.0139 4292 Fax - ok

23:04:43.0170 4292 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

23:04:43.0295 4292 fdc - ok

23:04:43.0341 4292 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

23:04:43.0451 4292 fdPHost - ok

23:04:43.0451 4292 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

23:04:43.0529 4292 FDResPub - ok

23:04:43.0529 4292 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

23:04:43.0560 4292 FileInfo - ok

23:04:43.0560 4292 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

23:04:43.0622 4292 Filetrace - ok

23:04:43.0653 4292 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

23:04:43.0669 4292 flpydisk - ok

23:04:43.0716 4292 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

23:04:43.0747 4292 FltMgr - ok

23:04:43.0794 4292 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

23:04:43.0872 4292 FontCache - ok

23:04:43.0934 4292 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

23:04:43.0950 4292 FontCache3.0.0.0 - ok

23:04:43.0950 4292 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

23:04:43.0981 4292 FsDepends - ok

23:04:44.0028 4292 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

23:04:44.0043 4292 fssfltr - ok

23:04:44.0199 4292 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

23:04:44.0246 4292 fsssvc - ok

23:04:44.0293 4292 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

23:04:44.0309 4292 Fs_Rec - ok

23:04:44.0449 4292 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

23:04:44.0543 4292 fvevol - ok

23:04:44.0605 4292 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

23:04:44.0652 4292 gagp30kx - ok

23:04:44.0777 4292 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

23:04:44.0917 4292 gpsvc - ok

23:04:45.0026 4292 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

23:04:45.0057 4292 gupdate - ok

23:04:45.0073 4292 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

23:04:45.0089 4292 gupdatem - ok

23:04:45.0167 4292 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

23:04:45.0182 4292 gusvc - ok

23:04:45.0213 4292 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

23:04:45.0291 4292 hcw85cir - ok

23:04:45.0354 4292 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

23:04:45.0479 4292 HdAudAddService - ok

23:04:45.0603 4292 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

23:04:45.0666 4292 HDAudBus - ok

23:04:45.0681 4292 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

23:04:45.0759 4292 HidBatt - ok

23:04:45.0775 4292 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

23:04:45.0822 4292 HidBth - ok

23:04:45.0837 4292 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

23:04:45.0915 4292 HidIr - ok

23:04:45.0978 4292 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

23:04:46.0071 4292 hidserv - ok

23:04:46.0118 4292 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

23:04:46.0165 4292 HidUsb - ok

23:04:46.0851 4292 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

23:04:46.0992 4292 hkmsvc - ok

23:04:47.0070 4292 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

23:04:47.0257 4292 HomeGroupListener - ok

23:04:47.0335 4292 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

23:04:47.0397 4292 HomeGroupProvider - ok

23:04:47.0460 4292 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

23:04:47.0475 4292 HpSAMD - ok

23:04:47.0663 4292 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

23:04:47.0756 4292 HTTP - ok

23:04:47.0819 4292 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

23:04:47.0897 4292 hwpolicy - ok

23:04:48.0006 4292 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

23:04:48.0084 4292 i8042prt - ok

23:04:48.0193 4292 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

23:04:48.0224 4292 iaStor - ok

23:04:48.0333 4292 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

23:04:48.0396 4292 iaStorV - ok

23:04:48.0645 4292 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

23:04:48.0692 4292 idsvc - ok

23:04:49.0940 4292 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

23:04:50.0096 4292 igfx - ok

23:04:50.0283 4292 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

23:04:50.0330 4292 iirsp - ok

23:04:50.0408 4292 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

23:04:50.0502 4292 IKEEXT - ok

23:04:51.0313 4292 [ 3E3926F4FA7C9162C5C3EC6BF1E4F349 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

23:04:51.0407 4292 IntcAzAudAddService - ok

23:04:51.0469 4292 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

23:04:51.0516 4292 IntcDAud - ok

23:04:51.0563 4292 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

23:04:51.0594 4292 intelide - ok

23:04:51.0672 4292 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

23:04:51.0719 4292 intelppm - ok

23:04:51.0765 4292 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

23:04:51.0828 4292 IPBusEnum - ok

23:04:51.0890 4292 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

23:04:51.0999 4292 IpFilterDriver - ok

23:04:52.0077 4292 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

23:04:52.0202 4292 iphlpsvc - ok

23:04:52.0249 4292 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

23:04:52.0296 4292 IPMIDRV - ok

23:04:52.0327 4292 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

23:04:52.0421 4292 IPNAT - ok

23:04:52.0452 4292 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

23:04:52.0608 4292 IRENUM - ok

23:04:52.0655 4292 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

23:04:52.0686 4292 isapnp - ok

23:04:52.0764 4292 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

23:04:52.0826 4292 iScsiPrt - ok

23:04:52.0857 4292 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

23:04:52.0889 4292 kbdclass - ok

23:04:52.0951 4292 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

23:04:53.0076 4292 kbdhid - ok

23:04:53.0123 4292 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys

23:04:53.0138 4292 kbfiltr - ok

23:04:53.0154 4292 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

23:04:53.0185 4292 KeyIso - ok

23:04:53.0216 4292 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

23:04:53.0247 4292 KSecDD - ok

23:04:53.0325 4292 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

23:04:53.0372 4292 KSecPkg - ok

23:04:53.0403 4292 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

23:04:53.0497 4292 ksthunk - ok

23:04:53.0591 4292 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

23:04:53.0715 4292 KtmRm - ok

23:04:53.0793 4292 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

23:04:53.0903 4292 LanmanServer - ok

23:04:53.0949 4292 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

23:04:54.0074 4292 LanmanWorkstation - ok

23:04:54.0121 4292 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

23:04:54.0215 4292 lltdio - ok

23:04:54.0277 4292 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

23:04:54.0371 4292 lltdsvc - ok

23:04:54.0371 4292 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

23:04:54.0433 4292 lmhosts - ok

23:04:54.0464 4292 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

23:04:54.0511 4292 LSI_FC - ok

23:04:54.0527 4292 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

23:04:54.0542 4292 LSI_SAS - ok

23:04:54.0542 4292 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

23:04:54.0573 4292 LSI_SAS2 - ok

23:04:54.0573 4292 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

23:04:54.0605 4292 LSI_SCSI - ok

23:04:54.0651 4292 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

23:04:54.0729 4292 luafv - ok

23:04:54.0761 4292 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

23:04:54.0776 4292 MBAMProtector - ok

23:04:54.0948 4292 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

23:04:54.0979 4292 MBAMScheduler - ok

23:04:55.0026 4292 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

23:04:55.0057 4292 MBAMService - ok

23:04:55.0104 4292 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

23:04:55.0166 4292 Mcx2Svc - ok

23:04:55.0182 4292 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

23:04:55.0197 4292 megasas - ok

23:04:55.0291 4292 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

23:04:55.0338 4292 MegaSR - ok

23:04:55.0385 4292 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

23:04:55.0400 4292 MEIx64 - ok

23:04:55.0463 4292 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

23:04:55.0572 4292 MMCSS - ok

23:04:55.0650 4292 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

23:04:55.0743 4292 Modem - ok

23:04:55.0790 4292 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

23:04:55.0837 4292 monitor - ok

23:04:55.0884 4292 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

23:04:55.0915 4292 mouclass - ok

23:04:55.0915 4292 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

23:04:55.0962 4292 mouhid - ok

23:04:56.0009 4292 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

23:04:56.0055 4292 mountmgr - ok

23:04:56.0102 4292 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

23:04:56.0133 4292 mpio - ok

23:04:56.0149 4292 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

23:04:56.0243 4292 mpsdrv - ok

23:04:56.0289 4292 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

23:04:56.0383 4292 MpsSvc - ok

23:04:56.0414 4292 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

23:04:56.0477 4292 MRxDAV - ok

23:04:56.0508 4292 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

23:04:56.0570 4292 mrxsmb - ok

23:04:56.0586 4292 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

23:04:56.0695 4292 mrxsmb10 - ok

23:04:56.0742 4292 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

23:04:56.0773 4292 mrxsmb20 - ok

23:04:56.0804 4292 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

23:04:56.0835 4292 msahci - ok

23:04:56.0867 4292 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

23:04:56.0898 4292 msdsm - ok

23:04:56.0913 4292 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

23:04:56.0976 4292 MSDTC - ok

23:04:56.0991 4292 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

23:04:57.0038 4292 Msfs - ok

23:04:57.0054 4292 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

23:04:57.0132 4292 mshidkmdf - ok

23:04:57.0147 4292 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

23:04:57.0163 4292 msisadrv - ok

23:04:57.0210 4292 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

23:04:57.0288 4292 MSiSCSI - ok

23:04:57.0288 4292 msiserver - ok

23:04:57.0303 4292 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

23:04:57.0381 4292 MSKSSRV - ok

23:04:57.0381 4292 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

23:04:57.0444 4292 MSPCLOCK - ok

23:04:57.0459 4292 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

23:04:57.0537 4292 MSPQM - ok

23:04:57.0647 4292 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

23:04:57.0709 4292 MsRPC - ok

23:04:57.0771 4292 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

23:04:57.0787 4292 mssmbios - ok

23:04:57.0803 4292 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

23:04:57.0896 4292 MSTEE - ok

23:04:57.0912 4292 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

23:04:57.0974 4292 MTConfig - ok

23:04:58.0005 4292 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

23:04:58.0037 4292 Mup - ok

23:04:58.0099 4292 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

23:04:58.0177 4292 napagent - ok

23:04:58.0208 4292 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

23:04:58.0255 4292 NativeWifiP - ok

23:04:58.0302 4292 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

23:04:58.0364 4292 NDIS - ok

23:04:58.0395 4292 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

23:04:58.0489 4292 NdisCap - ok

23:04:58.0520 4292 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

23:04:58.0583 4292 NdisTapi - ok

23:04:58.0661 4292 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

23:04:58.0754 4292 Ndisuio - ok

23:04:58.0770 4292 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

23:04:58.0863 4292 NdisWan - ok

23:04:58.0879 4292 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

23:04:58.0957 4292 NDProxy - ok

23:04:58.0957 4292 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

23:04:59.0035 4292 NetBIOS - ok

23:04:59.0066 4292 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

23:04:59.0129 4292 NetBT - ok

23:04:59.0144 4292 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

23:04:59.0160 4292 Netlogon - ok

23:04:59.0222 4292 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

23:04:59.0331 4292 Netman - ok

23:04:59.0347 4292 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

23:04:59.0409 4292 netprofm - ok

23:04:59.0441 4292 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

23:04:59.0472 4292 NetTcpPortSharing - ok

23:04:59.0487 4292 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

23:04:59.0534 4292 nfrd960 - ok

23:04:59.0565 4292 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

23:04:59.0612 4292 NlaSvc - ok

23:04:59.0612 4292 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

23:04:59.0675 4292 Npfs - ok

23:04:59.0690 4292 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

23:04:59.0753 4292 nsi - ok

23:04:59.0753 4292 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

23:04:59.0831 4292 nsiproxy - ok

23:04:59.0909 4292 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

23:05:00.0065 4292 Ntfs - ok

23:05:00.0065 4292 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

23:05:00.0143 4292 Null - ok

23:05:00.0533 4292 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

23:05:00.0860 4292 nvlddmkm - ok

23:05:00.0891 4292 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys

23:05:00.0923 4292 nvpciflt - ok

23:05:00.0938 4292 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

23:05:00.0954 4292 nvraid - ok

23:05:01.0001 4292 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

23:05:01.0032 4292 nvstor - ok

23:05:01.0079 4292 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe

23:05:01.0141 4292 NVSvc - ok

23:05:01.0219 4292 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

23:05:01.0281 4292 nvUpdatusService - ok

23:05:01.0313 4292 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

23:05:01.0344 4292 nv_agp - ok

23:05:01.0375 4292 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

23:05:01.0406 4292 ohci1394 - ok

23:05:01.0453 4292 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

23:05:01.0547 4292 p2pimsvc - ok

23:05:01.0593 4292 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

23:05:01.0687 4292 p2psvc - ok

23:05:01.0687 4292 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

23:05:01.0734 4292 Parport - ok

23:05:01.0765 4292 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

23:05:01.0796 4292 partmgr - ok

23:05:01.0859 4292 Partner Service - ok

23:05:01.0874 4292 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

23:05:01.0937 4292 PcaSvc - ok

23:05:01.0952 4292 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

23:05:01.0983 4292 pci - ok

23:05:01.0999 4292 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

23:05:02.0030 4292 pciide - ok

23:05:02.0046 4292 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

23:05:02.0077 4292 pcmcia - ok

23:05:02.0077 4292 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

23:05:02.0108 4292 pcw - ok

23:05:02.0108 4292 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

23:05:02.0202 4292 PEAUTH - ok

23:05:02.0233 4292 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

23:05:02.0264 4292 PerfHost - ok

23:05:02.0358 4292 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

23:05:02.0514 4292 pla - ok

23:05:02.0576 4292 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

23:05:02.0685 4292 PlugPlay - ok

23:05:02.0717 4292 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

23:05:02.0748 4292 PNRPAutoReg - ok

23:05:02.0779 4292 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

23:05:02.0810 4292 PNRPsvc - ok

23:05:02.0841 4292 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

23:05:02.0935 4292 PolicyAgent - ok

23:05:02.0982 4292 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

23:05:03.0075 4292 Power - ok

23:05:03.0091 4292 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

23:05:03.0169 4292 PptpMiniport - ok

23:05:03.0185 4292 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

23:05:03.0216 4292 Processor - ok

23:05:03.0278 4292 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

23:05:03.0356 4292 ProfSvc - ok

23:05:03.0356 4292 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

23:05:03.0387 4292 ProtectedStorage - ok

23:05:03.0434 4292 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

23:05:03.0528 4292 Psched - ok

23:05:03.0575 4292 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

23:05:03.0731 4292 ql2300 - ok

23:05:03.0731 4292 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

23:05:03.0762 4292 ql40xx - ok

23:05:03.0777 4292 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

23:05:03.0824 4292 QWAVE - ok

23:05:03.0840 4292 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

23:05:03.0871 4292 QWAVEdrv - ok

23:05:03.0887 4292 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

23:05:03.0949 4292 RasAcd - ok

23:05:03.0980 4292 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

23:05:04.0074 4292 RasAgileVpn - ok

23:05:04.0089 4292 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

23:05:04.0167 4292 RasAuto - ok

23:05:04.0199 4292 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

23:05:04.0261 4292 Rasl2tp - ok

23:05:04.0308 4292 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

23:05:04.0401 4292 RasMan - ok

23:05:04.0417 4292 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

23:05:04.0495 4292 RasPppoe - ok

23:05:04.0495 4292 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

23:05:04.0573 4292 RasSstp - ok

23:05:04.0620 4292 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

23:05:04.0713 4292 rdbss - ok

23:05:04.0745 4292 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

23:05:04.0963 4292 rdpbus - ok

23:05:04.0979 4292 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

23:05:05.0072 4292 RDPCDD - ok

23:05:05.0088 4292 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

23:05:05.0166 4292 RDPENCDD - ok

23:05:05.0197 4292 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

23:05:05.0244 4292 RDPREFMP - ok

23:05:05.0384 4292 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

23:05:05.0447 4292 RdpVideoMiniport - ok

23:05:05.0493 4292 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

23:05:05.0587 4292 RDPWD - ok

23:05:05.0634 4292 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

23:05:05.0665 4292 rdyboost - ok

23:05:05.0696 4292 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

23:05:05.0774 4292 RemoteAccess - ok

23:05:05.0821 4292 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

23:05:05.0946 4292 RemoteRegistry - ok

23:05:05.0961 4292 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

23:05:06.0008 4292 RFCOMM - ok

23:05:06.0024 4292 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

23:05:06.0117 4292 RpcEptMapper - ok

23:05:06.0149 4292 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

23:05:06.0195 4292 RpcLocator - ok

23:05:06.0242 4292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

23:05:06.0320 4292 RpcSs - ok

23:05:06.0336 4292 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

23:05:06.0414 4292 rspndr - ok

23:05:06.0461 4292 [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys

23:05:06.0507 4292 RSUSBVSTOR - ok

23:05:06.0570 4292 [ 20A466B9EA2BD828C0EC723F99B8CFE7 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

23:05:06.0601 4292 RTL8167 - ok

23:05:06.0632 4292 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

23:05:06.0648 4292 SamSs - ok

23:05:06.0679 4292 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

23:05:06.0710 4292 sbp2port - ok

23:05:06.0726 4292 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

23:05:06.0804 4292 SCardSvr - ok

23:05:06.0835 4292 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

23:05:06.0897 4292 scfilter - ok

23:05:06.0944 4292 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

23:05:07.0038 4292 Schedule - ok

23:05:07.0069 4292 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

23:05:07.0147 4292 SCPolicySvc - ok

23:05:07.0178 4292 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

23:05:07.0225 4292 SDRSVC - ok

23:05:07.0241 4292 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

23:05:07.0287 4292 secdrv - ok

23:05:07.0319 4292 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

23:05:07.0381 4292 seclogon - ok

23:05:07.0412 4292 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

23:05:07.0506 4292 SENS - ok

23:05:07.0521 4292 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

23:05:07.0584 4292 SensrSvc - ok

23:05:07.0584 4292 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

23:05:07.0631 4292 Serenum - ok

23:05:07.0662 4292 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

23:05:07.0693 4292 Serial - ok

23:05:07.0724 4292 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

23:05:07.0771 4292 sermouse - ok

23:05:07.0818 4292 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

23:05:07.0911 4292 SessionEnv - ok

23:05:07.0943 4292 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

23:05:08.0005 4292 sffdisk - ok

23:05:08.0021 4292 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

23:05:08.0067 4292 sffp_mmc - ok

23:05:08.0083 4292 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

23:05:08.0145 4292 sffp_sd - ok

23:05:08.0145 4292 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

23:05:08.0192 4292 sfloppy - ok

23:05:08.0239 4292 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

23:05:08.0348 4292 SharedAccess - ok

23:05:08.0379 4292 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

23:05:08.0489 4292 ShellHWDetection - ok

23:05:08.0504 4292 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys

23:05:08.0551 4292 SiSGbeLH - ok

23:05:08.0567 4292 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

23:05:08.0598 4292 SiSRaid2 - ok

23:05:08.0613 4292 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

23:05:08.0645 4292 SiSRaid4 - ok

23:05:08.0660 4292 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

23:05:08.0754 4292 Smb - ok

23:05:08.0801 4292 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

23:05:08.0816 4292 SNMPTRAP - ok

23:05:08.0816 4292 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

23:05:08.0847 4292 spldr - ok

23:05:08.0894 4292 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

23:05:08.0972 4292 Spooler - ok

23:05:09.0097 4292 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

23:05:09.0222 4292 sppsvc - ok

23:05:09.0237 4292 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

23:05:09.0300 4292 sppuinotify - ok

23:05:09.0393 4292 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

23:05:09.0503 4292 srv - ok

23:05:09.0549 4292 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

23:05:09.0612 4292 srv2 - ok

23:05:09.0627 4292 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

23:05:09.0690 4292 srvnet - ok

23:05:09.0737 4292 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

23:05:09.0830 4292 SSDPSRV - ok

23:05:09.0830 4292 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

23:05:09.0908 4292 SstpSvc - ok

23:05:09.0939 4292 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

23:05:09.0955 4292 stexstor - ok

23:05:10.0095 4292 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

23:05:10.0173 4292 stisvc - ok

23:05:10.0220 4292 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

23:05:10.0251 4292 swenum - ok

23:05:10.0361 4292 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

23:05:10.0454 4292 swprv - ok

23:05:10.0704 4292 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

23:05:10.0782 4292 SysMain - ok

23:05:10.0813 4292 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

23:05:10.0860 4292 TabletInputService - ok

23:05:10.0907 4292 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

23:05:11.0016 4292 TapiSrv - ok

23:05:11.0047 4292 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

23:05:11.0141 4292 TBS - ok

23:05:11.0312 4292 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

23:05:11.0437 4292 Tcpip - ok

23:05:11.0484 4292 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

23:05:11.0546 4292 TCPIP6 - ok

23:05:11.0577 4292 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

23:05:11.0624 4292 tcpipreg - ok

23:05:11.0687 4292 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

23:05:11.0749 4292 TDPIPE - ok

23:05:11.0811 4292 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

23:05:11.0843 4292 TDTCP - ok

23:05:11.0905 4292 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

23:05:12.0030 4292 tdx - ok

23:05:12.0108 4292 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

23:05:12.0139 4292 TermDD - ok

23:05:12.0201 4292 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

23:05:12.0451 4292 TermService - ok

23:05:12.0482 4292 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

23:05:12.0545 4292 Themes - ok

23:05:12.0560 4292 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

23:05:12.0638 4292 THREADORDER - ok

23:05:12.0669 4292 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

23:05:12.0732 4292 TrkWks - ok

23:05:12.0794 4292 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

23:05:12.0872 4292 TrustedInstaller - ok

23:05:12.0903 4292 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

23:05:12.0966 4292 tssecsrv - ok

23:05:13.0013 4292 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

23:05:13.0091 4292 TsUsbFlt - ok

23:05:13.0137 4292 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

23:05:13.0247 4292 tunnel - ok

23:05:13.0278 4292 [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys

23:05:13.0309 4292 TurboB - ok

23:05:13.0356 4292 [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe

23:05:13.0371 4292 TurboBoost - ok

23:05:13.0403 4292 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

23:05:13.0434 4292 uagp35 - ok

23:05:13.0465 4292 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

23:05:13.0574 4292 udfs - ok

23:05:13.0621 4292 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

23:05:13.0652 4292 UI0Detect - ok

23:05:13.0683 4292 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

23:05:13.0699 4292 uliagpkx - ok

23:05:13.0730 4292 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

23:05:13.0746 4292 umbus - ok

23:05:13.0761 4292 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

23:05:13.0808 4292 UmPass - ok

23:05:13.0824 4292 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

23:05:13.0902 4292 upnphost - ok

23:05:13.0933 4292 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

23:05:13.0995 4292 usbccgp - ok

23:05:14.0027 4292 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

23:05:14.0089 4292 usbcir - ok

23:05:14.0105 4292 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

23:05:14.0151 4292 usbehci - ok

23:05:14.0183 4292 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

23:05:14.0229 4292 usbhub - ok

23:05:14.0261 4292 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

23:05:14.0307 4292 usbohci - ok

23:05:14.0323 4292 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

23:05:14.0354 4292 usbprint - ok

23:05:14.0370 4292 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS

23:05:14.0417 4292 USBSTOR - ok

23:05:14.0417 4292 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

23:05:14.0463 4292 usbuhci - ok

23:05:14.0510 4292 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

23:05:14.0557 4292 usbvideo - ok

23:05:14.0588 4292 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

23:05:14.0651 4292 UxSms - ok

23:05:14.0666 4292 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

23:05:14.0682 4292 VaultSvc - ok

23:05:14.0713 4292 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

23:05:14.0729 4292 vdrvroot - ok

23:05:14.0775 4292 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

23:05:14.0853 4292 vds - ok

23:05:14.0869 4292 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

23:05:14.0900 4292 vga - ok

23:05:14.0916 4292 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

23:05:14.0963 4292 VgaSave - ok

23:05:15.0009 4292 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

23:05:15.0056 4292 vhdmp - ok

23:05:15.0087 4292 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

23:05:15.0119 4292 viaide - ok

23:05:15.0119 4292 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

23:05:15.0150 4292 volmgr - ok

23:05:15.0197 4292 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

23:05:15.0259 4292 volmgrx - ok

23:05:15.0275 4292 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

23:05:15.0306 4292 volsnap - ok

23:05:15.0337 4292 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

23:05:15.0384 4292 vsmraid - ok

23:05:15.0446 4292 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

23:05:15.0555 4292 VSS - ok

23:05:15.0571 4292 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

23:05:15.0649 4292 vwifibus - ok

23:05:15.0649 4292 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

23:05:15.0696 4292 vwififlt - ok

23:05:15.0774 4292 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

23:05:15.0867 4292 W32Time - ok

23:05:15.0867 4292 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

23:05:15.0899 4292 WacomPen - ok

23:05:15.0914 4292 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

23:05:16.0008 4292 WANARP - ok

23:05:16.0008 4292 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

23:05:16.0070 4292 Wanarpv6 - ok

23:05:16.0179 4292 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

23:05:16.0257 4292 WatAdminSvc - ok

23:05:16.0320 4292 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

23:05:16.0398 4292 wbengine - ok

23:05:16.0445 4292 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

23:05:16.0507 4292 WbioSrvc - ok

23:05:16.0554 4292 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

23:05:16.0663 4292 wcncsvc - ok

23:05:16.0694 4292 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

23:05:16.0757 4292 WcsPlugInService - ok

23:05:16.0757 4292 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

23:05:16.0788 4292 Wd - ok

23:05:16.0835 4292 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

23:05:16.0913 4292 Wdf01000 - ok

23:05:16.0928 4292 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

23:05:17.0069 4292 WdiServiceHost - ok

23:05:17.0069 4292 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

23:05:17.0115 4292 WdiSystemHost - ok

23:05:17.0162 4292 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

23:05:17.0256 4292 WebClient - ok

23:05:17.0271 4292 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

23:05:17.0349 4292 Wecsvc - ok

23:05:17.0381 4292 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

23:05:17.0459 4292 wercplsupport - ok

23:05:17.0459 4292 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

23:05:17.0521 4292 WerSvc - ok

23:05:17.0552 4292 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

23:05:17.0599 4292 WfpLwf - ok

23:05:17.0646 4292 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

23:05:17.0693 4292 WimFltr - ok

23:05:17.0693 4292 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

23:05:17.0724 4292 WIMMount - ok

23:05:17.0755 4292 WinDefend - ok

23:05:17.0771 4292 WinHttpAutoProxySvc - ok

23:05:17.0942 4292 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

23:05:18.0036 4292 Winmgmt - ok

23:05:18.0114 4292 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

23:05:18.0317 4292 WinRM - ok

23:05:18.0379 4292 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

23:05:18.0441 4292 Wlansvc - ok

23:05:18.0504 4292 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

23:05:18.0519 4292 wlcrasvc - ok

23:05:18.0660 4292 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

23:05:18.0722 4292 wlidsvc - ok

23:05:18.0785 4292 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

23:05:18.0831 4292 WmiAcpi - ok

23:05:18.0863 4292 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

23:05:18.0925 4292 wmiApSrv - ok

23:05:18.0956 4292 WMPNetworkSvc - ok

23:05:18.0972 4292 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

23:05:19.0019 4292 WPCSvc - ok

23:05:19.0050 4292 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

23:05:19.0112 4292 WPDBusEnum - ok

23:05:19.0128 4292 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

23:05:19.0221 4292 ws2ifsl - ok

23:05:19.0237 4292 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

23:05:19.0284 4292 wscsvc - ok

23:05:19.0284 4292 WSearch - ok

23:05:19.0377 4292 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

23:05:19.0455 4292 wuauserv - ok

23:05:19.0502 4292 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

23:05:19.0549 4292 WudfPf - ok

23:05:19.0565 4292 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

23:05:19.0611 4292 WUDFRd - ok

23:05:19.0643 4292 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

23:05:19.0689 4292 wudfsvc - ok

23:05:19.0705 4292 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

23:05:19.0767 4292 WwanSvc - ok

23:05:19.0783 4292 ================ Scan global ===============================

23:05:19.0814 4292 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

23:05:19.0861 4292 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

23:05:19.0908 4292 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll

23:05:19.0939 4292 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

23:05:19.0986 4292 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

23:05:20.0017 4292 [Global] - ok

23:05:20.0017 4292 ================ Scan MBR ==================================

23:05:20.0033 4292 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

23:05:20.0501 4292 \Device\Harddisk0\DR0 - ok

23:05:20.0501 4292 ================ Scan VBR ==================================

23:05:20.0501 4292 [ F0E0BC3C64404C324EFCA0BCC21DCEA0 ] \Device\Harddisk0\DR0\Partition1

23:05:20.0501 4292 \Device\Harddisk0\DR0\Partition1 - ok

23:05:20.0516 4292 ================ Scan active images ========================

23:05:20.0516 4292 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys

23:05:20.0516 4292 C:\Windows\System32\drivers\crashdmp.sys - ok

23:05:20.0516 4292 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys

23:05:20.0516 4292 C:\Windows\System32\drivers\dumpfve.sys - ok

23:05:20.0532 4292 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] C:\Windows\System32\drivers\iaStor.sys

23:05:20.0532 4292 C:\Windows\System32\drivers\iaStor.sys - ok

23:05:20.0547 4292 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys

23:05:20.0547 4292 C:\Windows\System32\drivers\beep.sys - ok

23:05:20.0547 4292 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys

23:05:20.0547 4292 C:\Windows\System32\drivers\cdrom.sys - ok

23:05:20.0563 4292 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys

23:05:20.0563 4292 C:\Windows\System32\drivers\null.sys - ok

23:05:20.0563 4292 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys

23:05:20.0563 4292 C:\Windows\System32\drivers\RDPCDD.sys - ok

23:05:20.0579 4292 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys

23:05:20.0579 4292 C:\Windows\System32\drivers\RDPENCDD.sys - ok

23:05:20.0594 4292 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys

23:05:20.0594 4292 C:\Windows\System32\drivers\RDPREFMP.sys - ok

23:05:20.0594 4292 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys

23:05:20.0594 4292 C:\Windows\System32\drivers\vga.sys - ok

23:05:20.0610 4292 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys

23:05:20.0610 4292 C:\Windows\System32\drivers\videoprt.sys - ok

23:05:20.0610 4292 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys

23:05:20.0610 4292 C:\Windows\System32\drivers\watchdog.sys - ok

23:05:20.0625 4292 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys

23:05:20.0625 4292 C:\Windows\System32\drivers\msfs.sys - ok

23:05:20.0641 4292 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys

23:05:20.0641 4292 C:\Windows\System32\drivers\npfs.sys - ok

23:05:20.0641 4292 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys

23:05:20.0641 4292 C:\Windows\System32\drivers\tdi.sys - ok

23:05:20.0657 4292 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys

23:05:20.0657 4292 C:\Windows\System32\drivers\tdx.sys - ok

23:05:20.0657 4292 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys

23:05:20.0657 4292 C:\Windows\System32\drivers\afd.sys - ok

23:05:20.0672 4292 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys

23:05:20.0672 4292 C:\Windows\System32\drivers\netbt.sys - ok

23:05:20.0672 4292 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys

23:05:20.0672 4292 C:\Windows\System32\drivers\wfplwf.sys - ok

23:05:20.0688 4292 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys

23:05:20.0688 4292 C:\Windows\System32\drivers\ws2ifsl.sys - ok

23:05:20.0703 4292 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys

23:05:20.0703 4292 C:\Windows\System32\drivers\pacer.sys - ok

23:05:20.0703 4292 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys

23:05:20.0703 4292 C:\Windows\System32\drivers\netbios.sys - ok

23:05:20.0719 4292 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys

23:05:20.0719 4292 C:\Windows\System32\drivers\vwififlt.sys - ok

23:05:20.0719 4292 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys

23:05:20.0719 4292 C:\Windows\System32\drivers\wanarp.sys - ok

23:05:20.0719 4292 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys

23:05:20.0719 4292 C:\Windows\System32\drivers\termdd.sys - ok

23:05:20.0735 4292 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys

23:05:20.0735 4292 C:\Windows\System32\drivers\nsiproxy.sys - ok

23:05:20.0735 4292 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys

23:05:20.0735 4292 C:\Windows\System32\drivers\rdbss.sys - ok

23:05:20.0735 4292 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys

23:05:20.0735 4292 C:\Windows\System32\drivers\discache.sys - ok

23:05:20.0750 4292 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys

23:05:20.0750 4292 C:\Windows\System32\drivers\mssmbios.sys - ok

23:05:20.0750 4292 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys

23:05:20.0750 4292 C:\Windows\System32\drivers\blbdrive.sys - ok

23:05:20.0750 4292 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys

23:05:20.0750 4292 C:\Windows\System32\drivers\dfsc.sys - ok

23:05:20.0766 4292 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] C:\Windows\System32\drivers\avipbb.sys

23:05:20.0766 4292 C:\Windows\System32\drivers\avipbb.sys - ok

23:05:20.0766 4292 [ CD0E732347BF09717E0BDDC0C66699AB ] C:\Windows\System32\drivers\avkmgr.sys

23:05:20.0766 4292 C:\Windows\System32\drivers\avkmgr.sys - ok

23:05:20.0781 4292 [ 1F7238A37389ED92E9D8EEE975CABD54 ] C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

23:05:20.0781 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - ok

23:05:20.0781 4292 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys

23:05:20.0781 4292 C:\Windows\System32\drivers\tunnel.sys - ok

23:05:20.0781 4292 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll

23:05:20.0781 4292 C:\Windows\System32\ntdll.dll - ok

23:05:20.0797 4292 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe

23:05:20.0797 4292 C:\Windows\System32\smss.exe - ok

23:05:20.0797 4292 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe

23:05:20.0797 4292 C:\Windows\System32\autochk.exe - ok

23:05:20.0797 4292 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] C:\Windows\System32\drivers\nvlddmkm.sys

23:05:20.0797 4292 C:\Windows\System32\drivers\nvlddmkm.sys - ok

23:05:20.0813 4292 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys

23:05:20.0813 4292 C:\Windows\System32\drivers\dxgkrnl.sys - ok

23:05:20.0813 4292 [ F1BDD59D0334ABB1C66978322016080A ] C:\Windows\System32\drivers\nvBridge.kmd

23:05:20.0813 4292 C:\Windows\System32\drivers\nvBridge.kmd - ok

23:05:20.0813 4292 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys

23:05:20.0813 4292 C:\Windows\System32\drivers\dxgmms1.sys - ok

23:05:20.0828 4292 [ A1CF07D24EDCDC6870535471654D957C ] C:\Windows\System32\drivers\igdkmd64.sys

23:05:20.0828 4292 C:\Windows\System32\drivers\igdkmd64.sys - ok

23:05:20.0828 4292 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys

23:05:20.0828 4292 C:\Windows\System32\drivers\HECIx64.sys - ok

23:05:20.0828 4292 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys

23:05:20.0828 4292 C:\Windows\System32\drivers\usbehci.sys - ok

23:05:20.0844 4292 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys

23:05:20.0844 4292 C:\Windows\System32\drivers\usbport.sys - ok

23:05:20.0844 4292 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys

23:05:20.0844 4292 C:\Windows\System32\drivers\hdaudbus.sys - ok

23:05:20.0844 4292 [ B4174564AD5834A1680610572477878C ] C:\Windows\System32\drivers\athrx.sys

23:05:20.0844 4292 C:\Windows\System32\drivers\athrx.sys - ok

23:05:20.0859 4292 [ 20A466B9EA2BD828C0EC723F99B8CFE7 ] C:\Windows\System32\drivers\Rt64win7.sys

23:05:20.0859 4292 C:\Windows\System32\drivers\Rt64win7.sys - ok

23:05:20.0859 4292 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys

23:05:20.0859 4292 C:\Windows\System32\drivers\vwifibus.sys - ok

23:05:20.0859 4292 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys

23:05:20.0859 4292 C:\Windows\System32\drivers\i8042prt.sys - ok

23:05:20.0875 4292 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys

23:05:20.0875 4292 C:\Windows\System32\drivers\kbdclass.sys - ok

23:05:20.0875 4292 [ E63EF8C3271D014F14E2469CE75FECB4 ] C:\Windows\System32\drivers\kbfiltr.sys

23:05:20.0875 4292 C:\Windows\System32\drivers\kbfiltr.sys - ok

23:05:20.0891 4292 [ 5B042AA9CEBDAB5B61E747DDCEBFF51B ] C:\Windows\System32\drivers\ETD.sys

23:05:20.0891 4292 C:\Windows\System32\drivers\ETD.sys - ok

23:05:20.0891 4292 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys

23:05:20.0891 4292 C:\Windows\System32\drivers\mouclass.sys - ok

23:05:20.0891 4292 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys

23:05:20.0891 4292 C:\Windows\System32\drivers\CmBatt.sys - ok

23:05:20.0906 4292 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys

23:05:20.0906 4292 C:\Windows\System32\drivers\intelppm.sys - ok

23:05:20.0906 4292 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys

23:05:20.0906 4292 C:\Windows\System32\drivers\wmiacpi.sys - ok

23:05:20.0906 4292 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys

23:05:20.0906 4292 C:\Windows\System32\drivers\CompositeBus.sys - ok

23:05:20.0922 4292 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys

23:05:20.0922 4292 C:\Windows\System32\drivers\agilevpn.sys - ok

23:05:20.0922 4292 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys

23:05:20.0922 4292 C:\Windows\System32\drivers\rasl2tp.sys - ok

23:05:20.0922 4292 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys

23:05:20.0922 4292 C:\Windows\System32\drivers\ndistapi.sys - ok

23:05:20.0937 4292 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys

23:05:20.0937 4292 C:\Windows\System32\drivers\ndiswan.sys - ok

23:05:20.0937 4292 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys

23:05:20.0937 4292 C:\Windows\System32\drivers\raspppoe.sys - ok

23:05:20.0937 4292 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys

23:05:20.0937 4292 C:\Windows\System32\drivers\raspptp.sys - ok

23:05:20.0953 4292 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys

23:05:20.0953 4292 C:\Windows\System32\drivers\rassstp.sys - ok

23:05:20.0953 4292 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys

23:05:20.0953 4292 C:\Windows\System32\drivers\ks.sys - ok

23:05:20.0953 4292 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys

23:05:20.0953 4292 C:\Windows\System32\drivers\swenum.sys - ok

23:05:20.0969 4292 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] C:\Windows\System32\drivers\btath_bus.sys

23:05:20.0969 4292 C:\Windows\System32\drivers\btath_bus.sys - ok

23:05:20.0969 4292 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys

23:05:20.0969 4292 C:\Windows\System32\drivers\umbus.sys - ok

23:05:20.0969 4292 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys

23:05:20.0969 4292 C:\Windows\System32\drivers\usbhub.sys - ok

23:05:20.0984 4292 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll

23:05:20.0984 4292 C:\Windows\System32\psapi.dll - ok

23:05:20.0984 4292 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll

23:05:20.0984 4292 C:\Windows\System32\rpcrt4.dll - ok

23:05:20.0984 4292 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys

23:05:20.0984 4292 C:\Windows\System32\drivers\ndproxy.sys - ok

23:05:21.0000 4292 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys

23:05:21.0000 4292 C:\Windows\System32\drivers\drmk.sys - ok

23:05:21.0000 4292 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys

23:05:21.0000 4292 C:\Windows\System32\drivers\portcls.sys - ok

23:05:21.0000 4292 [ 3E3926F4FA7C9162C5C3EC6BF1E4F349 ] C:\Windows\System32\drivers\RTKVHD64.sys

23:05:21.0015 4292 C:\Windows\System32\drivers\RTKVHD64.sys - ok

23:05:21.0015 4292 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys

23:05:21.0015 4292 C:\Windows\System32\drivers\ksthunk.sys - ok

23:05:21.0015 4292 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys

23:05:21.0015 4292 C:\Windows\System32\drivers\IntcDAud.sys - ok

23:05:21.0031 4292 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll

23:05:21.0031 4292 C:\Windows\System32\clbcatq.dll - ok

23:05:21.0031 4292 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll

23:05:21.0031 4292 C:\Windows\System32\msvcrt.dll - ok

23:05:21.0031 4292 [ 486720DA2B3BB13D1080C83140C18B56 ] C:\Windows\System32\drivers\btfilter.sys

23:05:21.0031 4292 C:\Windows\System32\drivers\btfilter.sys - ok

23:05:21.0031 4292 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys

23:05:21.0031 4292 C:\Windows\System32\drivers\bthport.sys - ok

23:05:21.0047 4292 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS

23:05:21.0047 4292 C:\Windows\System32\drivers\BTHUSB.SYS - ok

23:05:21.0047 4292 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys

23:05:21.0047 4292 C:\Windows\System32\drivers\usbd.sys - ok

23:05:21.0047 4292 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys

23:05:21.0047 4292 C:\Windows\System32\drivers\usbccgp.sys - ok

23:05:21.0062 4292 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys

23:05:21.0062 4292 C:\Windows\System32\drivers\usbvideo.sys - ok

23:05:21.0062 4292 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll

23:05:21.0062 4292 C:\Windows\System32\imagehlp.dll - ok

23:05:21.0062 4292 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll

23:05:21.0062 4292 C:\Windows\System32\wininet.dll - ok

23:05:21.0078 4292 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll

23:05:21.0078 4292 C:\Windows\System32\nsi.dll - ok

23:05:21.0078 4292 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll

23:05:21.0078 4292 C:\Windows\System32\urlmon.dll - ok

23:05:21.0078 4292 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll

23:05:21.0093 4292 C:\Windows\System32\gdi32.dll - ok

23:05:21.0093 4292 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll

23:05:21.0093 4292 C:\Windows\System32\sechost.dll - ok

23:05:21.0093 4292 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll

23:05:21.0093 4292 C:\Windows\System32\shlwapi.dll - ok

23:05:21.0093 4292 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll

23:05:21.0109 4292 C:\Windows\System32\Wldap32.dll - ok

23:05:21.0109 4292 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll

23:05:21.0109 4292 C:\Windows\System32\difxapi.dll - ok

23:05:21.0109 4292 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll

23:05:21.0109 4292 C:\Windows\System32\normaliz.dll - ok

23:05:21.0125 4292 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll

23:05:21.0125 4292 C:\Windows\System32\kernel32.dll - ok

23:05:21.0125 4292 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll

23:05:21.0125 4292 C:\Windows\System32\usp10.dll - ok

23:05:21.0125 4292 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll

23:05:21.0125 4292 C:\Windows\System32\lpk.dll - ok

23:05:21.0125 4292 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll

23:05:21.0140 4292 C:\Windows\System32\shell32.dll - ok

23:05:21.0140 4292 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll

23:05:21.0140 4292 C:\Windows\System32\ws2_32.dll - ok

23:05:21.0140 4292 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys

23:05:21.0140 4292 C:\Windows\System32\drivers\rfcomm.sys - ok

23:05:21.0156 4292 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys

23:05:21.0156 4292 C:\Windows\System32\drivers\bthenum.sys - ok

23:05:21.0156 4292 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys

23:05:21.0156 4292 C:\Windows\System32\drivers\bthpan.sys - ok

23:05:21.0156 4292 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] C:\Windows\System32\drivers\btath_rcp.sys

23:05:21.0156 4292 C:\Windows\System32\drivers\btath_rcp.sys - ok

23:05:21.0171 4292 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys

23:05:21.0171 4292 C:\Windows\System32\drivers\hidclass.sys - ok

23:05:21.0171 4292 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys

23:05:21.0171 4292 C:\Windows\System32\drivers\hidparse.sys - ok

23:05:21.0171 4292 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll

23:05:21.0171 4292 C:\Windows\System32\oleaut32.dll - ok

23:05:21.0187 4292 [ 227C8F308DE4AF4808E587465CEAB838 ] C:\Windows\System32\drivers\btath_a2dp.sys

23:05:21.0187 4292 C:\Windows\System32\drivers\btath_a2dp.sys - ok

23:05:21.0187 4292 [ C864FF85EE16D61C2BDD5EF76824625F ] C:\Windows\System32\drivers\btath_hcrp.sys

23:05:21.0187 4292 C:\Windows\System32\drivers\btath_hcrp.sys - ok

23:05:21.0187 4292 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll

23:05:21.0187 4292 C:\Windows\System32\iertutil.dll - ok

23:05:21.0203 4292 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll

23:05:21.0203 4292 C:\Windows\System32\msctf.dll - ok

23:05:21.0203 4292 [ CBE61B4494165F458BD87E37181EE934 ] C:\Windows\System32\drivers\btath_flt.sys

23:05:21.0203 4292 C:\Windows\System32\drivers\btath_flt.sys - ok

23:05:21.0203 4292 [ 0DEA505EFB5D771826D177EF8B8A208F ] C:\Windows\System32\drivers\btath_lwflt.sys

23:05:21.0203 4292 C:\Windows\System32\drivers\btath_lwflt.sys - ok

23:05:21.0218 4292 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll

23:05:21.0218 4292 C:\Windows\System32\advapi32.dll - ok

23:05:21.0218 4292 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll

23:05:21.0218 4292 C:\Windows\System32\imm32.dll - ok

23:05:21.0218 4292 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll

23:05:21.0218 4292 C:\Windows\System32\user32.dll - ok

23:05:21.0234 4292 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll

23:05:21.0234 4292 C:\Windows\System32\ole32.dll - ok

23:05:21.0234 4292 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll

23:05:21.0234 4292 C:\Windows\System32\setupapi.dll - ok

23:05:21.0234 4292 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll

23:05:21.0234 4292 C:\Windows\System32\comdlg32.dll - ok

23:05:21.0249 4292 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll

23:05:21.0249 4292 C:\Windows\System32\crypt32.dll - ok

23:05:21.0249 4292 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll

23:05:21.0249 4292 C:\Windows\System32\cfgmgr32.dll - ok

23:05:21.0249 4292 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll

23:05:21.0249 4292 C:\Windows\System32\comctl32.dll - ok

23:05:21.0265 4292 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll

23:05:21.0265 4292 C:\Windows\System32\devobj.dll - ok

23:05:21.0265 4292 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll

23:05:21.0265 4292 C:\Windows\System32\KernelBase.dll - ok

23:05:21.0265 4292 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll

23:05:21.0265 4292 C:\Windows\System32\wintrust.dll - ok

23:05:21.0281 4292 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll

23:05:21.0281 4292 C:\Windows\System32\msasn1.dll - ok

23:05:21.0281 4292 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll

23:05:21.0281 4292 C:\Windows\SysWOW64\normaliz.dll - ok

23:05:21.0281 4292 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys

23:05:21.0281 4292 C:\Windows\System32\drivers\dxapi.sys - ok

23:05:21.0296 4292 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys

23:05:21.0296 4292 C:\Windows\System32\win32k.sys - ok

23:05:21.0296 4292 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll

23:05:21.0296 4292 C:\Windows\System32\basesrv.dll - ok

23:05:21.0296 4292 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll

23:05:21.0296 4292 C:\Windows\System32\csrsrv.dll - ok

23:05:21.0312 4292 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe

23:05:21.0312 4292 C:\Windows\System32\csrss.exe - ok

23:05:21.0312 4292 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll

23:05:21.0312 4292 C:\Windows\System32\winsrv.dll - ok

23:05:21.0312 4292 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys

23:05:21.0312 4292 C:\Windows\System32\drivers\monitor.sys - ok

23:05:21.0328 4292 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll

23:05:21.0328 4292 C:\Windows\System32\profapi.dll - ok

23:05:21.0328 4292 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll

23:05:21.0328 4292 C:\Windows\System32\sxssrv.dll - ok

23:05:21.0328 4292 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll

23:05:21.0328 4292 C:\Windows\System32\tsddd.dll - ok

23:05:21.0343 4292 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe

23:05:21.0343 4292 C:\Windows\System32\wininit.exe - ok

23:05:21.0343 4292 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll

23:05:21.0343 4292 C:\Windows\System32\cdd.dll - ok

23:05:21.0343 4292 [ EED44628940EF70EF854FDA315D913B7 ] C:\Windows\System32\KBDFI.DLL

23:05:21.0343 4292 C:\Windows\System32\KBDFI.DLL - ok

23:05:21.0359 4292 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll

23:05:21.0359 4292 C:\Windows\System32\RpcRtRemote.dll - ok

23:05:21.0359 4292 [ 5A96AFD05FBEC196D9FC531D8238F2FD ] C:\Windows\System32\KBDFI1.DLL

23:05:21.0359 4292 C:\Windows\System32\KBDFI1.DLL - ok

23:05:21.0359 4292 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL

23:05:21.0359 4292 C:\Windows\System32\KBDUS.DLL - ok

23:05:21.0374 4292 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll

23:05:21.0374 4292 C:\Windows\System32\sxs.dll - ok

23:05:21.0374 4292 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll

23:05:21.0374 4292 C:\Windows\System32\WlS0WndH.dll - ok

23:05:21.0374 4292 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll

23:05:21.0374 4292 C:\Windows\System32\cryptbase.dll - ok

23:05:21.0390 4292 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe

23:05:21.0390 4292 C:\Windows\System32\winlogon.exe - ok

23:05:21.0390 4292 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll

23:05:21.0390 4292 C:\Windows\System32\winsta.dll - ok

23:05:21.0390 4292 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll

23:05:21.0390 4292 C:\Windows\System32\apphelp.dll - ok

23:05:21.0406 4292 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll

23:05:21.0406 4292 C:\Windows\System32\lsasrv.dll - ok

23:05:21.0406 4292 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe

23:05:21.0406 4292 C:\Windows\System32\lsass.exe - ok

23:05:21.0406 4292 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe

23:05:21.0406 4292 C:\Windows\System32\lsm.exe - ok

23:05:21.0421 4292 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll

23:05:21.0421 4292 C:\Windows\System32\scext.dll - ok

23:05:21.0421 4292 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll

23:05:21.0421 4292 C:\Windows\System32\secur32.dll - ok

23:05:21.0421 4292 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe

23:05:21.0421 4292 C:\Windows\System32\services.exe - ok

23:05:21.0437 4292 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll

23:05:21.0437 4292 C:\Windows\System32\sspicli.dll - ok

23:05:21.0437 4292 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll

23:05:21.0437 4292 C:\Windows\System32\sspisrv.dll - ok

23:05:21.0437 4292 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll

23:05:21.0437 4292 C:\Windows\System32\sysntfy.dll - ok

23:05:21.0452 4292 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll

23:05:21.0452 4292 C:\Windows\System32\wmsgapi.dll - ok

23:05:21.0452 4292 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll

23:05:21.0452 4292 C:\Windows\System32\scesrv.dll - ok

23:05:21.0452 4292 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll

23:05:21.0452 4292 C:\Windows\System32\samsrv.dll - ok

23:05:21.0468 4292 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll

23:05:21.0468 4292 C:\Windows\System32\srvcli.dll - ok

23:05:21.0468 4292 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll

23:05:21.0468 4292 C:\Windows\System32\cryptdll.dll - ok

23:05:21.0468 4292 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll

23:05:21.0468 4292 C:\Windows\System32\wevtapi.dll - ok

23:05:21.0484 4292 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll

23:05:21.0484 4292 C:\Windows\System32\authz.dll - ok

23:05:21.0484 4292 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll

23:05:21.0484 4292 C:\Windows\System32\cngaudit.dll - ok

23:05:21.0484 4292 [ 9B3718651DDE8A75FC4E8D6542A250D8 ] C:\Windows\System32\ncrypt.dll

23:05:21.0484 4292 C:\Windows\System32\ncrypt.dll - ok

23:05:21.0499 4292 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll

23:05:21.0499 4292 C:\Windows\System32\bcrypt.dll - ok

23:05:21.0499 4292 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll

23:05:21.0499 4292 C:\Windows\System32\msprivs.dll - ok

23:05:21.0499 4292 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll

23:05:21.0499 4292 C:\Windows\System32\netjoin.dll - ok

23:05:21.0515 4292 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll

23:05:21.0515 4292 C:\Windows\System32\kerberos.dll - ok

23:05:21.0515 4292 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll

23:05:21.0515 4292 C:\Windows\System32\negoexts.dll - ok

23:05:21.0515 4292 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll

23:05:21.0515 4292 C:\Windows\System32\cryptsp.dll - ok

23:05:21.0530 4292 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll

23:05:21.0530 4292 C:\Windows\System32\mswsock.dll - ok

23:05:21.0530 4292 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll

23:05:21.0530 4292 C:\Windows\System32\msv1_0.dll - ok

23:05:21.0530 4292 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll

23:05:21.0530 4292 C:\Windows\System32\wship6.dll - ok

23:05:21.0546 4292 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll

23:05:21.0546 4292 C:\Windows\System32\netlogon.dll - ok

23:05:21.0546 4292 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll

23:05:21.0546 4292 C:\Windows\System32\dnsapi.dll - ok

23:05:21.0546 4292 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll

23:05:21.0546 4292 C:\Windows\System32\logoncli.dll - ok

23:05:21.0562 4292 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll

23:05:21.0562 4292 C:\Windows\System32\schannel.dll - ok

23:05:21.0562 4292 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll

23:05:21.0562 4292 C:\Windows\System32\wdigest.dll - ok

23:05:21.0562 4292 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll

23:05:21.0562 4292 C:\Windows\System32\pku2u.dll - ok

23:05:21.0577 4292 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll

23:05:21.0577 4292 C:\Windows\System32\rsaenh.dll - ok

23:05:21.0577 4292 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll

23:05:21.0577 4292 C:\Windows\System32\TSpkg.dll - ok

23:05:21.0577 4292 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL

23:05:21.0577 4292 C:\Windows\System32\LIVESSP.DLL - ok

23:05:21.0593 4292 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll

23:05:21.0593 4292 C:\Windows\System32\bcryptprimitives.dll - ok

23:05:21.0593 4292 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll

23:05:21.0593 4292 C:\Windows\System32\efslsaext.dll - ok

23:05:21.0593 4292 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll

23:05:21.0593 4292 C:\Windows\System32\credssp.dll - ok

23:05:21.0608 4292 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll

23:05:21.0608 4292 C:\Windows\System32\scecli.dll - ok

23:05:21.0608 4292 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll

23:05:21.0608 4292 C:\Windows\System32\ubpm.dll - ok

23:05:21.0608 4292 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe

23:05:21.0608 4292 C:\Windows\System32\svchost.exe - ok

23:05:21.0624 4292 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll

23:05:21.0624 4292 C:\Windows\System32\umpnpmgr.dll - ok

23:05:21.0624 4292 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll

Link to post
Share on other sites

23:05:21.0624 4292 C:\Windows\System32\devrtl.dll - ok

23:05:21.0624 4292 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll

23:05:21.0624 4292 C:\Windows\System32\SPInf.dll - ok

23:05:21.0640 4292 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll

23:05:21.0640 4292 C:\Windows\System32\gpapi.dll - ok

23:05:21.0640 4292 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll

23:05:21.0640 4292 C:\Windows\System32\pcwum.dll - ok

23:05:21.0640 4292 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll

23:05:21.0640 4292 C:\Windows\System32\umpo.dll - ok

23:05:21.0655 4292 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll

23:05:21.0655 4292 C:\Windows\System32\userenv.dll - ok

23:05:21.0655 4292 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll

23:05:21.0655 4292 C:\Windows\System32\powrprof.dll - ok

23:05:21.0655 4292 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys

23:05:21.0655 4292 C:\Windows\System32\drivers\luafv.sys - ok

23:05:21.0671 4292 [ BFE9598EBC3934CF8D876A303849C896 ] C:\Windows\System32\drivers\avgntflt.sys

23:05:21.0671 4292 C:\Windows\System32\drivers\avgntflt.sys - ok

23:05:21.0671 4292 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys

23:05:21.0671 4292 C:\Windows\System32\drivers\mbam.sys - ok

23:05:21.0671 4292 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys

23:05:21.0671 4292 C:\Windows\System32\drivers\WUDFPf.sys - ok

23:05:21.0686 4292 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] C:\Windows\System32\nvvsvc.exe

23:05:21.0686 4292 C:\Windows\System32\nvvsvc.exe - ok

23:05:21.0686 4292 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll

23:05:21.0686 4292 C:\Windows\System32\wtsapi32.dll - ok

23:05:21.0686 4292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll

23:05:21.0686 4292 C:\Windows\System32\rpcss.dll - ok

23:05:21.0702 4292 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll

23:05:21.0702 4292 C:\Windows\System32\RpcEpMap.dll - ok

23:05:21.0702 4292 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll

23:05:21.0702 4292 C:\Windows\System32\wshqos.dll - ok

23:05:21.0702 4292 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL

23:05:21.0702 4292 C:\Windows\System32\WSHTCPIP.DLL - ok

23:05:21.0718 4292 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll

23:05:21.0718 4292 C:\Windows\System32\FirewallAPI.dll - ok

23:05:21.0718 4292 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe

23:05:21.0718 4292 C:\Windows\System32\LogonUI.exe - ok

23:05:21.0718 4292 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll

23:05:21.0718 4292 C:\Windows\System32\version.dll - ok

23:05:21.0733 4292 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll

23:05:21.0733 4292 C:\Windows\System32\wevtsvc.dll - ok

23:05:21.0733 4292 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll

23:05:21.0733 4292 C:\Windows\System32\authui.dll - ok

23:05:21.0733 4292 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll

23:05:21.0733 4292 C:\Windows\System32\cryptui.dll - ok

23:05:21.0749 4292 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll

23:05:21.0749 4292 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok

23:05:21.0749 4292 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll

23:05:21.0749 4292 C:\Windows\System32\audiosrv.dll - ok

23:05:21.0749 4292 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll

23:05:21.0749 4292 C:\Windows\System32\profsvc.dll - ok

23:05:21.0764 4292 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll

23:05:21.0764 4292 C:\Windows\System32\avrt.dll - ok

23:05:21.0764 4292 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll

23:05:21.0764 4292 C:\Windows\System32\mmcss.dll - ok

23:05:21.0764 4292 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll

23:05:21.0764 4292 C:\Windows\System32\MMDevAPI.dll - ok

23:05:21.0780 4292 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll

23:05:21.0780 4292 C:\Windows\System32\propsys.dll - ok

23:05:21.0780 4292 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll

23:05:21.0780 4292 C:\Windows\System32\adtschema.dll - ok

23:05:21.0796 4292 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe

23:05:21.0796 4292 C:\Windows\System32\audiodg.exe - ok

23:05:21.0796 4292 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll

23:05:21.0796 4292 C:\Windows\System32\wlansvc.dll - ok

23:05:21.0796 4292 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll

23:05:21.0796 4292 C:\Windows\System32\ntmarta.dll - ok

23:05:21.0811 4292 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

23:05:21.0811 4292 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

23:05:21.0811 4292 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll

23:05:21.0811 4292 C:\Windows\System32\atl.dll - ok

23:05:21.0811 4292 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys

23:05:21.0811 4292 C:\Windows\System32\drivers\fltMgr.sys - ok

23:05:21.0827 4292 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll

23:05:21.0827 4292 C:\Windows\System32\gpsvc.dll - ok

23:05:21.0827 4292 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL

23:05:21.0827 4292 C:\Windows\System32\PSHED.DLL - ok

23:05:21.0827 4292 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll

23:05:21.0827 4292 C:\Windows\System32\samlib.dll - ok

23:05:21.0827 4292 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll

23:05:21.0827 4292 C:\Windows\System32\shacct.dll - ok

23:05:21.0842 4292 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll

23:05:21.0842 4292 C:\Windows\System32\themeservice.dll - ok

23:05:21.0842 4292 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

23:05:21.0842 4292 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

23:05:21.0842 4292 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll

23:05:21.0842 4292 C:\Windows\System32\dsrole.dll - ok

23:05:21.0858 4292 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll

23:05:21.0858 4292 C:\Windows\System32\es.dll - ok

23:05:21.0858 4292 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll

23:05:21.0858 4292 C:\Windows\System32\nlaapi.dll - ok

23:05:21.0858 4292 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll

23:05:21.0858 4292 C:\Windows\System32\slc.dll - ok

23:05:21.0874 4292 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll

23:05:21.0874 4292 C:\Windows\System32\uxtheme.dll - ok

23:05:21.0874 4292 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll

23:05:21.0874 4292 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok

23:05:21.0889 4292 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll

23:05:21.0889 4292 C:\Windows\System32\comres.dll - ok

23:05:21.0889 4292 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll

23:05:21.0889 4292 C:\Windows\System32\Sens.dll - ok

23:05:21.0889 4292 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll

23:05:21.0889 4292 C:\Windows\System32\uxsms.dll - ok

23:05:21.0889 4292 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll

23:05:21.0905 4292 C:\Windows\System32\WUDFPlatform.dll - ok

23:05:21.0905 4292 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll

23:05:21.0905 4292 C:\Windows\System32\WUDFSvc.dll - ok

23:05:21.0905 4292 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys

23:05:21.0905 4292 C:\Windows\System32\drivers\lltdio.sys - ok

23:05:21.0920 4292 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys

23:05:21.0920 4292 C:\Windows\System32\drivers\nwifi.sys - ok

23:05:21.0920 4292 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys

23:05:21.0920 4292 C:\Windows\System32\drivers\ndisuio.sys - ok

23:05:21.0920 4292 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys

23:05:21.0920 4292 C:\Windows\System32\drivers\rspndr.sys - ok

23:05:21.0936 4292 [ B355581A9DA34C92E2DBAFA410D2F829 ] C:\Windows\System32\drivers\TurboB.sys

23:05:21.0936 4292 C:\Windows\System32\drivers\TurboB.sys - ok

23:05:21.0936 4292 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll

23:05:21.0936 4292 C:\Windows\System32\dui70.dll - ok

23:05:21.0936 4292 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll

23:05:21.0936 4292 C:\Windows\System32\duser.dll - ok

23:05:21.0952 4292 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv

23:05:21.0952 4292 C:\Windows\System32\wdmaud.drv - ok

23:05:21.0952 4292 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll

23:05:21.0952 4292 C:\Windows\System32\winmm.dll - ok

23:05:21.0952 4292 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll

23:05:21.0952 4292 C:\Windows\System32\ksuser.dll - ok

23:05:21.0967 4292 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll

23:05:21.0967 4292 C:\Windows\System32\SndVolSSO.dll - ok

23:05:21.0967 4292 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll

23:05:21.0967 4292 C:\Windows\System32\hid.dll - ok

23:05:21.0967 4292 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL

23:05:21.0967 4292 C:\Windows\System32\IPHLPAPI.DLL - ok

23:05:21.0983 4292 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll

23:05:21.0983 4292 C:\Windows\System32\lmhsvc.dll - ok

23:05:21.0983 4292 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll

23:05:21.0983 4292 C:\Windows\System32\nsisvc.dll - ok

23:05:21.0983 4292 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll

23:05:21.0983 4292 C:\Windows\System32\winnsi.dll - ok

23:05:21.0998 4292 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll

23:05:21.0998 4292 C:\Windows\System32\dhcpcore.dll - ok

23:05:21.0998 4292 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll

23:05:21.0998 4292 C:\Windows\System32\nrpsrv.dll - ok

23:05:21.0998 4292 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll

23:05:21.0998 4292 C:\Windows\System32\dhcpcore6.dll - ok

23:05:22.0014 4292 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll

23:05:22.0014 4292 C:\Windows\System32\dnsrslvr.dll - ok

23:05:22.0014 4292 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll

23:05:22.0014 4292 C:\Windows\System32\dwmapi.dll - ok

23:05:22.0014 4292 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll

23:05:22.0014 4292 C:\Windows\System32\eapphost.dll - ok

23:05:22.0030 4292 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll

23:05:22.0030 4292 C:\Windows\System32\eapsvc.dll - ok

23:05:22.0030 4292 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL

23:05:22.0030 4292 C:\Windows\System32\FWPUCLNT.DLL - ok

23:05:22.0030 4292 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll

23:05:22.0030 4292 C:\Windows\System32\keyiso.dll - ok

23:05:22.0045 4292 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll

23:05:22.0045 4292 C:\Windows\System32\xmllite.dll - ok

23:05:22.0045 4292 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll

23:05:22.0045 4292 C:\Windows\System32\AudioSes.dll - ok

23:05:22.0045 4292 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll

23:05:22.0045 4292 C:\Windows\System32\dnsext.dll - ok

23:05:22.0061 4292 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll

23:05:22.0061 4292 C:\Windows\System32\msacm32.dll - ok

23:05:22.0061 4292 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv

23:05:22.0061 4292 C:\Windows\System32\msacm32.drv - ok

23:05:22.0061 4292 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll

23:05:22.0061 4292 C:\Windows\System32\dhcpcsvc.dll - ok

23:05:22.0076 4292 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll

23:05:22.0076 4292 C:\Windows\System32\dhcpcsvc6.dll - ok

23:05:22.0076 4292 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll

23:05:22.0076 4292 C:\Windows\System32\midimap.dll - ok

23:05:22.0076 4292 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll

23:05:22.0076 4292 C:\Windows\System32\umb.dll - ok

23:05:22.0092 4292 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll

23:05:22.0092 4292 C:\Windows\System32\wlanmsm.dll - ok

23:05:22.0092 4292 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll

23:05:22.0092 4292 C:\Windows\System32\AudioEng.dll - ok

23:05:22.0092 4292 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll

23:05:22.0092 4292 C:\Windows\System32\wlansec.dll - ok

23:05:22.0108 4292 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll

23:05:22.0108 4292 C:\Windows\System32\WindowsCodecs.dll - ok

23:05:22.0108 4292 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll

23:05:22.0108 4292 C:\Windows\System32\AUDIOKSE.dll - ok

23:05:22.0108 4292 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll

23:05:22.0108 4292 C:\Windows\System32\onex.dll - ok

23:05:22.0123 4292 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll

23:05:22.0123 4292 C:\Windows\System32\eappcfg.dll - ok

23:05:22.0123 4292 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll

23:05:22.0123 4292 C:\Windows\System32\eappprxy.dll - ok

23:05:22.0123 4292 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll

23:05:22.0123 4292 C:\Windows\System32\l2gpstore.dll - ok

23:05:22.0139 4292 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll

23:05:22.0139 4292 C:\Windows\System32\WinSCard.dll - ok

23:05:22.0139 4292 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll

23:05:22.0139 4292 C:\Windows\System32\wlanutil.dll - ok

23:05:22.0139 4292 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll

23:05:22.0139 4292 C:\Windows\System32\wlgpclnt.dll - ok

23:05:22.0154 4292 [ AB7219DEBE7FFAAB3D7B30923DA9C014 ] C:\Windows\System32\RtkAPO64.dll

23:05:22.0154 4292 C:\Windows\System32\RtkAPO64.dll - ok

23:05:22.0154 4292 [ 0DD5E2549322A029BEAFCD99A7465F8B ] C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll

23:05:22.0154 4292 C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll - ok

23:05:22.0154 4292 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll

23:05:22.0154 4292 C:\Windows\System32\winbrand.dll - ok

23:05:22.0170 4292 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll

23:05:22.0170 4292 C:\Windows\System32\msxml6.dll - ok

23:05:22.0170 4292 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll

23:05:22.0170 4292 C:\Windows\System32\netapi32.dll - ok

23:05:22.0170 4292 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll

23:05:22.0170 4292 C:\Windows\System32\netutils.dll - ok

23:05:22.0186 4292 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll

23:05:22.0186 4292 C:\Windows\System32\samcli.dll - ok

23:05:22.0186 4292 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll

23:05:22.0186 4292 C:\Windows\System32\VaultCredProvider.dll - ok

23:05:22.0186 4292 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll

23:05:22.0186 4292 C:\Windows\System32\wkscli.dll - ok

23:05:22.0201 4292 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll

23:05:22.0201 4292 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

23:05:22.0201 4292 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll

23:05:22.0201 4292 C:\Windows\System32\BioCredProv.dll - ok

23:05:22.0201 4292 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll

23:05:22.0201 4292 C:\Windows\System32\winbio.dll - ok

23:05:22.0217 4292 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll

23:05:22.0217 4292 C:\Windows\System32\credui.dll - ok

23:05:22.0217 4292 [ 079CBA3C5C9AB11B2B4E6BD729A860F2 ] C:\Windows\System32\FBAgent.exe

23:05:22.0217 4292 C:\Windows\System32\FBAgent.exe - ok

23:05:22.0217 4292 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll

23:05:22.0217 4292 C:\Windows\System32\msi.dll - ok

23:05:22.0232 4292 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll

23:05:22.0232 4292 C:\Windows\System32\netcfgx.dll - ok

23:05:22.0232 4292 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll

23:05:22.0232 4292 C:\Windows\System32\vaultcli.dll - ok

23:05:22.0232 4292 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll

23:05:22.0232 4292 C:\Windows\System32\certCredProvider.dll - ok

23:05:22.0248 4292 [ D1DF74B41B2B0D76B832972D07CCACD6 ] C:\Windows\System32\SFAPO64.dll

23:05:22.0248 4292 C:\Windows\System32\SFAPO64.dll - ok

23:05:22.0248 4292 [ 24827B761D21FCEC4114EEC1320483F9 ] C:\Windows\System32\SFCOM64.dll

23:05:22.0248 4292 C:\Windows\System32\SFCOM64.dll - ok

23:05:22.0248 4292 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL

23:05:22.0248 4292 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok

23:05:22.0264 4292 [ AFF64AE0550FFD82DB4B6D0D913FB652 ] C:\Windows\System32\SFNHK64.dll

23:05:22.0264 4292 C:\Windows\System32\SFNHK64.dll - ok

23:05:22.0264 4292 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll

23:05:22.0264 4292 C:\Windows\System32\WMALFXGFXDSP.dll - ok

23:05:22.0264 4292 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll

23:05:22.0264 4292 C:\Windows\System32\rasplap.dll - ok

23:05:22.0279 4292 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll

23:05:22.0279 4292 C:\Windows\System32\rasapi32.dll - ok

23:05:22.0279 4292 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll

23:05:22.0279 4292 C:\Windows\System32\rasman.dll - ok

23:05:22.0279 4292 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll

23:05:22.0279 4292 C:\Windows\System32\mfplat.dll - ok

23:05:22.0295 4292 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll

23:05:22.0295 4292 C:\Windows\System32\rtutils.dll - ok

23:05:22.0295 4292 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll

23:05:22.0295 4292 C:\Windows\System32\UXInit.dll - ok

23:05:22.0295 4292 [ DF3E3167B03804F32AD274C33F77B308 ] C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

23:05:22.0295 4292 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe - ok

23:05:22.0310 4292 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll

23:05:22.0310 4292 C:\Windows\System32\oleacc.dll - ok

23:05:22.0310 4292 [ 4CE5C4F80620D6DBBB054003EAD71F95 ] C:\Windows\System32\nvsvc64.dll

23:05:22.0310 4292 C:\Windows\System32\nvsvc64.dll - ok

23:05:22.0310 4292 [ 11205381BBBF98F0CA1C672056808B8F ] C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll

23:05:22.0310 4292 C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll - ok

23:05:22.0326 4292 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll

23:05:22.0326 4292 C:\Windows\System32\UIAutomationCore.dll - ok

23:05:22.0326 4292 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll

23:05:22.0326 4292 C:\Windows\System32\msimg32.dll - ok

23:05:22.0342 4292 [ DC893FAB5E18E383DC7147F37C8C0CA2 ] C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe

23:05:22.0342 4292 C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - ok

23:05:22.0342 4292 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll

23:05:22.0342 4292 C:\Windows\SysWOW64\ntdll.dll - ok

23:05:22.0342 4292 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll

23:05:22.0342 4292 C:\Windows\System32\imageres.dll - ok

23:05:22.0357 4292 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll

23:05:22.0357 4292 C:\Windows\System32\wow64.dll - ok

23:05:22.0357 4292 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll

23:05:22.0357 4292 C:\Windows\System32\wow64cpu.dll - ok

23:05:22.0357 4292 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll

23:05:22.0357 4292 C:\Windows\System32\wow64win.dll - ok

23:05:22.0357 4292 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll

23:05:22.0357 4292 C:\Windows\SysWOW64\kernel32.dll - ok

23:05:22.0373 4292 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll

23:05:22.0373 4292 C:\Windows\SysWOW64\KernelBase.dll - ok

23:05:22.0373 4292 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll

23:05:22.0373 4292 C:\Windows\SysWOW64\user32.dll - ok

23:05:22.0373 4292 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll

23:05:22.0373 4292 C:\Windows\SysWOW64\gdi32.dll - ok

23:05:22.0388 4292 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll

23:05:22.0388 4292 C:\Windows\SysWOW64\lpk.dll - ok

23:05:22.0388 4292 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll

23:05:22.0388 4292 C:\Windows\SysWOW64\usp10.dll - ok

23:05:22.0388 4292 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll

23:05:22.0388 4292 C:\Windows\System32\pdh.dll - ok

23:05:22.0404 4292 [ 18E5C2F937F9DEB8C282DF66A3761925 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

23:05:22.0404 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe - ok

23:05:22.0404 4292 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll

23:05:22.0404 4292 C:\Windows\SysWOW64\wtsapi32.dll - ok

23:05:22.0404 4292 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll

23:05:22.0404 4292 C:\Windows\SysWOW64\msvcrt.dll - ok

23:05:22.0420 4292 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll

23:05:22.0420 4292 C:\Windows\SysWOW64\advapi32.dll - ok

23:05:22.0420 4292 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll

23:05:22.0420 4292 C:\Windows\SysWOW64\rpcrt4.dll - ok

23:05:22.0420 4292 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll

23:05:22.0420 4292 C:\Windows\SysWOW64\userenv.dll - ok

23:05:22.0435 4292 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll

23:05:22.0435 4292 C:\Windows\SysWOW64\comdlg32.dll - ok

23:05:22.0435 4292 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll

23:05:22.0435 4292 C:\Windows\SysWOW64\cryptbase.dll - ok

23:05:22.0451 4292 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll

23:05:22.0451 4292 C:\Windows\SysWOW64\msimg32.dll - ok

23:05:22.0451 4292 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll

23:05:22.0451 4292 C:\Windows\SysWOW64\profapi.dll - ok

23:05:22.0451 4292 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll

23:05:22.0451 4292 C:\Windows\SysWOW64\sechost.dll - ok

23:05:22.0466 4292 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll

23:05:22.0466 4292 C:\Windows\SysWOW64\sspicli.dll - ok

23:05:22.0466 4292 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll

23:05:22.0466 4292 C:\Windows\SysWOW64\imm32.dll - ok

23:05:22.0466 4292 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll

23:05:22.0466 4292 C:\Windows\SysWOW64\msctf.dll - ok

23:05:22.0482 4292 [ C205B0FF13FEBFB34312444DBCECE379 ] C:\Windows\SysWOW64\nvinit.dll

23:05:22.0482 4292 C:\Windows\SysWOW64\nvinit.dll - ok

23:05:22.0482 4292 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll

23:05:22.0482 4292 C:\Windows\SysWOW64\shlwapi.dll - ok

23:05:22.0482 4292 [ 4C016FD76ED5C05E84CA8CAB77993961 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

23:05:22.0482 4292 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - ok

23:05:22.0498 4292 [ 7910158929571214A959D5A6D16DD9C0 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

23:05:22.0498 4292 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - ok

23:05:22.0498 4292 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll

23:05:22.0498 4292 C:\Windows\SysWOW64\winsta.dll - ok

23:05:22.0498 4292 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll

23:05:22.0498 4292 C:\Windows\System32\shsvcs.dll - ok

23:05:22.0513 4292 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll

23:05:22.0513 4292 C:\Windows\System32\schedsvc.dll - ok

23:05:22.0513 4292 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll

23:05:22.0513 4292 C:\Windows\System32\ktmw32.dll - ok

23:05:22.0513 4292 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll

23:05:22.0513 4292 C:\Windows\System32\fveapi.dll - ok

23:05:22.0529 4292 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll

23:05:22.0529 4292 C:\Windows\System32\fvecerts.dll - ok

23:05:22.0529 4292 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll

23:05:22.0529 4292 C:\Windows\System32\tbs.dll - ok

23:05:22.0529 4292 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll

23:05:22.0529 4292 C:\Windows\System32\taskcomp.dll - ok

23:05:22.0544 4292 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll

23:05:22.0544 4292 C:\Windows\System32\wiarpc.dll - ok

23:05:22.0544 4292 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys

23:05:22.0544 4292 C:\Windows\System32\drivers\http.sys - ok

23:05:22.0544 4292 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe

23:05:22.0544 4292 C:\Windows\System32\spoolsv.exe - ok

23:05:22.0560 4292 [ D89562A6AE8E07A457452E5B5560EB43 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

23:05:22.0560 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe - ok

23:05:22.0560 4292 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\SysWOW64\msvcp100.dll

23:05:22.0560 4292 C:\Windows\SysWOW64\msvcp100.dll - ok

23:05:22.0560 4292 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll

23:05:22.0560 4292 C:\Windows\SysWOW64\msvcr100.dll - ok

23:05:22.0576 4292 [ 6EC65C9134D01878EA83F68D0152F58C ] C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll

23:05:22.0576 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll - ok

23:05:22.0576 4292 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll

23:05:22.0576 4292 C:\Windows\SysWOW64\shell32.dll - ok

23:05:22.0576 4292 [ 9E7B939404E46D25B7BCCE9E54B9B8D8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll

23:05:22.0576 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll - ok

23:05:22.0591 4292 [ 39B8DC5494F1BC4EB6DA7135A223C3F9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll

23:05:22.0591 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll - ok

23:05:22.0591 4292 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL

23:05:22.0591 4292 C:\Windows\System32\BFE.DLL - ok

23:05:22.0607 4292 [ 8E532E1D3E9B7F511B3B87756576EAC2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll

23:05:22.0607 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll - ok

23:05:22.0607 4292 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll

23:05:22.0607 4292 C:\Windows\SysWOW64\mpr.dll - ok

23:05:22.0607 4292 [ 82C97C0835EDA73693639DEE5FF73551 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll

23:05:22.0607 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll - ok

23:05:22.0622 4292 [ 4D5264F9650D87D566490DD4204FC2F1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll

23:05:22.0622 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll - ok

23:05:22.0622 4292 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL

23:05:22.0622 4292 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok

23:05:22.0622 4292 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll

23:05:22.0622 4292 C:\Windows\SysWOW64\nsi.dll - ok

23:05:22.0638 4292 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll

23:05:22.0638 4292 C:\Windows\SysWOW64\rasapi32.dll - ok

23:05:22.0638 4292 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll

23:05:22.0638 4292 C:\Windows\SysWOW64\version.dll - ok

23:05:22.0638 4292 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll

23:05:22.0638 4292 C:\Windows\SysWOW64\winnsi.dll - ok

23:05:22.0654 4292 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll

23:05:22.0654 4292 C:\Windows\SysWOW64\rasman.dll - ok

23:05:22.0654 4292 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll

23:05:22.0654 4292 C:\Windows\SysWOW64\ws2_32.dll - ok

23:05:22.0654 4292 [ ECE0DE598297D3814E9891FC49D5BD59 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll

23:05:22.0654 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll - ok

23:05:22.0669 4292 [ C725A69DB7E462FB0F2E84E3B7E83C4C ] C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll

23:05:22.0669 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll - ok

23:05:22.0669 4292 [ D920BBCBBECFF1081871E84826ADA2C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

23:05:22.0669 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll - ok

23:05:22.0669 4292 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys

23:05:22.0669 4292 C:\Windows\System32\drivers\bowser.sys - ok

23:05:22.0685 4292 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys

23:05:22.0685 4292 C:\Windows\System32\drivers\mpsdrv.sys - ok

23:05:22.0685 4292 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll

23:05:22.0685 4292 C:\Windows\System32\MPSSVC.dll - ok

23:05:22.0685 4292 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys

23:05:22.0685 4292 C:\Windows\System32\drivers\mrxsmb.sys - ok

23:05:22.0700 4292 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys

23:05:22.0700 4292 C:\Windows\System32\drivers\mrxsmb10.sys - ok

23:05:22.0700 4292 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys

23:05:22.0700 4292 C:\Windows\System32\drivers\mrxsmb20.sys - ok

23:05:22.0700 4292 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll

23:05:22.0700 4292 C:\Windows\SysWOW64\cfgmgr32.dll - ok

23:05:22.0716 4292 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll

23:05:22.0716 4292 C:\Windows\System32\wkssvc.dll - ok

23:05:22.0716 4292 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll

23:05:22.0716 4292 C:\Windows\SysWOW64\rtutils.dll - ok

23:05:22.0716 4292 [ E953EB70B3C4F0BA108C35D45420B86B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

23:05:22.0716 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe - ok

23:05:22.0732 4292 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll

23:05:22.0732 4292 C:\Windows\System32\wfapigp.dll - ok

23:05:22.0732 4292 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll

23:05:22.0732 4292 C:\Windows\System32\mscms.dll - ok

23:05:22.0732 4292 [ 749FF240DEDAFAFF94288E0307104DF3 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe

23:05:22.0732 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe - ok

23:05:22.0747 4292 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl

23:05:22.0747 4292 C:\Windows\System32\bthprops.cpl - ok

23:05:22.0747 4292 [ F04DF4C91F03A7DAAB3CC4B061F5F8A5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll

23:05:22.0747 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll - ok

23:05:22.0747 4292 [ AF2292ABEB5466D48EF8BFA7992A50AE ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll

23:05:22.0747 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll - ok

23:05:22.0763 4292 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll

23:05:22.0763 4292 C:\Windows\SysWOW64\ole32.dll - ok

23:05:22.0763 4292 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll

23:05:22.0763 4292 C:\Windows\System32\pcasvc.dll - ok

23:05:22.0763 4292 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe

23:05:22.0763 4292 C:\Windows\System32\snmptrap.exe - ok

23:05:22.0778 4292 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll

23:05:22.0778 4292 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok

23:05:22.0778 4292 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll

23:05:22.0778 4292 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok

23:05:22.0794 4292 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll

23:05:22.0794 4292 C:\Windows\System32\provsvc.dll - ok

23:05:22.0794 4292 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll

23:05:22.0794 4292 C:\Windows\System32\sstpsvc.dll - ok

23:05:22.0794 4292 [ 40965B72A0A33DDB8423B85F93E4C136 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll

23:05:22.0794 4292 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok

23:05:22.0810 4292 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll

23:05:22.0810 4292 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok

23:05:22.0810 4292 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll

23:05:22.0810 4292 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok

23:05:22.0825 4292 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv

23:05:22.0825 4292 C:\Windows\System32\winspool.drv - ok

23:05:22.0825 4292 [ C946428303FDBD85D6F17C9F104938D7 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll

23:05:22.0825 4292 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok

23:05:22.0825 4292 [ EA42F79A76F4795E0930FB1E9FFFA5CF ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8444db7d32915e4c\mfc80u.dll

23:05:22.0825 4292 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8444db7d32915e4c\mfc80u.dll - ok

23:05:22.0841 4292 [ 47B8B745BFE0A0CB70120C8D08E2492F ] C:\Windows\System32\nvumdshimx.dll

23:05:22.0841 4292 C:\Windows\System32\nvumdshimx.dll - ok

23:05:22.0841 4292 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll

23:05:22.0841 4292 C:\Windows\System32\cryptsvc.dll - ok

23:05:22.0841 4292 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

23:05:22.0841 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok

23:05:22.0856 4292 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll

23:05:22.0856 4292 C:\Windows\System32\dps.dll - ok

23:05:22.0856 4292 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll

23:05:22.0856 4292 C:\Windows\System32\taskschd.dll - ok

23:05:22.0856 4292 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll

23:05:22.0856 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok

23:05:22.0872 4292 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll

23:05:22.0872 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok

23:05:22.0872 4292 [ E6E9DC01812ABA16DBAE5EFA4EF63E57 ] C:\Windows\System32\nvapi64.dll

23:05:22.0872 4292 C:\Windows\System32\nvapi64.dll - ok

23:05:22.0872 4292 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll

23:05:22.0872 4292 C:\Windows\System32\cryptnet.dll - ok

23:05:22.0888 4292 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll

23:05:22.0888 4292 C:\Windows\System32\vssapi.dll - ok

23:05:22.0888 4292 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll

23:05:22.0888 4292 C:\Windows\System32\vsstrace.dll - ok

23:05:22.0888 4292 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll

23:05:22.0888 4292 C:\Windows\SysWOW64\crypt32.dll - ok

23:05:22.0903 4292 [ C765A8406048E3094501ED8F17BFA4D6 ] C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll

23:05:22.0903 4292 C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll - ok

23:05:22.0903 4292 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll

23:05:22.0903 4292 C:\Windows\SysWOW64\msasn1.dll - ok

23:05:22.0903 4292 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

23:05:22.0903 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok

23:05:22.0919 4292 [ 3B3DE5C189F896A7961A12BA74851BCB ] C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll

23:05:22.0919 4292 C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll - ok

23:05:22.0919 4292 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll

23:05:22.0919 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok

23:05:22.0919 4292 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll

23:05:22.0919 4292 C:\Windows\SysWOW64\psapi.dll - ok

23:05:22.0934 4292 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll

23:05:22.0934 4292 C:\Windows\SysWOW64\wintrust.dll - ok

23:05:22.0934 4292 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys

23:05:22.0934 4292 C:\Windows\System32\drivers\PEAuth.sys - ok

23:05:22.0934 4292 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll

23:05:22.0934 4292 C:\Windows\System32\ncsi.dll - ok

23:05:22.0950 4292 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll

23:05:22.0950 4292 C:\Windows\System32\nlasvc.dll - ok

23:05:22.0950 4292 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll

23:05:22.0950 4292 C:\Windows\System32\netman.dll - ok

23:05:22.0950 4292 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll

23:05:22.0950 4292 C:\Windows\System32\aepic.dll - ok

23:05:22.0966 4292 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll

23:05:22.0966 4292 C:\Windows\System32\sfc.dll - ok

23:05:22.0966 4292 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll

23:05:22.0966 4292 C:\Windows\System32\sfc_os.dll - ok

23:05:22.0966 4292 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll

23:05:22.0966 4292 C:\Windows\System32\winhttp.dll - ok

23:05:22.0981 4292 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys

23:05:22.0981 4292 C:\Windows\System32\drivers\secdrv.sys - ok

23:05:22.0981 4292 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys

23:05:22.0981 4292 C:\Windows\System32\drivers\srvnet.sys - ok

23:05:22.0981 4292 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll

23:05:22.0981 4292 C:\Windows\System32\httpapi.dll - ok

23:05:22.0997 4292 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll

23:05:22.0997 4292 C:\Windows\System32\sysmain.dll - ok

23:05:22.0997 4292 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll

23:05:22.0997 4292 C:\Windows\System32\webio.dll - ok

23:05:22.0997 4292 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll

23:05:22.0997 4292 C:\Windows\System32\seclogon.dll - ok

23:05:23.0012 4292 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys

23:05:23.0012 4292 C:\Windows\System32\drivers\tcpipreg.sys - ok

23:05:23.0012 4292 [ D7CA52F89A7F4520610FF3682F0E42EE ] C:\Windows\System32\nvsvcr.dll

23:05:23.0012 4292 C:\Windows\System32\nvsvcr.dll - ok

23:05:23.0012 4292 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll

23:05:23.0012 4292 C:\Windows\System32\tapisrv.dll - ok

23:05:23.0028 4292 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll

23:05:23.0028 4292 C:\Windows\System32\ssdpapi.dll - ok

23:05:23.0028 4292 [ 6564E84B1522C12EA1C3A181ED03276F ] C:\Program Files\Intel\TurboBoost\TurboBoost.exe

23:05:23.0028 4292 C:\Program Files\Intel\TurboBoost\TurboBoost.exe - ok

23:05:23.0028 4292 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll

23:05:23.0028 4292 C:\Windows\System32\trkwks.dll - ok

23:05:23.0044 4292 [ 45E475FA46D8F04A682EB5EED5476E08 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_9aefdaaa829eb818\ATL90.dll

23:05:23.0044 4292 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_9aefdaaa829eb818\ATL90.dll - ok

23:05:23.0044 4292 [ BE165318E0052A91F7EA36F515B5F2B1 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll

23:05:23.0044 4292 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok

23:05:23.0059 4292 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll

23:05:23.0059 4292 C:\Windows\System32\aeevts.dll - ok

23:05:23.0059 4292 [ 0D7BE936A44E6B70F822D272A5CEBC22 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll

23:05:23.0059 4292 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok

23:05:23.0059 4292 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

23:05:23.0059 4292 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok

23:05:23.0075 4292 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll

23:05:23.0075 4292 C:\Windows\System32\wbem\WMIsvc.dll - ok

23:05:23.0075 4292 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll

23:05:23.0075 4292 C:\Windows\System32\wbemcomn.dll - ok

23:05:23.0075 4292 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll

23:05:23.0075 4292 C:\Windows\System32\wbem\WinMgmtR.dll - ok

23:05:23.0090 4292 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll

23:05:23.0090 4292 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

23:05:23.0090 4292 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll

23:05:23.0090 4292 C:\Windows\System32\wbem\fastprox.dll - ok

23:05:23.0090 4292 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll

23:05:23.0090 4292 C:\Windows\SysWOW64\netapi32.dll - ok

23:05:23.0106 4292 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll

23:05:23.0106 4292 C:\Windows\SysWOW64\netutils.dll - ok

23:05:23.0106 4292 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll

23:05:23.0106 4292 C:\Windows\SysWOW64\oleaut32.dll - ok

23:05:23.0106 4292 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll

23:05:23.0106 4292 C:\Windows\SysWOW64\srvcli.dll - ok

23:05:23.0122 4292 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll

23:05:23.0122 4292 C:\Windows\SysWOW64\logoncli.dll - ok

23:05:23.0122 4292 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll

23:05:23.0122 4292 C:\Windows\SysWOW64\wkscli.dll - ok

23:05:23.0122 4292 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL

23:05:23.0122 4292 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok

23:05:23.0137 4292 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll

23:05:23.0137 4292 C:\Windows\System32\SensApi.dll - ok

23:05:23.0137 4292 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll

23:05:23.0137 4292 C:\Windows\SysWOW64\activeds.dll - ok

23:05:23.0137 4292 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll

23:05:23.0137 4292 C:\Windows\SysWOW64\browcli.dll - ok

23:05:23.0153 4292 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll

23:05:23.0153 4292 C:\Windows\System32\wer.dll - ok

23:05:23.0153 4292 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll

23:05:23.0153 4292 C:\Windows\SysWOW64\adsldpc.dll - ok

23:05:23.0153 4292 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll

23:05:23.0153 4292 C:\Windows\SysWOW64\atl.dll - ok

23:05:23.0168 4292 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll

23:05:23.0168 4292 C:\Windows\SysWOW64\Wldap32.dll - ok

23:05:23.0168 4292 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll

23:05:23.0168 4292 C:\Windows\System32\iphlpsvc.dll - ok

23:05:23.0168 4292 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys

23:05:23.0168 4292 C:\Windows\System32\drivers\srv2.sys - ok

23:05:23.0184 4292 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll

23:05:23.0184 4292 C:\Windows\System32\sqmapi.dll - ok

23:05:23.0184 4292 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll

23:05:23.0184 4292 C:\Windows\System32\ntdsapi.dll - ok

23:05:23.0184 4292 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll

23:05:23.0184 4292 C:\Windows\System32\wbem\wbemprox.dll - ok

23:05:23.0200 4292 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys

23:05:23.0200 4292 C:\Windows\System32\drivers\srv.sys - ok

23:05:23.0200 4292 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll

23:05:23.0200 4292 C:\Windows\System32\wdscore.dll - ok

23:05:23.0200 4292 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll

23:05:23.0200 4292 C:\Windows\System32\rasmans.dll - ok

23:05:23.0215 4292 [ 20A3E587A21A285CBBE060BC3ABEDFA1 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

23:05:23.0215 4292 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok

23:05:23.0215 4292 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll

23:05:23.0215 4292 C:\Windows\System32\msxml3.dll - ok

23:05:23.0215 4292 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll

23:05:23.0215 4292 C:\Windows\System32\rastapi.dll - ok

23:05:23.0231 4292 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll

23:05:23.0231 4292 C:\Windows\System32\tapi32.dll - ok

23:05:23.0231 4292 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

23:05:23.0231 4292 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok

23:05:23.0231 4292 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll

23:05:23.0231 4292 C:\Windows\System32\browser.dll - ok

23:05:23.0246 4292 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll

23:05:23.0246 4292 C:\Windows\System32\srvsvc.dll - ok

23:05:23.0246 4292 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll

23:05:23.0246 4292 C:\Windows\System32\nci.dll - ok

23:05:23.0246 4292 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll

23:05:23.0246 4292 C:\Windows\System32\netmsg.dll - ok

23:05:23.0262 4292 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll

23:05:23.0262 4292 C:\Windows\System32\hnetcfg.dll - ok

23:05:23.0262 4292 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll

23:05:23.0262 4292 C:\Windows\System32\sscore.dll - ok

23:05:23.0262 4292 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll

23:05:23.0262 4292 C:\Windows\System32\netprofm.dll - ok

23:05:23.0278 4292 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp

23:05:23.0278 4292 C:\Windows\System32\unimdm.tsp - ok

23:05:23.0278 4292 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll

23:05:23.0278 4292 C:\Windows\System32\clusapi.dll - ok

23:05:23.0278 4292 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll

23:05:23.0278 4292 C:\Windows\System32\resutils.dll - ok

23:05:23.0293 4292 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll

23:05:23.0293 4292 C:\Windows\System32\wbem\wbemcore.dll - ok

23:05:23.0293 4292 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll

23:05:23.0293 4292 C:\Windows\System32\uniplat.dll - ok

23:05:23.0293 4292 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll

23:05:23.0293 4292 C:\Windows\System32\wbem\esscli.dll - ok

23:05:23.0309 4292 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp

23:05:23.0309 4292 C:\Windows\System32\kmddsp.tsp - ok

23:05:23.0309 4292 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp

23:05:23.0309 4292 C:\Windows\System32\ndptsp.tsp - ok

23:05:23.0309 4292 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll

23:05:23.0309 4292 C:\Windows\System32\wbem\wbemsvc.dll - ok

23:05:23.0324 4292 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll

23:05:23.0324 4292 C:\Windows\System32\wbem\repdrvfs.dll - ok

23:05:23.0324 4292 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll

23:05:23.0324 4292 C:\Windows\System32\wbem\wmiutils.dll - ok

23:05:23.0324 4292 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp

23:05:23.0324 4292 C:\Windows\System32\hidphone.tsp - ok

23:05:23.0340 4292 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

23:05:23.0340 4292 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok

23:05:23.0340 4292 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll

23:05:23.0340 4292 C:\Windows\System32\rasadhlp.dll - ok

23:05:23.0356 4292 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll

23:05:23.0356 4292 C:\Windows\System32\rasppp.dll - ok

23:05:23.0356 4292 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll

23:05:23.0356 4292 C:\Windows\System32\vpnike.dll - ok

23:05:23.0356 4292 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll

23:05:23.0356 4292 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

23:05:23.0371 4292 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll

23:05:23.0371 4292 C:\Windows\System32\ncobjapi.dll - ok

23:05:23.0371 4292 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll

23:05:23.0371 4292 C:\Windows\System32\raschap.dll - ok

23:05:23.0371 4292 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll

23:05:23.0371 4292 C:\Windows\System32\wbem\wbemess.dll - ok

23:05:23.0387 4292 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll

23:05:23.0387 4292 C:\Windows\System32\ipnathlp.dll - ok

23:05:23.0387 4292 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

23:05:23.0387 4292 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok

23:05:23.0387 4292 [ 49E836F597F13803D6AD27C1ADA56198 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll

23:05:23.0387 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll - ok

23:05:23.0402 4292 [ DC5F2903158E3B1F0DFE0EEBB4501997 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll

23:05:23.0402 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll - ok

23:05:23.0402 4292 [ AE886E90CE0DE063DAA747B351F41C91 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll

23:05:23.0402 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll - ok

23:05:23.0402 4292 [ 8F9F50F3810672AC36503B72A0B1808A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll

23:05:23.0402 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll - ok

23:05:23.0418 4292 [ 4382BE35AEED19E6F7797347333EE988 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll

23:05:23.0418 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll - ok

23:05:23.0418 4292 [ 4922409BDB159C5E5CA0F8F3703B059A ] C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll

23:05:23.0418 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll - ok

23:05:23.0418 4292 [ 29D717B151303045830E72B53FEFE73E ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll

23:05:23.0418 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll - ok

23:05:23.0434 4292 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll

23:05:23.0434 4292 C:\Windows\SysWOW64\cryptsp.dll - ok

23:05:23.0434 4292 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv

23:05:23.0434 4292 C:\Windows\SysWOW64\winspool.drv - ok

23:05:23.0434 4292 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll

23:05:23.0434 4292 C:\Windows\SysWOW64\rsaenh.dll - ok

23:05:23.0449 4292 [ 5654A65F73DCD5B3CC0C84E3F3C58043 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll

23:05:23.0449 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll - ok

23:05:23.0449 4292 [ 02F4111F129B9910EF1AA4F33F62FD2A ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll

23:05:23.0449 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll - ok

23:05:23.0449 4292 [ 6B9117167660873D3CEDC719EE914105 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll

23:05:23.0449 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll - ok

23:05:23.0465 4292 [ D8189B7966DFB524558294FEFF0BEA70 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll

23:05:23.0465 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll - ok

23:05:23.0465 4292 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll

23:05:23.0465 4292 C:\Windows\SysWOW64\fltLib.dll - ok

23:05:23.0465 4292 [ E35E8E2C639089FB28D6A60195BDFEA7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll

23:05:23.0465 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll - ok

23:05:23.0480 4292 [ E75A782A8C218D03A0AF54325132BC70 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll

23:05:23.0480 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll - ok

23:05:23.0480 4292 [ 9CAEE2820D405F643C2768AD4E9CBFFE ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll

23:05:23.0480 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll - ok

23:05:23.0496 4292 [ 64605B72B605DEDE66D38E3D7094E73B ] C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll

23:05:23.0496 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll - ok

23:05:23.0496 4292 [ DFA5E18FE9BF059ABA5F4E9B4B2B67F8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll

23:05:23.0496 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll - ok

23:05:23.0496 4292 [ 9C27C528D7A95443F64EBC7528531267 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll

23:05:23.0496 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll - ok

23:05:23.0512 4292 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll

23:05:23.0512 4292 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok

23:05:23.0512 4292 [ 8D4CC7ED1EF309487345757C7A9B2C9F ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll

23:05:23.0512 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll - ok

23:05:23.0512 4292 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll

23:05:23.0512 4292 C:\Windows\SysWOW64\ntmarta.dll - ok

23:05:23.0527 4292 [ BC2A18841494B3756894627FF279C65E ] C:\Windows\System32\nvcpl.dll

23:05:23.0527 4292 C:\Windows\System32\nvcpl.dll - ok

23:05:23.0527 4292 [ B5A97B6D5DF9F965C854B3EDA0755AB2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll

23:05:23.0527 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll - ok

23:05:23.0527 4292 [ 87343253C37E1E5099429CAE483992E2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll

23:05:23.0527 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll - ok

23:05:23.0543 4292 [ 900ACDAD5D357BB26A571DCA1FD6AD36 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll

23:05:23.0543 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll - ok

23:05:23.0543 4292 [ 7B77884505F44BA1C75E9FAC217187C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll

23:05:23.0543 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll - ok

23:05:23.0558 4292 [ 434049E557861645FA160F3035025F51 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll

23:05:23.0558 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll - ok

23:05:23.0558 4292 [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll

23:05:23.0558 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll - ok

23:05:23.0558 4292 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll

23:05:23.0558 4292 C:\Windows\SysWOW64\samcli.dll - ok

23:05:23.0574 4292 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll

23:05:23.0574 4292 C:\Windows\SysWOW64\uxtheme.dll - ok

23:05:23.0574 4292 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll

23:05:23.0574 4292 C:\Windows\SysWOW64\clbcatq.dll - ok

23:05:23.0574 4292 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll

23:05:23.0574 4292 C:\Windows\SysWOW64\quartz.dll - ok

23:05:23.0590 4292 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll

23:05:23.0590 4292 C:\Windows\SysWOW64\winmm.dll - ok

23:05:23.0590 4292 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll

23:05:23.0590 4292 C:\Windows\SysWOW64\dwmapi.dll - ok

23:05:23.0590 4292 [ CC5BF60E9D3F181C0B62AC91AD8634B8 ] C:\Windows\SysWOW64\qcap.dll

23:05:23.0590 4292 C:\Windows\SysWOW64\qcap.dll - ok

23:05:23.0605 4292 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll

23:05:23.0605 4292 C:\Windows\SysWOW64\msvfw32.dll - ok

23:05:23.0605 4292 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll

23:05:23.0605 4292 C:\Windows\System32\mprapi.dll - ok

23:05:23.0605 4292 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll

23:05:23.0605 4292 C:\Windows\System32\netshell.dll - ok

23:05:23.0621 4292 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll

23:05:23.0621 4292 C:\Windows\System32\ndiscapCfg.dll - ok

23:05:23.0621 4292 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll

23:05:23.0621 4292 C:\Windows\System32\rascfg.dll - ok

23:05:23.0621 4292 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll

23:05:23.0621 4292 C:\Windows\System32\mprmsg.dll - ok

23:05:23.0636 4292 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll

23:05:23.0636 4292 C:\Windows\System32\tcpipcfg.dll - ok

23:05:23.0636 4292 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll

23:05:23.0636 4292 C:\Windows\System32\wshbth.dll - ok

23:05:23.0636 4292 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe

23:05:23.0636 4292 C:\Windows\System32\dllhost.exe - ok

23:05:23.0652 4292 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll

23:05:23.0652 4292 C:\Windows\System32\IDStore.dll - ok

23:05:23.0652 4292 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe

23:05:23.0652 4292 C:\Windows\System32\taskhost.exe - ok

23:05:23.0652 4292 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll

23:05:23.0652 4292 C:\Windows\System32\mpr.dll - ok

23:05:23.0668 4292 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll

23:05:23.0668 4292 C:\Windows\SysWOW64\apphelp.dll - ok

23:05:23.0668 4292 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

23:05:23.0668 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok

23:05:23.0668 4292 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe

23:05:23.0668 4292 C:\Windows\System32\userinit.exe - ok

23:05:23.0683 4292 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe

23:05:23.0683 4292 C:\Windows\System32\dwm.exe - ok

23:05:23.0683 4292 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll

23:05:23.0683 4292 C:\Windows\System32\dwmredir.dll - ok

23:05:23.0683 4292 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll

23:05:23.0683 4292 C:\Windows\System32\dwmcore.dll - ok

23:05:23.0699 4292 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll

23:05:23.0699 4292 C:\Windows\System32\MsCtfMonitor.dll - ok

23:05:23.0699 4292 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll

23:05:23.0699 4292 C:\Windows\System32\msutb.dll - ok

23:05:23.0699 4292 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll

23:05:23.0699 4292 C:\Windows\System32\HotStartUserAgent.dll - ok

23:05:23.0714 4292 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll

23:05:23.0714 4292 C:\Windows\System32\PlaySndSrv.dll - ok

23:05:23.0714 4292 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe

23:05:23.0714 4292 C:\Windows\explorer.exe - ok

23:05:23.0714 4292 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll

23:05:23.0714 4292 C:\Windows\System32\ExplorerFrame.dll - ok

23:05:23.0730 4292 [ 6FCAFCB0820C9BC0EE363F26A9A9D8F3 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

23:05:23.0730 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll - ok

23:05:23.0730 4292 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll

23:05:23.0730 4292 C:\Windows\System32\EhStorShell.dll - ok

23:05:23.0730 4292 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll

23:05:23.0730 4292 C:\Windows\System32\ntshrui.dll - ok

23:05:23.0746 4292 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll

23:05:23.0746 4292 C:\Windows\System32\cscapi.dll - ok

23:05:23.0746 4292 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll

23:05:23.0746 4292 C:\Windows\System32\IconCodecService.dll - ok

23:05:23.0746 4292 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe

23:05:23.0746 4292 C:\Windows\System32\alg.exe - ok

23:05:23.0761 4292 [ D1CEEA2B47CB998321C579651CE3E4F8 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

23:05:23.0761 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe - ok

23:05:23.0761 4292 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

23:05:23.0761 4292 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok

23:05:23.0777 4292 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll

23:05:23.0777 4292 C:\Windows\System32\linkinfo.dll - ok

23:05:23.0777 4292 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe

23:05:23.0777 4292 C:\Windows\ehome\ehrecvr.exe - ok

23:05:23.0777 4292 [ 8886E0697B0A93C521F99099EF643450 ] C:\Windows\System32\wscript.exe

23:05:23.0777 4292 C:\Windows\System32\wscript.exe - ok

23:05:23.0792 4292 [ 095122AA583F3DDEA7D752FB6379EE36 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll

23:05:23.0792 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll - ok

23:05:23.0792 4292 [ 495B01F44E917CCDF79005CC0EC56F5A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

23:05:23.0792 4292 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok

23:05:23.0792 4292 [ 396ABDD67BBB3FC3028DFBCA849A721F ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe

23:05:23.0792 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe - ok

23:05:23.0808 4292 [ 5F607DEEF42E454B60606FFCEBB1657D ] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe

23:05:23.0808 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe - ok

23:05:23.0808 4292 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe

23:05:23.0808 4292 C:\Windows\ehome\ehsched.exe - ok

23:05:23.0808 4292 [ 131216B7B74DEC3CF30689AA0C2D89C1 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

23:05:23.0808 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe - ok

23:05:23.0824 4292 [ 734DCB85D9B01D597D683C1A44B5EBE5 ] C:\Program Files\Elantech\ETDCtrl.exe

23:05:23.0824 4292 C:\Program Files\Elantech\ETDCtrl.exe - ok

23:05:23.0824 4292 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll

23:05:23.0824 4292 C:\Windows\SysWOW64\setupapi.dll - ok

23:05:23.0824 4292 [ 483BAA4246B80BDE1EA562C618BBA4A1 ] C:\Windows\System32\igfxtray.exe

23:05:23.0824 4292 C:\Windows\System32\igfxtray.exe - ok

23:05:23.0839 4292 [ 08E09429070908FFEB301A64000A24C8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll

23:05:23.0839 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll - ok

23:05:23.0839 4292 [ 7250E1044C3F3A2B217BA8CF2CE801FA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll

23:05:23.0839 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll - ok

23:05:23.0855 4292 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe

23:05:23.0855 4292 C:\Windows\System32\FXSSVC.exe - ok

23:05:23.0855 4292 [ 40CAEC9DBC892ED1915704CC54CB382E ] C:\Windows\System32\hkcmd.exe

23:05:23.0855 4292 C:\Windows\System32\hkcmd.exe - ok

23:05:23.0855 4292 [ 0E0053787038601A655F2DF8FCF72623 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

23:05:23.0855 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe - ok

23:05:23.0870 4292 [ 7DE03B605C794491D53A920EC86AF58C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll

23:05:23.0870 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll - ok

23:05:23.0870 4292 [ 01749C961A521D3B9F78741B87BE0461 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll

23:05:23.0870 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll - ok

23:05:23.0870 4292 [ C88B01661694F2013F8DF1BD66B8B39E ] C:\Windows\System32\igfxpers.exe

23:05:23.0870 4292 C:\Windows\System32\igfxpers.exe - ok

23:05:23.0886 4292 [ A042FB145907E867A19D5CAC06A9EFB1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

23:05:23.0886 4292 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok

23:05:23.0886 4292 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll

23:05:23.0886 4292 C:\Windows\System32\appinfo.dll - ok

23:05:23.0886 4292 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll

23:05:23.0886 4292 C:\Windows\System32\wdi.dll - ok

23:05:23.0902 4292 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll

23:05:23.0902 4292 C:\Windows\System32\bthserv.dll - ok

23:05:23.0902 4292 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll

23:05:23.0902 4292 C:\Windows\System32\hidserv.dll - ok

23:05:23.0902 4292 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll

23:05:23.0902 4292 C:\Windows\System32\shfolder.dll - ok

23:05:23.0917 4292 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll

23:05:23.0917 4292 C:\Windows\System32\diagperf.dll - ok

23:05:23.0917 4292 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL

23:05:23.0917 4292 C:\Windows\System32\IPSECSVC.DLL - ok

23:05:23.0917 4292 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll

23:05:23.0917 4292 C:\Windows\System32\wpdbusenum.dll - ok

23:05:23.0933 4292 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll

23:05:23.0933 4292 C:\Windows\System32\perftrack.dll - ok

23:05:23.0933 4292 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll

23:05:23.0933 4292 C:\Windows\System32\PortableDeviceApi.dll - ok

23:05:23.0933 4292 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll

23:05:23.0933 4292 C:\Windows\System32\FwRemoteSvr.dll - ok

23:05:23.0948 4292 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll

23:05:23.0948 4292 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

23:05:23.0948 4292 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll

23:05:23.0948 4292 C:\Windows\System32\Apphlpdm.dll - ok

23:05:23.0948 4292 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll

23:05:23.0948 4292 C:\Windows\System32\pnpts.dll - ok

23:05:23.0964 4292 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe

23:05:23.0964 4292 C:\Windows\System32\runonce.exe - ok

23:05:23.0964 4292 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll

23:05:23.0964 4292 C:\Windows\System32\wdiasqmmodule.dll - ok

23:05:23.0964 4292 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll

23:05:23.0964 4292 C:\Windows\System32\radardt.dll - ok

23:05:23.0980 4292 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll

23:05:23.0980 4292 C:\Windows\System32\npmproxy.dll - ok

23:05:23.0980 4292 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll

23:05:23.0980 4292 C:\Windows\SysWOW64\devobj.dll - ok

23:05:23.0980 4292 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe

23:05:23.0980 4292 C:\Windows\SysWOW64\taskeng.exe - ok

23:05:23.0995 4292 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll

23:05:23.0995 4292 C:\Windows\SysWOW64\WindowsCodecs.dll - ok

23:05:23.0995 4292 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe

23:05:23.0995 4292 C:\Windows\SysWOW64\runonce.exe - ok

23:05:23.0995 4292 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll

23:05:23.0995 4292 C:\Windows\SysWOW64\mprmsg.dll - ok

23:05:24.0011 4292 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe

23:05:24.0011 4292 C:\Windows\System32\taskeng.exe - ok

23:05:24.0011 4292 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll

23:05:24.0011 4292 C:\Windows\SysWOW64\d3d10_1.dll - ok

23:05:24.0011 4292 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll

23:05:24.0011 4292 C:\Windows\System32\d3d10_1.dll - ok

Link to post
Share on other sites

23:05:24.0026 4292 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll

23:05:24.0026 4292 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok

23:05:24.0026 4292 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

23:05:24.0026 4292 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe - ok

23:05:24.0026 4292 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll

23:05:24.0026 4292 C:\Windows\SysWOW64\d3d10_1core.dll - ok

23:05:24.0042 4292 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll

23:05:24.0042 4292 C:\Windows\SysWOW64\wshbth.dll - ok

23:05:24.0042 4292 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll

23:05:24.0042 4292 C:\Windows\SysWOW64\dhcpcsvc.dll - ok

23:05:24.0042 4292 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll

23:05:24.0042 4292 C:\Windows\System32\d3d10_1core.dll - ok

23:05:24.0058 4292 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll

23:05:24.0058 4292 C:\Windows\SysWOW64\mswsock.dll - ok

23:05:24.0058 4292 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll

23:05:24.0058 4292 C:\Windows\SysWOW64\wbemcomn.dll - ok

23:05:24.0058 4292 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll

23:05:24.0058 4292 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok

23:05:24.0073 4292 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll

23:05:24.0073 4292 C:\Windows\SysWOW64\dxgi.dll - ok

23:05:24.0073 4292 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL

23:05:24.0073 4292 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok

23:05:24.0073 4292 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll

23:05:24.0073 4292 C:\Windows\System32\dxgi.dll - ok

23:05:24.0089 4292 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll

23:05:24.0089 4292 C:\Windows\SysWOW64\apisetschema.dll - ok

23:05:24.0089 4292 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll

23:05:24.0089 4292 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok

23:05:24.0089 4292 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] C:\Windows\System32\msdtc.exe

23:05:24.0089 4292 C:\Windows\System32\msdtc.exe - ok

23:05:24.0104 4292 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll

23:05:24.0104 4292 C:\Windows\SysWOW64\secur32.dll - ok

23:05:24.0104 4292 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll

23:05:24.0104 4292 C:\Windows\SysWOW64\wship6.dll - ok

23:05:24.0104 4292 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe

23:05:24.0104 4292 C:\Windows\System32\msiexec.exe - ok

23:05:24.0120 4292 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll

23:05:24.0120 4292 C:\Windows\SysWOW64\wbem\fastprox.dll - ok

23:05:24.0120 4292 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll

23:05:24.0120 4292 C:\Windows\SysWOW64\ntdsapi.dll - ok

23:05:24.0120 4292 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll

23:05:24.0120 4292 C:\Windows\SysWOW64\rasadhlp.dll - ok

23:05:24.0136 4292 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll

23:05:24.0136 4292 C:\Windows\SysWOW64\credssp.dll - ok

23:05:24.0136 4292 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll

23:05:24.0136 4292 C:\Windows\SysWOW64\MMDevAPI.dll - ok

23:05:24.0151 4292 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll

23:05:24.0151 4292 C:\Windows\SysWOW64\RpcRtRemote.dll - ok

23:05:24.0151 4292 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL

23:05:24.0151 4292 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok

23:05:24.0151 4292 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll

23:05:24.0151 4292 C:\Windows\SysWOW64\powrprof.dll - ok

23:05:24.0167 4292 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll

23:05:24.0167 4292 C:\Windows\SysWOW64\dssenh.dll - ok

23:05:24.0167 4292 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe

23:05:24.0167 4292 C:\Windows\System32\Locator.exe - ok

23:05:24.0167 4292 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll

23:05:24.0167 4292 C:\Windows\System32\dssenh.dll - ok

23:05:24.0182 4292 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll

23:05:24.0182 4292 C:\Windows\SysWOW64\propsys.dll - ok

23:05:24.0182 4292 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe

23:05:24.0182 4292 C:\Windows\System32\sppsvc.exe - ok

23:05:24.0182 4292 [ EFA67664E181EAF2DEA190EE71C0C9AB ] C:\Windows\System32\igd10umd64.dll

23:05:24.0182 4292 C:\Windows\System32\igd10umd64.dll - ok

23:05:24.0198 4292 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe

23:05:24.0198 4292 C:\Windows\servicing\TrustedInstaller.exe - ok

23:05:24.0198 4292 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe

23:05:24.0198 4292 C:\Windows\System32\UI0Detect.exe - ok

23:05:24.0198 4292 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe

23:05:24.0198 4292 C:\Windows\System32\vds.exe - ok

23:05:24.0214 4292 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe

23:05:24.0214 4292 C:\Windows\System32\VSSVC.exe - ok

23:05:24.0214 4292 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll

23:05:24.0214 4292 C:\Windows\System32\localspl.dll - ok

23:05:24.0214 4292 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] C:\Windows\System32\Wat\WatAdminSvc.exe

23:05:24.0214 4292 C:\Windows\System32\Wat\WatAdminSvc.exe - ok

23:05:24.0214 4292 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll

23:05:24.0214 4292 C:\Windows\SysWOW64\AudioSes.dll - ok

23:05:24.0229 4292 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll

23:05:24.0229 4292 C:\Windows\System32\spoolss.dll - ok

23:05:24.0229 4292 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe

23:05:24.0229 4292 C:\Windows\System32\wbengine.exe - ok

23:05:24.0245 4292 [ 149126216A694E6BA84E92ECA77AAE3B ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

23:05:24.0245 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe - ok

23:05:24.0245 4292 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll

23:05:24.0245 4292 C:\Windows\System32\uDWM.dll - ok

23:05:24.0245 4292 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll

23:05:24.0245 4292 C:\Windows\SysWOW64\slc.dll - ok

23:05:24.0260 4292 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll

23:05:24.0260 4292 C:\Windows\System32\PrintIsolationProxy.dll - ok

23:05:24.0260 4292 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

23:05:24.0260 4292 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe - ok

23:05:24.0260 4292 [ 1917BE7C440DC7CF04304F0AFD7FDD16 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe

23:05:24.0260 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe - ok

23:05:24.0276 4292 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll

23:05:24.0276 4292 C:\Windows\System32\FXSMON.dll - ok

23:05:24.0276 4292 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe

23:05:24.0276 4292 C:\Windows\System32\wbem\WmiApSrv.exe - ok

23:05:24.0276 4292 [ AA11E1368EEB237DD100BAC6AFFE1C57 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

23:05:24.0276 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe - ok

23:05:24.0292 4292 [ 5808C52A626C245047ED307BFA355049 ] C:\Program Files\Elantech\ETDApi.dll

23:05:24.0292 4292 C:\Program Files\Elantech\ETDApi.dll - ok

23:05:24.0292 4292 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe

23:05:24.0292 4292 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

23:05:24.0292 4292 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll

23:05:24.0292 4292 C:\Windows\System32\tcpmon.dll - ok

23:05:24.0307 4292 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll

23:05:24.0307 4292 C:\Windows\SysWOW64\ktmw32.dll - ok

23:05:24.0307 4292 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll

23:05:24.0307 4292 C:\Windows\SysWOW64\snmpapi.dll - ok

23:05:24.0307 4292 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll

23:05:24.0307 4292 C:\Windows\System32\snmpapi.dll - ok

23:05:24.0323 4292 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll

23:05:24.0323 4292 C:\Windows\SysWOW64\wevtapi.dll - ok

23:05:24.0323 4292 [ 4A7C441D99D86704D194E7678873B95D ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

23:05:24.0323 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe - ok

23:05:24.0323 4292 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe

23:05:24.0323 4292 C:\Windows\System32\SearchIndexer.exe - ok

23:05:24.0338 4292 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\SysWOW64\wsnmp32.dll

23:05:24.0338 4292 C:\Windows\SysWOW64\wsnmp32.dll - ok

23:05:24.0338 4292 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll

23:05:24.0338 4292 C:\Windows\System32\wsnmp32.dll - ok

23:05:24.0338 4292 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll

23:05:24.0338 4292 C:\Windows\SysWOW64\msxml6.dll - ok

23:05:24.0354 4292 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll

23:05:24.0354 4292 C:\Windows\System32\usbmon.dll - ok

23:05:24.0354 4292 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll

23:05:24.0354 4292 C:\Windows\SysWOW64\hid.dll - ok

23:05:24.0354 4292 [ AC84CAEC1241871C51FC085C41F24955 ] C:\Windows\SysWOW64\fi-FI\TaskEng.exe.mui

23:05:24.0354 4292 C:\Windows\SysWOW64\fi-FI\TaskEng.exe.mui - ok

23:05:24.0370 4292 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\SysWOW64\WlS0WndH.dll

23:05:24.0370 4292 C:\Windows\SysWOW64\WlS0WndH.dll - ok

23:05:24.0370 4292 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll

23:05:24.0370 4292 C:\Windows\System32\WSDMon.dll - ok

23:05:24.0370 4292 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\SysWOW64\WSDApi.dll

23:05:24.0370 4292 C:\Windows\SysWOW64\WSDApi.dll - ok

23:05:24.0385 4292 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll

23:05:24.0385 4292 C:\Windows\SysWOW64\TSChannel.dll - ok

23:05:24.0385 4292 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll

23:05:24.0385 4292 C:\Windows\SysWOW64\xmllite.dll - ok

23:05:24.0385 4292 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll

23:05:24.0385 4292 C:\Windows\System32\WSDApi.dll - ok

23:05:24.0401 4292 [ 90B4FDF61459637D9D46C9F91DBCA1D3 ] C:\Windows\System32\nvinitx.dll

23:05:24.0401 4292 C:\Windows\System32\nvinitx.dll - ok

23:05:24.0401 4292 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\SysWOW64\webservices.dll

23:05:24.0401 4292 C:\Windows\SysWOW64\webservices.dll - ok

23:05:24.0401 4292 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll

23:05:24.0401 4292 C:\Windows\System32\webservices.dll - ok

23:05:24.0416 4292 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll

23:05:24.0416 4292 C:\Windows\SysWOW64\FirewallAPI.dll - ok

23:05:24.0416 4292 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll

23:05:24.0416 4292 C:\Windows\System32\TSChannel.dll - ok

23:05:24.0416 4292 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

23:05:24.0416 4292 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok

23:05:24.0432 4292 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll

23:05:24.0432 4292 C:\Windows\SysWOW64\fundisc.dll - ok

23:05:24.0432 4292 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll

23:05:24.0432 4292 C:\Windows\System32\fundisc.dll - ok

23:05:24.0448 4292 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\SysWOW64\fdPnp.dll

23:05:24.0448 4292 C:\Windows\SysWOW64\fdPnp.dll - ok

23:05:24.0448 4292 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll

23:05:24.0448 4292 C:\Windows\System32\fdPnp.dll - ok

23:05:24.0448 4292 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll

23:05:24.0448 4292 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok

23:05:24.0463 4292 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll

23:05:24.0463 4292 C:\Windows\SysWOW64\gpapi.dll - ok

23:05:24.0463 4292 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll

23:05:24.0463 4292 C:\Windows\SysWOW64\dsrole.dll - ok

23:05:24.0463 4292 [ AB71EEDC65349322C583A67AC85F8CE8 ] C:\Windows\SysWOW64\fi-FI\runonce.exe.mui

23:05:24.0463 4292 C:\Windows\SysWOW64\fi-FI\runonce.exe.mui - ok

23:05:24.0479 4292 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll

23:05:24.0479 4292 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok

23:05:24.0479 4292 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\SysWOW64\win32spl.dll

23:05:24.0479 4292 C:\Windows\SysWOW64\win32spl.dll - ok

23:05:24.0479 4292 [ 180E79B16063F7DFD005DC021AC543C6 ] C:\Program Files\P4G\BatteryLife.exe

23:05:24.0479 4292 C:\Program Files\P4G\BatteryLife.exe - ok

23:05:24.0479 4292 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll

23:05:24.0494 4292 C:\Windows\System32\win32spl.dll - ok

23:05:24.0494 4292 [ DE3B04D5AF8A1578F5430697546EB157 ] C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

23:05:24.0494 4292 C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe - ok

23:05:24.0510 4292 [ 868E3486E7EC522330344152A5535783 ] C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

23:05:24.0510 4292 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe - ok

23:05:24.0510 4292 [ 3ACABCA6A8DB71B7F19C8A7523AE1846 ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

23:05:24.0510 4292 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - ok

23:05:24.0510 4292 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll

23:05:24.0510 4292 C:\Windows\SysWOW64\devrtl.dll - ok

23:05:24.0526 4292 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll

23:05:24.0526 4292 C:\Windows\SysWOW64\SPInf.dll - ok

23:05:24.0526 4292 [ 7E5F5E64C91FEDFE72E4C1728094BA69 ] C:\Program Files\P4G\DevMng.dll

23:05:24.0526 4292 C:\Program Files\P4G\DevMng.dll - ok

23:05:24.0526 4292 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll

23:05:24.0526 4292 C:\Windows\SysWOW64\taskschd.dll - ok

23:05:24.0541 4292 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll

23:05:24.0541 4292 C:\Windows\System32\inetpp.dll - ok

23:05:24.0541 4292 [ 99AE34CA806B8BE848E2FB6A408659DE ] C:\Windows\SysWOW64\fi-FI\setupapi.dll.mui

23:05:24.0541 4292 C:\Windows\SysWOW64\fi-FI\setupapi.dll.mui - ok

23:05:24.0541 4292 [ 9AB802C4321BA2BD6D5F41CCCE6CDB9E ] C:\Program Files (x86)\ASUS\Splendid\OVS.dll

23:05:24.0541 4292 C:\Program Files (x86)\ASUS\Splendid\OVS.dll - ok

23:05:24.0557 4292 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll

23:05:24.0557 4292 C:\Windows\SysWOW64\cscapi.dll - ok

23:05:24.0557 4292 [ 5BB1F77C8AF725A15EC9366498D275BB ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

23:05:24.0557 4292 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - ok

23:05:24.0557 4292 [ 50E6288786474CC1275108D33FCC9488 ] C:\Program Files\P4G\OvrClk.dll

23:05:24.0557 4292 C:\Program Files\P4G\OvrClk.dll - ok

23:05:24.0572 4292 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll

23:05:24.0572 4292 C:\Windows\SysWOW64\oleacc.dll - ok

23:05:24.0572 4292 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll

23:05:24.0572 4292 C:\Windows\SysWOW64\imagehlp.dll - ok

23:05:24.0572 4292 [ 4DAB623EEE6BCF33BF90D964F442687A ] C:\Windows\SysWOW64\fi-FI\shell32.dll.mui

23:05:24.0572 4292 C:\Windows\SysWOW64\fi-FI\shell32.dll.mui - ok

23:05:24.0588 4292 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll

23:05:24.0588 4292 C:\Windows\SysWOW64\msi.dll - ok

23:05:24.0588 4292 [ 5368DAC1D13B2331A4F6E7530EBCDBE8 ] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

23:05:24.0588 4292 C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll - ok

23:05:24.0588 4292 [ 37DEB76A2CF005841C4E45DE2B94D84F ] C:\Windows\AsScrPro.exe

23:05:24.0588 4292 C:\Windows\AsScrPro.exe - ok

23:05:24.0604 4292 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll

23:05:24.0604 4292 C:\Windows\SysWOW64\mscoree.dll - ok

23:05:24.0604 4292 [ 0F3698E52A5D45E05FC8B8C22296FD35 ] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll

23:05:24.0604 4292 C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll - ok

23:05:24.0604 4292 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll

23:05:24.0604 4292 C:\Windows\SysWOW64\wininet.dll - ok

23:05:24.0619 4292 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll

23:05:24.0619 4292 C:\Windows\SysWOW64\iertutil.dll - ok

23:05:24.0619 4292 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll

23:05:24.0619 4292 C:\Windows\SysWOW64\mfc42.dll - ok

23:05:24.0619 4292 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll

23:05:24.0619 4292 C:\Windows\SysWOW64\urlmon.dll - ok

23:05:24.0635 4292 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

23:05:24.0635 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

23:05:24.0635 4292 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll

23:05:24.0635 4292 C:\Windows\SysWOW64\odbc32.dll - ok

23:05:24.0635 4292 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll

23:05:24.0635 4292 C:\Windows\SysWOW64\odbcint.dll - ok

23:05:24.0650 4292 [ 757A595F75E7840A7132EC11E6E6188A ] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe

23:05:24.0650 4292 C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe - ok

23:05:24.0650 4292 [ C4E9E285E1730D864DD4B35B73CDAFDB ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll

23:05:24.0650 4292 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll - ok

23:05:24.0666 4292 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

23:05:24.0666 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok

23:05:24.0666 4292 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll

23:05:24.0666 4292 C:\Windows\SysWOW64\dbghelp.dll - ok

23:05:24.0666 4292 [ 48FDF435B8595604E54125B321924510 ] C:\Windows\SysWOW64\Macromed\Flash\Flash9f.ocx

23:05:24.0666 4292 C:\Windows\SysWOW64\Macromed\Flash\Flash9f.ocx - ok

23:05:24.0682 4292 [ D3EAD1CF16BA729A7F7C9A5D94AA7C05 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll

23:05:24.0682 4292 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll - ok

23:05:24.0682 4292 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

23:05:24.0682 4292 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok

23:05:24.0682 4292 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe

23:05:24.0682 4292 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

23:05:24.0697 4292 [ BAC51269AD827F2889206066D6404C73 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_fi.dll

23:05:24.0697 4292 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_fi.dll - ok

23:05:24.0697 4292 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll

23:05:24.0697 4292 C:\Windows\SysWOW64\riched20.dll - ok

23:05:24.0697 4292 [ F8D65A4E644D152ADCD662B4DF5777B7 ] C:\Windows\SysWOW64\fi-FI\crypt32.dll.mui

23:05:24.0697 4292 C:\Windows\SysWOW64\fi-FI\crypt32.dll.mui - ok

23:05:24.0713 4292 [ 859CFCE4A0F72916911BD9F6C6E84581 ] C:\Windows\SysWOW64\ncrypt.dll

23:05:24.0713 4292 C:\Windows\SysWOW64\ncrypt.dll - ok

23:05:24.0713 4292 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll

23:05:24.0713 4292 C:\Windows\SysWOW64\bcrypt.dll - ok

23:05:24.0713 4292 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll

23:05:24.0713 4292 C:\Windows\SysWOW64\bcryptprimitives.dll - ok

23:05:24.0728 4292 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll

23:05:24.0728 4292 C:\Windows\SysWOW64\ncobjapi.dll - ok

23:05:24.0728 4292 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll

23:05:24.0728 4292 C:\Windows\SysWOW64\cryptnet.dll - ok

23:05:24.0728 4292 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe

23:05:24.0728 4292 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

23:05:24.0744 4292 [ E7B90C35D43360A9EBE9D3CCD46FF407 ] C:\Windows\SysWOW64\fi-FI\user32.dll.mui

23:05:24.0744 4292 C:\Windows\SysWOW64\fi-FI\user32.dll.mui - ok

23:05:24.0744 4292 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe

23:05:24.0744 4292 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok

23:05:24.0744 4292 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe

23:05:24.0744 4292 C:\Windows\SysWOW64\regsvr32.exe - ok

23:05:24.0760 4292 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll

23:05:24.0760 4292 C:\Windows\SysWOW64\SensApi.dll - ok

23:05:24.0760 4292 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe

23:05:24.0760 4292 C:\Windows\SysWOW64\cmd.exe - ok

23:05:24.0760 4292 [ 57B4D34232852BFE4453BE571DF90D21 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

23:05:24.0760 4292 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe - ok

23:05:24.0775 4292 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll

23:05:24.0775 4292 C:\Windows\SysWOW64\mstask.dll - ok

23:05:24.0775 4292 [ 41A5048E49372F091B2AE5A5B705B72D ] C:\Windows\SysWOW64\ACEngSvr.exe

23:05:24.0775 4292 C:\Windows\SysWOW64\ACEngSvr.exe - ok

23:05:24.0775 4292 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll

23:05:24.0775 4292 C:\Windows\SysWOW64\cabinet.dll - ok

23:05:24.0791 4292 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll

23:05:24.0791 4292 C:\Windows\SysWOW64\mscms.dll - ok

23:05:24.0791 4292 [ C3A5FFD57C2563204CD9351F0C7A0DEA ] C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll

23:05:24.0791 4292 C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll - ok

23:05:24.0791 4292 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll

23:05:24.0791 4292 C:\Windows\SysWOW64\ieframe.dll - ok

23:05:24.0806 4292 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll

23:05:24.0806 4292 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok

23:05:24.0806 4292 [ A1A6FC56A1D0DADC164637FE43C40605 ] C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll

23:05:24.0806 4292 C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll - ok

23:05:24.0822 4292 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll

23:05:24.0822 4292 C:\Windows\System32\dbghelp.dll - ok

23:05:24.0822 4292 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll

23:05:24.0822 4292 C:\Windows\AppPatch\AcGenral.dll - ok

23:05:24.0822 4292 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe

23:05:24.0822 4292 C:\Windows\System32\conhost.exe - ok

23:05:24.0838 4292 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll

23:05:24.0838 4292 C:\Windows\System32\wbem\cimwin32.dll - ok

23:05:24.0838 4292 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll

23:05:24.0838 4292 C:\Windows\SysWOW64\ddraw.dll - ok

23:05:24.0838 4292 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

23:05:24.0838 4292 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok

23:05:24.0853 4292 [ 6A5D0ED8F280AB8E312A4252472A14A4 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

23:05:24.0853 4292 C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll - ok

23:05:24.0853 4292 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll

23:05:24.0853 4292 C:\Windows\SysWOW64\framedynos.dll - ok

23:05:24.0853 4292 [ 9BB0FDC5EB7601DD09FA97D2B1F2F2B7 ] C:\Windows\System32\fi-FI\conhost.exe.mui

23:05:24.0853 4292 C:\Windows\System32\fi-FI\conhost.exe.mui - ok

23:05:24.0869 4292 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll

23:05:24.0869 4292 C:\Windows\System32\ddraw.dll - ok

23:05:24.0869 4292 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll

23:05:24.0869 4292 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok

23:05:24.0869 4292 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll

23:05:24.0869 4292 C:\Windows\SysWOW64\wmp.dll - ok

23:05:24.0884 4292 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll

23:05:24.0884 4292 C:\Windows\SysWOW64\msacm32.dll - ok

23:05:24.0884 4292 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll

23:05:24.0884 4292 C:\Windows\SysWOW64\dciman32.dll - ok

23:05:24.0884 4292 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\SysWOW64\tzres.dll

23:05:24.0884 4292 C:\Windows\SysWOW64\tzres.dll - ok

23:05:24.0900 4292 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

23:05:24.0900 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok

23:05:24.0900 4292 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll

23:05:24.0900 4292 C:\Windows\System32\dciman32.dll - ok

23:05:24.0900 4292 [ 8FC9E5BC953CCE45E324AE26991E42E2 ] C:\Windows\SysWOW64\fi-FI\tzres.dll.mui

23:05:24.0916 4292 C:\Windows\SysWOW64\fi-FI\tzres.dll.mui - ok

23:05:24.0916 4292 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll

23:05:24.0916 4292 C:\Windows\SysWOW64\sfc.dll - ok

23:05:24.0916 4292 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll

23:05:24.0916 4292 C:\Windows\SysWOW64\sfc_os.dll - ok

23:05:24.0931 4292 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll

23:05:24.0931 4292 C:\Windows\SysWOW64\sxs.dll - ok

23:05:24.0931 4292 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll

23:05:24.0931 4292 C:\Windows\SysWOW64\wmi.dll - ok

23:05:24.0931 4292 [ E29B87694C0754A8538A8C90429EAA76 ] C:\Windows\SysWOW64\fi-FI\ieframe.dll.mui

23:05:24.0931 4292 C:\Windows\SysWOW64\fi-FI\ieframe.dll.mui - ok

23:05:24.0947 4292 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll

23:05:24.0947 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok

23:05:24.0947 4292 [ A819E93B3C11D18749887E19B7998985 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\fi\mscorrc.dll

23:05:24.0947 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\fi\mscorrc.dll - ok

23:05:24.0947 4292 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll

23:05:24.0947 4292 C:\Windows\System32\aelupsvc.dll - ok

23:05:24.0962 4292 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll

23:05:24.0962 4292 C:\Windows\SysWOW64\winbrand.dll - ok

23:05:24.0962 4292 [ B7E778D134F78C578B8A50A9EEA389FC ] C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fi_b77a5c561934e089\mscorlib.resources.dll

23:05:24.0962 4292 C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fi_b77a5c561934e089\mscorlib.resources.dll - ok

23:05:24.0962 4292 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL

23:05:24.0962 4292 C:\Windows\SysWOW64\wmploc.DLL - ok

23:05:24.0978 4292 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll

23:05:24.0978 4292 C:\Windows\SysWOW64\shdocvw.dll - ok

23:05:24.0978 4292 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll

23:05:24.0978 4292 C:\Windows\System32\framedynos.dll - ok

23:05:24.0978 4292 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll

23:05:24.0978 4292 C:\Windows\System32\wmi.dll - ok

23:05:24.0994 4292 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll

23:05:24.0994 4292 C:\Windows\SysWOW64\dsound.dll - ok

23:05:24.0994 4292 [ 4F72C8B661DEC62F4DF0F15D33106372 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll

23:05:24.0994 4292 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll - ok

23:05:24.0994 4292 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll

23:05:24.0994 4292 C:\Windows\System32\dsound.dll - ok

23:05:25.0009 4292 [ FAC8EC602E5C5C4D41BAB6255F2ECF5E ] C:\Windows\System32\igdumd64.dll

23:05:25.0009 4292 C:\Windows\System32\igdumd64.dll - ok

23:05:25.0009 4292 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

23:05:25.0009 4292 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

23:05:25.0009 4292 [ 2168E61B9E3B06EEB8B3EACDFDC4699B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

23:05:25.0009 4292 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll - ok

23:05:25.0025 4292 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll

23:05:25.0025 4292 C:\Windows\SysWOW64\opengl32.dll - ok

23:05:25.0025 4292 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll

23:05:25.0025 4292 C:\Windows\System32\opengl32.dll - ok

23:05:25.0025 4292 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll

23:05:25.0025 4292 C:\Windows\SysWOW64\glu32.dll - ok

23:05:25.0040 4292 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll

23:05:25.0040 4292 C:\Windows\System32\glu32.dll - ok

23:05:25.0040 4292 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll

23:05:25.0040 4292 C:\Windows\SysWOW64\oledlg.dll - ok

23:05:25.0040 4292 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll

23:05:25.0040 4292 C:\Windows\System32\oledlg.dll - ok

23:05:25.0056 4292 [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll

23:05:25.0056 4292 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok

23:05:25.0056 4292 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Donald\AppData\Local\Temp\303C5924-D044-422D-9649-59179DC3471C.exe

23:05:25.0056 4292 C:\Users\Donald\AppData\Local\Temp\303C5924-D044-422D-9649-59179DC3471C.exe - ok

23:05:25.0056 4292 [ F56FA195D54F4203B43F45BC57AB682C ] C:\Program Files (x86)\ASUS\Splendid\ACOVS.exe

23:05:25.0056 4292 C:\Program Files (x86)\ASUS\Splendid\ACOVS.exe - ok

23:05:25.0072 4292 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll

23:05:25.0072 4292 C:\Windows\System32\RtkCfg64.dll - ok

23:05:25.0072 4292 [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll

23:05:25.0072 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok

23:05:25.0072 4292 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys

23:05:25.0072 4292 C:\Windows\System32\drivers\fastfat.sys - ok

23:05:25.0087 4292 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

23:05:25.0087 4292 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok

23:05:25.0087 4292 [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll

23:05:25.0087 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok

23:05:25.0103 4292 [ 858716CED10DBBF0BC5748F71ED2F59D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll

23:05:25.0103 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll - ok

23:05:25.0103 4292 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll

23:05:25.0103 4292 C:\Windows\SysWOW64\EhStorShell.dll - ok

23:05:25.0103 4292 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll

23:05:25.0103 4292 C:\Windows\SysWOW64\ntshrui.dll - ok

23:05:25.0118 4292 [ 72D6FA91968E109D9783B5D027251A82 ] C:\Program Files\P4G\IntlDPST.exe

23:05:25.0118 4292 C:\Program Files\P4G\IntlDPST.exe - ok

23:05:25.0118 4292 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll

23:05:25.0118 4292 C:\Windows\SysWOW64\imageres.dll - ok

23:05:25.0118 4292 [ B6663FC132F0262A5EF48DB2D0187DE3 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll

23:05:25.0118 4292 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok

23:05:25.0134 4292 [ 9170C065FC76758E5D317B8FBA884F0C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll

23:05:25.0134 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll - ok

23:05:25.0134 4292 [ A77BA10A0D610BBB6101AEA1E633ABE1 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

23:05:25.0134 4292 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok

23:05:25.0134 4292 [ AE0A2DE2BB518D204F94DDCF93BBCC4C ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll

23:05:25.0134 4292 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok

23:05:25.0150 4292 [ 9E5868DB59C6D8E949F724DBBC639A31 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll

23:05:25.0150 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll - ok

23:05:25.0150 4292 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

23:05:25.0150 4292 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok

23:05:25.0165 4292 [ B720B4D1C97FBE02BE32812B580F1849 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll

23:05:25.0165 4292 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok

23:05:25.0165 4292 [ EC248BC9C9C225FD289F250756503146 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll

23:05:25.0165 4292 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok

23:05:25.0165 4292 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

23:05:25.0165 4292 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok

23:05:25.0181 4292 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll

23:05:25.0181 4292 C:\Windows\SysWOW64\nlaapi.dll - ok

23:05:25.0181 4292 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll

23:05:25.0181 4292 C:\Windows\SysWOW64\NapiNSP.dll - ok

23:05:25.0181 4292 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll

23:05:25.0181 4292 C:\Windows\System32\NapiNSP.dll - ok

23:05:25.0196 4292 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll

23:05:25.0196 4292 C:\Windows\SysWOW64\pnrpnsp.dll - ok

23:05:25.0196 4292 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll

23:05:25.0196 4292 C:\Windows\System32\pnrpnsp.dll - ok

23:05:25.0196 4292 [ F68CAFF425A9F37E498193BDDC5CC652 ] C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

23:05:25.0196 4292 C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok

23:05:25.0212 4292 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll

23:05:25.0212 4292 C:\Windows\SysWOW64\dnsapi.dll - ok

23:05:25.0212 4292 [ 8A6909152203FE482EDDD269E8E203BC ] C:\Windows\System32\igfxext.exe

23:05:25.0212 4292 C:\Windows\System32\igfxext.exe - ok

23:05:25.0212 4292 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll

23:05:25.0212 4292 C:\Windows\SysWOW64\winrnr.dll - ok

23:05:25.0228 4292 [ 1D8C97EA71A8124D1DA1C0B0DAE7FE7D ] C:\Windows\System32\igfxexps.dll

23:05:25.0228 4292 C:\Windows\System32\igfxexps.dll - ok

23:05:25.0228 4292 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll

23:05:25.0228 4292 C:\Windows\System32\winrnr.dll - ok

23:05:25.0228 4292 [ FF3FC4BE04D01830799605B6F7B55DB0 ] C:\Windows\System32\igfxsrvc.exe

23:05:25.0228 4292 C:\Windows\System32\igfxsrvc.exe - ok

23:05:25.0243 4292 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll

23:05:25.0243 4292 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok

23:05:25.0243 4292 [ 2A72853494912BB034AF7AC1C86EC04E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll

23:05:25.0243 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll - ok

23:05:25.0259 4292 [ 3850B7343C380BF0F50992BACC2023C1 ] C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fi_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll

23:05:25.0259 4292 C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fi_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll - ok

23:05:25.0259 4292 [ C8C318BB20B480E43E706D585AFE03AC ] C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll

23:05:25.0259 4292 C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll - ok

23:05:25.0259 4292 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll

23:05:25.0259 4292 C:\Windows\SysWOW64\icm32.dll - ok

23:05:25.0274 4292 [ AC6A3801F3CDE7EB41B3F52E9B0A1C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll

23:05:25.0274 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll - ok

23:05:25.0274 4292 [ E46CABE15B5BDBDA989DF863F4C7C67D ] C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fi_31bf3856ad364e35\PresentationFramework.resources.dll

23:05:25.0274 4292 C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fi_31bf3856ad364e35\PresentationFramework.resources.dll - ok

23:05:25.0274 4292 [ 43104328E99680FCF282E71CC45CB5D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll

23:05:25.0274 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll - ok

23:05:25.0290 4292 [ 4BC67DC2BB58DC6E2A6BCB9B4450B0B8 ] C:\Windows\System32\igfxsrvc.dll

23:05:25.0290 4292 C:\Windows\System32\igfxsrvc.dll - ok

23:05:25.0290 4292 [ A3C74AB32273776E077E6C98BAC97E44 ] C:\Windows\System32\igfxdev.dll

23:05:25.0290 4292 C:\Windows\System32\igfxdev.dll - ok

23:05:25.0290 4292 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll

23:05:25.0290 4292 C:\Windows\SysWOW64\d3d9.dll - ok

23:05:25.0306 4292 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll

23:05:25.0306 4292 C:\Windows\SysWOW64\d3d8thk.dll - ok

23:05:25.0306 4292 [ CCFE69A4D6447AC0BA65BBD3938E6C18 ] C:\Windows\SysWOW64\igdumd32.dll

23:05:25.0306 4292 C:\Windows\SysWOW64\igdumd32.dll - ok

23:05:25.0306 4292 [ 7221E380FB8BFCF0160B9D4E704E7E77 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll

23:05:25.0306 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll - ok

23:05:25.0321 4292 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\SysWOW64\WindowsCodecsExt.dll

23:05:25.0321 4292 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok

23:05:25.0321 4292 [ A96DF7F02B248C65DF3947D8B0D588EB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll

23:05:25.0321 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll - ok

23:05:25.0321 4292 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll

23:05:25.0321 4292 C:\Windows\SysWOW64\shfolder.dll - ok

23:05:25.0337 4292 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll

23:05:25.0337 4292 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok

23:05:25.0337 4292 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll

23:05:25.0337 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok

23:05:25.0352 4292 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll

23:05:25.0352 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok

23:05:25.0352 4292 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll

23:05:25.0352 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok

23:05:25.0352 4292 [ 020C2F610BE801B9B50AF1BFF4A5B24B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll

23:05:25.0352 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll - ok

23:05:25.0368 4292 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll

23:05:25.0368 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok

23:05:25.0368 4292 [ 76F39902E25F43FE9450AD3D6A14D0D8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll

23:05:25.0368 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll - ok

23:05:25.0368 4292 [ 72AB8C3F8AB7B550A896357C9E0896DA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll

23:05:25.0384 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll - ok

23:05:25.0384 4292 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll

23:05:25.0384 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok

23:05:25.0384 4292 [ C1DE7F05533BC9FCAE05CD4242D34399 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\fi\mscorrc.dll

23:05:25.0384 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\fi\mscorrc.dll - ok

23:05:25.0399 4292 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll

23:05:25.0399 4292 C:\Windows\System32\mscoree.dll - ok

23:05:25.0399 4292 [ 80739D6157FDF84E444C659AC3B0E41E ] C:\Windows\SysWOW64\PresentationNative_v0300.dll

23:05:25.0399 4292 C:\Windows\SysWOW64\PresentationNative_v0300.dll - ok

23:05:25.0399 4292 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll

23:05:25.0399 4292 C:\Windows\SysWOW64\winhttp.dll - ok

23:05:25.0415 4292 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll

23:05:25.0415 4292 C:\Windows\SysWOW64\webio.dll - ok

23:05:25.0415 4292 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL

23:05:25.0415 4292 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok

23:05:25.0415 4292 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll

23:05:25.0415 4292 C:\Windows\SysWOW64\esent.dll - ok

23:05:25.0430 4292 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll

23:05:25.0430 4292 C:\Windows\System32\esent.dll - ok

23:05:25.0430 4292 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll

23:05:25.0430 4292 C:\Windows\System32\wbem\NCProv.dll - ok

23:05:25.0430 4292 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe

23:05:25.0430 4292 C:\Windows\System32\ie4uinit.exe - ok

23:05:25.0446 4292 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll

23:05:25.0446 4292 C:\Windows\System32\iedkcs32.dll - ok

23:05:25.0446 4292 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll

23:05:25.0446 4292 C:\Windows\SysWOW64\SndVolSSO.dll - ok

23:05:25.0446 4292 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\76734252.sys

23:05:25.0446 4292 C:\Windows\System32\drivers\76734252.sys - ok

23:05:25.0462 4292 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl

23:05:25.0462 4292 C:\Windows\SysWOW64\timedate.cpl - ok

23:05:25.0462 4292 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl

23:05:25.0462 4292 C:\Windows\System32\timedate.cpl - ok

23:05:25.0462 4292 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll

23:05:25.0462 4292 C:\Windows\SysWOW64\actxprxy.dll - ok

23:05:25.0477 4292 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll

23:05:25.0477 4292 C:\Windows\System32\actxprxy.dll - ok

23:05:25.0477 4292 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll

23:05:25.0477 4292 C:\Windows\System32\shdocvw.dll - ok

23:05:25.0477 4292 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll

23:05:25.0477 4292 C:\Windows\SysWOW64\ExplorerFrame.dll - ok

23:05:25.0493 4292 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll

23:05:25.0493 4292 C:\Windows\SysWOW64\linkinfo.dll - ok

23:05:25.0493 4292 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll

23:05:25.0493 4292 C:\Windows\SysWOW64\duser.dll - ok

23:05:25.0493 4292 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll

23:05:25.0493 4292 C:\Windows\SysWOW64\msutb.dll - ok

23:05:25.0508 4292 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll

23:05:25.0508 4292 C:\Windows\SysWOW64\dui70.dll - ok

23:05:25.0508 4292 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll

23:05:25.0508 4292 C:\Windows\SysWOW64\shacct.dll - ok

23:05:25.0508 4292 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll

23:05:25.0508 4292 C:\Windows\SysWOW64\samlib.dll - ok

23:05:25.0524 4292 [ 98B6F9204610EC0B7D2ADFF3E6F058A8 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll

23:05:25.0524 4292 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok

23:05:25.0524 4292 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll

23:05:25.0524 4292 C:\Windows\SysWOW64\msftedit.dll - ok

23:05:25.0524 4292 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll

23:05:25.0524 4292 C:\Windows\System32\msftedit.dll - ok

23:05:25.0540 4292 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll

23:05:25.0540 4292 C:\Windows\SysWOW64\msls31.dll - ok

23:05:25.0540 4292 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll

23:05:25.0540 4292 C:\Windows\System32\msls31.dll - ok

23:05:25.0540 4292 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll

23:05:25.0540 4292 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok

23:05:25.0555 4292 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll

23:05:25.0555 4292 C:\Windows\SysWOW64\gameux.dll - ok

23:05:25.0555 4292 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll

23:05:25.0555 4292 C:\Windows\System32\gameux.dll - ok

23:05:25.0555 4292 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll

23:05:25.0555 4292 C:\Windows\SysWOW64\wer.dll - ok

23:05:25.0571 4292 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll

23:05:25.0571 4292 C:\Windows\SysWOW64\authui.dll - ok

23:05:25.0571 4292 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll

23:05:25.0571 4292 C:\Windows\SysWOW64\cryptui.dll - ok

23:05:25.0571 4292 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll

23:05:25.0571 4292 C:\Windows\System32\DeviceCenter.dll - ok

23:05:25.0586 4292 [ 9DEA654E4D9820958D6B4D1EBAF2F31E ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe

23:05:25.0586 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe - ok

23:05:25.0586 4292 [ D1AB72DB2BEDD2F255D35DA3DA0D4B16 ] C:\Windows\SysWOW64\wscript.exe

23:05:25.0586 4292 C:\Windows\SysWOW64\wscript.exe - ok

23:05:25.0586 4292 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll

23:05:25.0586 4292 C:\Windows\SysWOW64\thumbcache.dll - ok

23:05:25.0602 4292 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll

23:05:25.0602 4292 C:\Windows\System32\thumbcache.dll - ok

23:05:25.0602 4292 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll

23:05:25.0602 4292 C:\Windows\SysWOW64\msiltcfg.dll - ok

23:05:25.0602 4292 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll

23:05:25.0602 4292 C:\Windows\System32\msiltcfg.dll - ok

23:05:25.0618 4292 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll

23:05:25.0618 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok

23:05:25.0618 4292 [ 4071D132E66ACDA3776F1FEAD19E6E01 ] C:\Windows\SysWOW64\vbscript.dll

23:05:25.0618 4292 C:\Windows\SysWOW64\vbscript.dll - ok

23:05:25.0633 4292 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\SysWOW64\UIAnimation.dll

23:05:25.0633 4292 C:\Windows\SysWOW64\UIAnimation.dll - ok

23:05:25.0633 4292 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll

23:05:25.0633 4292 C:\Windows\System32\UIAnimation.dll - ok

23:05:25.0633 4292 [ 6E6602DE23AB3776007702FC9540E8E9 ] C:\Windows\System32\vbscript.dll

23:05:25.0633 4292 C:\Windows\System32\vbscript.dll - ok

23:05:25.0649 4292 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll

23:05:25.0649 4292 C:\Windows\SysWOW64\networkexplorer.dll - ok

23:05:25.0649 4292 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll

23:05:25.0649 4292 C:\Windows\SysWOW64\msisip.dll - ok

23:05:25.0649 4292 [ EF4248D28C2940AE6D46470AC2479A4F ] C:\Windows\System32\msisip.dll

23:05:25.0649 4292 C:\Windows\System32\msisip.dll - ok

23:05:25.0664 4292 [ E8F6851E4600CD3674422487EE240941 ] C:\Windows\SysWOW64\wshext.dll

23:05:25.0664 4292 C:\Windows\SysWOW64\wshext.dll - ok

23:05:25.0664 4292 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll

23:05:25.0664 4292 C:\Windows\System32\networkexplorer.dll - ok

23:05:25.0664 4292 [ 6E74D0AE00231D87CD213CD7BDC27E37 ] C:\Windows\System32\wshext.dll

23:05:25.0664 4292 C:\Windows\System32\wshext.dll - ok

23:05:25.0680 4292 [ 2D542FEEEE1644365BCE3327E91A5798 ] C:\Windows\SysWOW64\scrobj.dll

23:05:25.0680 4292 C:\Windows\SysWOW64\scrobj.dll - ok

23:05:25.0680 4292 [ 40FB1B4B1C00F98A8D5FB2744BACDA75 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\Sync.dll

23:05:25.0680 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\Sync.dll - ok

23:05:25.0680 4292 [ 67CE7A83CF4AA78A05EA26D4443CE5F3 ] C:\Windows\System32\scrobj.dll

23:05:25.0680 4292 C:\Windows\System32\scrobj.dll - ok

23:05:25.0696 4292 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv

23:05:25.0696 4292 C:\Windows\SysWOW64\wdmaud.drv - ok

23:05:25.0696 4292 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll

23:05:25.0696 4292 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok

23:05:25.0696 4292 [ BB414F319A5893DBC2415467A8C84F54 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\goep_single.dll

23:05:25.0696 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\goep_single.dll - ok

23:05:25.0711 4292 [ 754A0C324ECA95AE4F708D01EF27060E ] C:\Windows\System32\wbem\wbemdisp.dll

23:05:25.0711 4292 C:\Windows\System32\wbem\wbemdisp.dll - ok

23:05:25.0711 4292 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll

23:05:25.0711 4292 C:\Windows\SysWOW64\ksuser.dll - ok

23:05:25.0711 4292 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl

23:05:25.0711 4292 C:\Windows\SysWOW64\bthprops.cpl - ok

23:05:25.0727 4292 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll

23:05:25.0727 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok

23:05:25.0727 4292 [ 43040C4872D5304FC5064BC899BB4824 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\OutLookLib.dll

23:05:25.0727 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\OutLookLib.dll - ok

23:05:25.0727 4292 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll

23:05:25.0727 4292 C:\Windows\SysWOW64\avrt.dll - ok

23:05:25.0742 4292 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv

23:05:25.0742 4292 C:\Windows\SysWOW64\msacm32.drv - ok

23:05:25.0742 4292 [ 1F1F60D2D5D29A8C342182EBB88E3B43 ] C:\Windows\SysWOW64\wbem\stdprov.dll

23:05:25.0742 4292 C:\Windows\SysWOW64\wbem\stdprov.dll - ok

23:05:25.0742 4292 [ EE8154A3BD590F6C8BE99ED479476AA6 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\L2capLib.dll

23:05:25.0742 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\L2capLib.dll - ok

23:05:25.0758 4292 [ B88E5340A5A50B53310B00DA455FB4FA ] C:\Windows\System32\wbem\stdprov.dll

23:05:25.0758 4292 C:\Windows\System32\wbem\stdprov.dll - ok

23:05:25.0758 4292 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll

23:05:25.0758 4292 C:\Windows\SysWOW64\midimap.dll - ok

23:05:25.0758 4292 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\SysWOW64\wbem\esscli.dll

23:05:25.0758 4292 C:\Windows\SysWOW64\wbem\esscli.dll - ok

23:05:25.0774 4292 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll

23:05:25.0774 4292 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok

23:05:25.0774 4292 [ D40265BA6C0E9BA140D959B2E722F4DE ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BTBIP.dll

23:05:25.0774 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BTBIP.dll - ok

23:05:25.0789 4292 [ C6FA91F031589194E4B8962144F7477B ] C:\Program Files (x86)\Atheros\Bluetooth Suite\RfcommLib.dll

23:05:25.0789 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\RfcommLib.dll - ok

23:05:25.0789 4292 [ F1288E4CE82EE9F3A00E164BDFA54130 ] C:\Windows\System32\hccutils.dll

23:05:25.0789 4292 C:\Windows\System32\hccutils.dll - ok

23:05:25.0789 4292 [ E184566DC48A1DFE1385BDD695AC94C9 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BPP.dll

23:05:25.0789 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BPP.dll - ok

23:05:25.0805 4292 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll

23:05:25.0805 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok

23:05:25.0805 4292 [ B7E073E3150FCF200A3B79C3401670B4 ] C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE

23:05:25.0805 4292 C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE - ok

23:05:25.0805 4292 [ 4EF23173A4A8696498CC3ECD5224D95B ] C:\Windows\System32\igfxrfin.lrc

23:05:25.0805 4292 C:\Windows\System32\igfxrfin.lrc - ok

23:05:25.0820 4292 [ 90EB93E8F55F1E945D80E48FC3FFAA64 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\goep_bpp.dll

23:05:25.0820 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\goep_bpp.dll - ok

23:05:25.0820 4292 [ 07ABB08CB77830C8141B8C2B563E5839 ] C:\Windows\SysWOW64\fi-FI\msctf.dll.mui

23:05:25.0820 4292 C:\Windows\SysWOW64\fi-FI\msctf.dll.mui - ok

23:05:25.0820 4292 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll

23:05:25.0820 4292 C:\Windows\System32\IccLibDll_x64.dll - ok

23:05:25.0836 4292 [ 2BCB4E625B003F46FD6269540971B2A6 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\Handsfree.dll

23:05:25.0836 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\Handsfree.dll - ok

23:05:25.0836 4292 [ DD599A4E9F018EDD646A3060B99092CB ] C:\Windows\System32\igfxress.dll

23:05:25.0836 4292 C:\Windows\System32\igfxress.dll - ok

23:05:25.0836 4292 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe

23:05:25.0836 4292 C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe - ok

23:05:25.0852 4292 [ BCB6F264380196DDD353044EF31DEB32 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtObexFt.dll

23:05:25.0852 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BtObexFt.dll - ok

23:05:25.0852 4292 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

23:05:25.0852 4292 C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe - ok

23:05:25.0867 4292 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll

23:05:25.0867 4292 C:\Windows\SysWOW64\oleaccrc.dll - ok

23:05:25.0867 4292 [ 7048B323E17D2D72862491BF9DB8FB23 ] C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe

23:05:25.0867 4292 C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe - ok

23:05:25.0867 4292 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll

23:05:25.0867 4292 C:\Windows\SysWOW64\wsock32.dll - ok

23:05:25.0883 4292 [ A4D07BCCCDF8211D4027E37A43E20163 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ee5c9facac5c7dbf9c4b1e160f76daae\System.Data.ni.dll

23:05:25.0883 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ee5c9facac5c7dbf9c4b1e160f76daae\System.Data.ni.dll - ok

23:05:25.0883 4292 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll

23:05:25.0883 4292 C:\Windows\AppPatch\AcLayers.dll - ok

23:05:25.0883 4292 [ 79A3B950988F8D2B81906D0C0473158B ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

23:05:25.0883 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - ok

23:05:25.0898 4292 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll

23:05:25.0898 4292 C:\Windows\System32\wsock32.dll - ok

23:05:25.0898 4292 [ 5AEBF6FA9805C9101220AA4FB4FA17E7 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

23:05:25.0898 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - ok

23:05:25.0898 4292 [ 11BDA32FAF4F7419674D918F772BCFA8 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtFileStore.dll

23:05:25.0898 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BtFileStore.dll - ok

23:05:25.0914 4292 [ 7EE22E13DEC8A6D18F4643C1EA34B0F0 ] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

23:05:25.0914 4292 C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe - ok

23:05:25.0914 4292 [ 40915E086AA86880D4391335E52B2770 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BTOBEXOP.dll

23:05:25.0914 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BTOBEXOP.dll - ok

23:05:25.0914 4292 [ 19E2D1C19C782E5BB8D8B0D7E0A70E00 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtFileStoreOpp.dll

23:05:25.0930 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BtFileStoreOpp.dll - ok

23:05:25.0930 4292 [ EE0F2731134ADAAD189912346309ADC8 ] C:\Program Files (x86)\ASUS\AsusVibe\AsusVibe2.0.exe

23:05:25.0930 4292 C:\Program Files (x86)\ASUS\AsusVibe\AsusVibe2.0.exe - ok

23:05:25.0930 4292 [ 9937B7B65B9036AA671F01ED240A55F6 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\goep.dll

23:05:25.0930 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\goep.dll - ok

23:05:25.0945 4292 [ FD22B00049F775E952371E9C3DAC631B ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

23:05:25.0945 4292 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ok

23:05:25.0945 4292 [ 6FAE6F9DA151E81A4D9D2C1E26DD5B19 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\ShellContextExt.dll

23:05:25.0945 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\ShellContextExt.dll - ok

23:05:25.0945 4292 [ FDDC4D6EC3B2BD3B5A04C22881305621 ] C:\Windows\SysWOW64\SFCOM.dll

23:05:25.0945 4292 C:\Windows\SysWOW64\SFCOM.dll - ok

23:05:25.0961 4292 [ 98D53BB2DB8E11762D30C3CF41FA140B ] C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

23:05:25.0961 4292 C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok

23:05:25.0961 4292 [ 55C4F3ECB21CADBE4F637F163F32878E ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

23:05:25.0961 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe - ok

23:05:25.0961 4292 [ 06B4C8D5D9708A7494AC7C02CD54650E ] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll

23:05:25.0961 4292 C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll - ok

23:05:25.0976 4292 [ 388CE212A119271EEA68F42712F3F64F ] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL

23:05:25.0976 4292 C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL - ok

23:05:25.0976 4292 [ E7C665D4AFAAB45A9086D02FFC87A4B4 ] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll

23:05:25.0976 4292 C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll - ok

23:05:25.0976 4292 [ F32077DF74EFD435A1DCDF415E189DF1 ] C:\Windows\SysWOW64\mfc100u.dll

23:05:25.0976 4292 C:\Windows\SysWOW64\mfc100u.dll - ok

23:05:25.0992 4292 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll

23:05:25.0992 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok

23:05:25.0992 4292 [ A63445AE437CDFE13570B8AEAE3514C3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll

23:05:25.0992 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll - ok

23:05:26.0008 4292 [ F908FE45F8FE9E0D4CBE65F9FF5DF6DA ] C:\Windows\SysWOW64\mfc100enu.dll

23:05:26.0008 4292 C:\Windows\SysWOW64\mfc100enu.dll - ok

23:05:26.0008 4292 [ 625D390D5CBA512166571019E5EFECFB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\98059f32b988a3e2d869e9b3bf56db17\System.Management.ni.dll

23:05:26.0008 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\98059f32b988a3e2d869e9b3bf56db17\System.Management.ni.dll - ok

23:05:26.0008 4292 [ 29BA3CF2D7133586F67D087C5E494E7D ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll

23:05:26.0008 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll - ok

23:05:26.0023 4292 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll

23:05:26.0023 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok

23:05:26.0023 4292 [ 35CAB7CF3754C41AEB69DCE1D5ACA5A4 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

23:05:26.0023 4292 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok

23:05:26.0023 4292 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe

23:05:26.0023 4292 C:\Windows\SysWOW64\svchost.exe - ok

23:05:26.0039 4292 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll

23:05:26.0039 4292 C:\Windows\System32\riched20.dll - ok

23:05:26.0039 4292 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll

23:05:26.0039 4292 C:\Windows\System32\wersvc.dll - ok

23:05:26.0054 4292 [ 5294F1E52525EF010BE226B33FA0A54E ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtCommonRes.dll

23:05:26.0054 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BtCommonRes.dll - ok

23:05:26.0054 4292 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll

23:05:26.0054 4292 C:\Windows\SysWOW64\wlanapi.dll - ok

23:05:26.0054 4292 [ BF61C836D7B7777D9DCC9CCFDD51C632 ] C:\Program Files\Elantech\ETDFavorite.dll

23:05:26.0054 4292 C:\Program Files\Elantech\ETDFavorite.dll - ok

23:05:26.0070 4292 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll

23:05:26.0070 4292 C:\Windows\SysWOW64\wlanutil.dll - ok

23:05:26.0070 4292 [ D59CD44D6884EF8A99165D4EAEFD7E81 ] C:\Program Files (x86)\ASUS\AsusVibe\GetMulStr.dll

23:05:26.0070 4292 C:\Program Files (x86)\ASUS\AsusVibe\GetMulStr.dll - ok

23:05:26.0070 4292 [ F37C25D20C143AB9A6DC55DAA68860C8 ] C:\Program Files (x86)\ASUS\AsusVibe\GetAsusInfomation.dll

23:05:26.0070 4292 C:\Program Files (x86)\ASUS\AsusVibe\GetAsusInfomation.dll - ok

23:05:26.0086 4292 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll

23:05:26.0086 4292 C:\Windows\System32\browcli.dll - ok

23:05:26.0086 4292 [ 9C54547ED89268B19B56DE6A4EAE8DD4 ] C:\Program Files\Elantech\ETDApix.dll

23:05:26.0086 4292 C:\Program Files\Elantech\ETDApix.dll - ok

23:05:26.0086 4292 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll

23:05:26.0086 4292 C:\Windows\SysWOW64\schedcli.dll - ok

23:05:26.0101 4292 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll

23:05:26.0101 4292 C:\Windows\System32\schedcli.dll - ok

23:05:26.0101 4292 [ B087EEA25747C87942DC37E426DD37C3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll

23:05:26.0101 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll - ok

23:05:26.0101 4292 [ 40B28FBD1E4DEF0910E2AC3EAE4D43CF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll

23:05:26.0101 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll - ok

23:05:26.0117 4292 [ 4C8F265167272218BC6CA426A35B6670 ] C:\Program Files\Elantech\ETDCmds.dll

23:05:26.0117 4292 C:\Program Files\Elantech\ETDCmds.dll - ok

23:05:26.0117 4292 [ 7A0289B48F7F96C6DF65CC3CA8E5B700 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll

23:05:26.0117 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll - ok

23:05:26.0117 4292 [ 972DCC74D4CDCB64086E7CFACBDB74CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll

23:05:26.0117 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok

23:05:26.0132 4292 [ F54D83E31EA5CA6CA6C30FEC7387EFDC ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll

23:05:26.0132 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll - ok

23:05:26.0132 4292 [ 458C9A3E593605136718EE74B46FB0FB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll

23:05:26.0132 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll - ok

23:05:26.0132 4292 [ 26B02AC4AC63504C2074A002F33AF76E ] C:\Program Files (x86)\ASUS\AsusVibe\GetSkin.dll

23:05:26.0132 4292 C:\Program Files (x86)\ASUS\AsusVibe\GetSkin.dll - ok

23:05:26.0148 4292 [ DCAAB58260F4EC2E29C3E714A269F150 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll

23:05:26.0148 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll - ok

23:05:26.0148 4292 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe

23:05:26.0148 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok

23:05:26.0164 4292 [ 0285194A134B44BA48F6129FFD6026A0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll

23:05:26.0164 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll - ok

23:05:26.0164 4292 [ 120BF3219210748556F90B39855A59D7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll

23:05:26.0164 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll - ok

23:05:26.0164 4292 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll

23:05:26.0164 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok

23:05:26.0179 4292 [ 967131647AFDC7B8CC072F74D0D4B281 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll

23:05:26.0179 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll - ok

23:05:26.0179 4292 [ A3C6D5CCCCFC5DE82517608A20DE919E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll

23:05:26.0179 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll - ok

23:05:26.0179 4292 [ B089F45B32537E6E07BB9BF72EFEE678 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\1035\cscompui.dll

23:05:26.0179 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\1035\cscompui.dll - ok

23:05:26.0195 4292 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll

23:05:26.0195 4292 C:\Windows\SysWOW64\security.dll - ok

23:05:26.0195 4292 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll

23:05:26.0195 4292 C:\Windows\System32\security.dll - ok

23:05:26.0195 4292 [ 131902B08B1528E68E4A3DC7F85645B8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll

23:05:26.0195 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll - ok

23:05:26.0210 4292 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll

23:05:26.0210 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok

23:05:26.0210 4292 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll

23:05:26.0210 4292 C:\Windows\SysWOW64\schannel.dll - ok

23:05:26.0210 4292 [ E7D6F0AFFB7833396B6EE75E2C06F5BB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll

23:05:26.0210 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll - ok

23:05:26.0226 4292 [ 373CA64063413D6E57A98B301ABA5172 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll

23:05:26.0226 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll - ok

23:05:26.0226 4292 [ 5259D6B68ABB8253792458FE94D9D006 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

23:05:26.0226 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll - ok

23:05:26.0242 4292 [ 5B3FA17E1CD6FBBDF41AC34DAEECC256 ] C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

23:05:26.0242 4292 C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok

23:05:26.0242 4292 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll

23:05:26.0242 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok

23:05:26.0242 4292 [ 8AFDF673724F41683EC8723B081E550F ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll

23:05:26.0242 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll - ok

23:05:26.0257 4292 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe

23:05:26.0257 4292 C:\Windows\SysWOW64\SearchIndexer.exe - ok

23:05:26.0257 4292 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll

23:05:26.0257 4292 C:\Windows\SysWOW64\stobject.dll - ok

23:05:26.0257 4292 [ B89CB7F3F1A1E2807E708F5435DEB13D ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\log4net.dll

23:05:26.0257 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\log4net.dll - ok

23:05:26.0273 4292 [ BCEE9B8CED1DDC83F9A8334075372D4C ] C:\Program Files\Elantech\ETDCtrlHelper.exe

23:05:26.0273 4292 C:\Program Files\Elantech\ETDCtrlHelper.exe - ok

23:05:26.0273 4292 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll

23:05:26.0273 4292 C:\Windows\System32\stobject.dll - ok

23:05:26.0273 4292 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll

23:05:26.0273 4292 C:\Windows\SysWOW64\batmeter.dll - ok

23:05:26.0288 4292 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

23:05:26.0288 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok

23:05:26.0288 4292 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll

23:05:26.0288 4292 C:\Windows\System32\batmeter.dll - ok

23:05:26.0288 4292 [ 89CC6A9F8FB804303817FFF01F93DAA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll

23:05:26.0288 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll - ok

23:05:26.0304 4292 [ 95BA11D12E661058560577BE37A2F6A9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll

23:05:26.0304 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll - ok

23:05:26.0304 4292 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll

23:05:26.0304 4292 C:\Windows\SysWOW64\tquery.dll - ok

23:05:26.0304 4292 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll

23:05:26.0304 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok

23:05:26.0320 4292 [ FEEFC81746B09B6B0DA7DF91CC7DEDE7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll

23:05:26.0320 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll - ok

23:05:26.0320 4292 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe

23:05:26.0320 4292 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok

23:05:26.0335 4292 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll

23:05:26.0335 4292 C:\Windows\SysWOW64\es.dll - ok

23:05:26.0335 4292 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe

23:05:26.0335 4292 C:\Windows\System32\consent.exe - ok

23:05:26.0335 4292 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll

23:05:26.0335 4292 C:\Windows\SysWOW64\mssprxy.dll - ok

23:05:26.0335 4292 [ DC1C451ABC7CECE60DC9AA677143133F ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\Interop.SIMPLEAESLib.dll

23:05:26.0335 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\Interop.SIMPLEAESLib.dll - ok

23:05:26.0351 4292 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe

23:05:26.0351 4292 C:\Windows\SysWOW64\rundll32.exe - ok

23:05:26.0351 4292 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll

23:05:26.0351 4292 C:\Windows\SysWOW64\wmsgapi.dll - ok

23:05:26.0366 4292 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll

23:05:26.0366 4292 C:\Windows\SysWOW64\msidle.dll - ok

23:05:26.0366 4292 [ 2D3EB97E1B7D010C490AF22B673AB1F1 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\Interop.SimpleAES64Lib.dll

23:05:26.0366 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\Interop.SimpleAES64Lib.dll - ok

23:05:26.0366 4292 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\SysWOW64\MsCtfMonitor.dll

23:05:26.0366 4292 C:\Windows\SysWOW64\MsCtfMonitor.dll - ok

23:05:26.0382 4292 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll

23:05:26.0382 4292 C:\Windows\System32\DXP.dll - ok

23:05:26.0382 4292 [ 2E7029E262A0E0425EB9D893A24BE031 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\SimpleAES64.dll

23:05:26.0382 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\SimpleAES64.dll - ok

23:05:26.0382 4292 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe

23:05:26.0382 4292 C:\Windows\System32\rundll32.exe - ok

23:05:26.0398 4292 [ EB16D072841C420A6CAEC03B74EECC65 ] C:\Windows\System32\fi-FI\consent.exe.mui

23:05:26.0398 4292 C:\Windows\System32\fi-FI\consent.exe.mui - ok

23:05:26.0398 4292 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll

23:05:26.0398 4292 C:\Windows\SysWOW64\mssrch.dll - ok

23:05:26.0398 4292 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll

23:05:26.0398 4292 C:\Windows\SysWOW64\prnfldr.dll - ok

23:05:26.0413 4292 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\SysWOW64\dxtrans.dll

23:05:26.0413 4292 C:\Windows\SysWOW64\dxtrans.dll - ok

23:05:26.0413 4292 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll

23:05:26.0413 4292 C:\Windows\System32\prnfldr.dll - ok

23:05:26.0413 4292 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll

23:05:26.0413 4292 C:\Windows\System32\dxtrans.dll - ok

23:05:26.0429 4292 [ 23077996053764833E2692582DB03CB1 ] C:\Windows\SysWOW64\fi-FI\SearchIndexer.exe.mui

23:05:26.0429 4292 C:\Windows\SysWOW64\fi-FI\SearchIndexer.exe.mui - ok

23:05:26.0429 4292 [ 68563AC389F92EE79F1C714288BA1DCE ] C:\Windows\SysWOW64\imgutil.dll

23:05:26.0429 4292 C:\Windows\SysWOW64\imgutil.dll - ok

23:05:26.0429 4292 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll

23:05:26.0429 4292 C:\Windows\SysWOW64\Syncreg.dll - ok

23:05:26.0444 4292 [ FD2031A7D5BBB95DC8A763D20B352A46 ] C:\Windows\System32\imgutil.dll

23:05:26.0444 4292 C:\Windows\System32\imgutil.dll - ok

23:05:26.0444 4292 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll

23:05:26.0444 4292 C:\Windows\SysWOW64\ddrawex.dll - ok

23:05:26.0444 4292 [ 383877B5EBFCA74323CCB1053E84AC8B ] C:\Windows\SysWOW64\KBDFI.DLL

23:05:26.0444 4292 C:\Windows\SysWOW64\KBDFI.DLL - ok

23:05:26.0460 4292 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll

23:05:26.0460 4292 C:\Windows\System32\Syncreg.dll - ok

23:05:26.0460 4292 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll

23:05:26.0460 4292 C:\Windows\ehome\ehSSO.dll - ok

23:05:26.0460 4292 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll

23:05:26.0460 4292 C:\Windows\System32\ddrawex.dll - ok

23:05:26.0476 4292 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll

23:05:26.0476 4292 C:\Windows\SysWOW64\ActionCenter.dll - ok

23:05:26.0476 4292 [ 04A8B2F67825380BC0C7C46D56776133 ] C:\Windows\SysWOW64\pngfilt.dll

23:05:26.0476 4292 C:\Windows\SysWOW64\pngfilt.dll - ok

23:05:26.0476 4292 [ 2F31597DA72FE328E1F7FEBF8548759C ] C:\Windows\System32\pngfilt.dll

23:05:26.0476 4292 C:\Windows\System32\pngfilt.dll - ok

23:05:26.0491 4292 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe

23:05:26.0491 4292 C:\Windows\SysWOW64\dllhost.exe - ok

23:05:26.0491 4292 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui

23:05:26.0491 4292 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok

23:05:26.0491 4292 [ A9C7F08C3DFD976746502CB598C8864F ] C:\Windows\SysWOW64\fi-FI\tquery.dll.mui

23:05:26.0491 4292 C:\Windows\SysWOW64\fi-FI\tquery.dll.mui - ok

23:05:26.0507 4292 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll

23:05:26.0507 4292 C:\Windows\System32\ActionCenter.dll - ok

23:05:26.0507 4292 [ B1D00F879817E58D51452ECA7EEF0B04 ] C:\Windows\SysWOW64\en-US\ESENT.dll.mui

23:05:26.0507 4292 C:\Windows\SysWOW64\en-US\ESENT.dll.mui - ok

23:05:26.0507 4292 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll

23:05:26.0507 4292 C:\Windows\SysWOW64\IDStore.dll - ok

23:05:26.0522 4292 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll

23:05:26.0522 4292 C:\Windows\SysWOW64\netshell.dll - ok

23:05:26.0522 4292 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll

23:05:26.0522 4292 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok

23:05:26.0522 4292 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll

23:05:26.0538 4292 C:\Windows\System32\WPDShServiceObj.dll - ok

23:05:26.0538 4292 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll

23:05:26.0538 4292 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok

23:05:26.0538 4292 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll

23:05:26.0538 4292 C:\Windows\System32\PortableDeviceTypes.dll - ok

23:05:26.0554 4292 [ 830B66240B5FAFC7E813A3FDCD7DF3E2 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\FileTransfer.dll

23:05:26.0554 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\FileTransfer.dll - ok

23:05:26.0554 4292 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll

23:05:26.0554 4292 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok

23:05:26.0554 4292 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll

23:05:26.0554 4292 C:\Windows\SysWOW64\vssapi.dll - ok

23:05:26.0569 4292 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll

23:05:26.0569 4292 C:\Windows\SysWOW64\AltTab.dll - ok

23:05:26.0569 4292 [ 703CA9A02124E0D377AECD0A0514D3D2 ] C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8a1a02152edb659b\ATL80.dll

23:05:26.0569 4292 C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8a1a02152edb659b\ATL80.dll - ok

23:05:26.0569 4292 [ 2B1B531A1F513FDA992F94577544F3AC ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fi_b77a5c561934e089\System.Windows.Forms.resources.dll

23:05:26.0569 4292 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fi_b77a5c561934e089\System.Windows.Forms.resources.dll - ok

23:05:26.0585 4292 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll

23:05:26.0585 4292 C:\Windows\SysWOW64\vsstrace.dll - ok

23:05:26.0585 4292 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll

23:05:26.0585 4292 C:\Windows\System32\AltTab.dll - ok

23:05:26.0585 4292 [ C2F51897E8BB86000E30575E25256878 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll

23:05:26.0585 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll - ok

23:05:26.0600 4292 [ 9291FD078D42F5B0DCD3CA8F19DDE276 ] C:\Windows\SysWOW64\fi-FI\vsstrace.dll.mui

23:05:26.0600 4292 C:\Windows\SysWOW64\fi-FI\vsstrace.dll.mui - ok

23:05:26.0600 4292 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll

23:05:26.0600 4292 C:\Windows\SysWOW64\pnidui.dll - ok

23:05:26.0600 4292 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe

23:05:26.0600 4292 C:\Windows\SysWOW64\SearchFilterHost.exe - ok

23:05:26.0616 4292 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll

23:05:26.0616 4292 C:\Windows\System32\pnidui.dll - ok

23:05:26.0616 4292 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL

23:05:26.0616 4292 C:\Windows\SysWOW64\QUTIL.DLL - ok

23:05:26.0616 4292 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL

23:05:26.0616 4292 C:\Windows\System32\QUTIL.DLL - ok

23:05:26.0632 4292 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll

23:05:26.0632 4292 C:\Windows\System32\FXSST.dll - ok

23:05:26.0632 4292 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll

23:05:26.0632 4292 C:\Windows\System32\tquery.dll - ok

23:05:26.0632 4292 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll

23:05:26.0632 4292 C:\Windows\SysWOW64\FXSAPI.dll - ok

23:05:26.0647 4292 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll

23:05:26.0647 4292 C:\Windows\System32\FXSAPI.dll - ok

23:05:26.0647 4292 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll

23:05:26.0647 4292 C:\Windows\System32\mssrch.dll - ok

23:05:26.0647 4292 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll

23:05:26.0647 4292 C:\Windows\System32\msidle.dll - ok

23:05:26.0663 4292 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll

23:05:26.0663 4292 C:\Windows\SysWOW64\srchadmin.dll - ok

23:05:26.0663 4292 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll

23:05:26.0663 4292 C:\Windows\System32\mssprxy.dll - ok

23:05:26.0663 4292 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll

23:05:26.0663 4292 C:\Windows\System32\srchadmin.dll - ok

23:05:26.0678 4292 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui

23:05:26.0678 4292 C:\Windows\System32\en-US\tquery.dll.mui - ok

23:05:26.0678 4292 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll

23:05:26.0678 4292 C:\Windows\SysWOW64\FXSRESM.dll - ok

23:05:26.0678 4292 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll

23:05:26.0678 4292 C:\Windows\System32\FXSRESM.dll - ok

23:05:26.0694 4292 [ A2E7C59B0FEC3535EE84954978EA35A6 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthCopyHook.dll

23:05:26.0694 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\AthCopyHook.dll - ok

23:05:26.0694 4292 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll

23:05:26.0694 4292 C:\Windows\SysWOW64\SyncCenter.dll - ok

23:05:26.0694 4292 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll

23:05:26.0694 4292 C:\Windows\System32\SyncCenter.dll - ok

23:05:26.0710 4292 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll

23:05:26.0710 4292 C:\Windows\SysWOW64\ncsi.dll - ok

23:05:26.0710 4292 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe

23:05:26.0710 4292 C:\Windows\System32\SearchProtocolHost.exe - ok

23:05:26.0710 4292 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\SysWOW64\webcheck.dll

23:05:26.0710 4292 C:\Windows\SysWOW64\webcheck.dll - ok

23:05:26.0725 4292 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll

23:05:26.0725 4292 C:\Windows\SysWOW64\msshooks.dll - ok

23:05:26.0725 4292 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll

23:05:26.0725 4292 C:\Windows\System32\webcheck.dll - ok

23:05:26.0725 4292 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll

23:05:26.0725 4292 C:\Windows\System32\msshooks.dll - ok

23:05:26.0741 4292 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe

23:05:26.0741 4292 C:\Windows\System32\SearchFilterHost.exe - ok

23:05:26.0741 4292 [ BFB8225B54B9DFB2B4A556546C47F59D ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll

23:05:26.0741 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll - ok

23:05:26.0756 4292 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll

23:05:26.0756 4292 C:\Windows\SysWOW64\mssph.dll - ok

23:05:26.0756 4292 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll

23:05:26.0756 4292 C:\Windows\System32\mssph.dll - ok

23:05:26.0756 4292 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll

23:05:26.0756 4292 C:\Windows\System32\ieframe.dll - ok

23:05:26.0772 4292 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll

23:05:26.0772 4292 C:\Windows\SysWOW64\mapi32.dll - ok

23:05:26.0772 4292 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll

23:05:26.0772 4292 C:\Windows\SysWOW64\mlang.dll - ok

23:05:26.0772 4292 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll

23:05:26.0772 4292 C:\Windows\System32\mapi32.dll - ok

23:05:26.0788 4292 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll

23:05:26.0788 4292 C:\Windows\System32\mlang.dll - ok

23:05:26.0788 4292 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll

23:05:26.0788 4292 C:\Windows\SysWOW64\authz.dll - ok

23:05:26.0788 4292 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll

23:05:26.0788 4292 C:\Windows\SysWOW64\npmproxy.dll - ok

23:05:26.0803 4292 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll

23:05:26.0803 4292 C:\Windows\SysWOW64\imapi2.dll - ok

23:05:26.0803 4292 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll

23:05:26.0803 4292 C:\Windows\System32\imapi2.dll - ok

23:05:26.0803 4292 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll

23:05:26.0803 4292 C:\Windows\SysWOW64\rasdlg.dll - ok

23:05:26.0819 4292 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll

23:05:26.0819 4292 C:\Windows\System32\rasdlg.dll - ok

23:05:26.0819 4292 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll

23:05:26.0819 4292 C:\Windows\SysWOW64\mprapi.dll - ok

23:05:26.0819 4292 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll

23:05:26.0819 4292 C:\Windows\SysWOW64\dot3api.dll - ok

23:05:26.0834 4292 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll

23:05:26.0834 4292 C:\Windows\System32\dot3api.dll - ok

23:05:26.0834 4292 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll

23:05:26.0834 4292 C:\Windows\SysWOW64\wlanhlp.dll - ok

23:05:26.0834 4292 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll

23:05:26.0834 4292 C:\Windows\System32\wlanhlp.dll - ok

23:05:26.0850 4292 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll

23:05:26.0850 4292 C:\Windows\System32\wlanapi.dll - ok

23:05:26.0850 4292 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll

23:05:26.0850 4292 C:\Windows\SysWOW64\hnetcfg.dll - ok

23:05:26.0850 4292 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll

23:05:26.0850 4292 C:\Windows\SysWOW64\WWanAPI.dll - ok

23:05:26.0866 4292 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll

23:05:26.0866 4292 C:\Windows\System32\WWanAPI.dll - ok

23:05:26.0866 4292 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll

23:05:26.0866 4292 C:\Windows\SysWOW64\wwapi.dll - ok

23:05:26.0866 4292 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll

23:05:26.0866 4292 C:\Windows\System32\wwapi.dll - ok

23:05:26.0881 4292 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL

23:05:26.0881 4292 C:\Windows\SysWOW64\QAGENT.DLL - ok

23:05:26.0881 4292 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL

23:05:26.0881 4292 C:\Windows\System32\QAGENT.DLL - ok

23:05:26.0881 4292 ============================================================

23:05:26.0881 4292 Scan finished

23:05:26.0881 4292 ============================================================

23:05:26.0897 2684 Detected object count: 0

23:05:26.0897 2684 Actual detected object count: 0

23:05:53.0152 1840 Deinitialize success

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2012-12-28 23:06:43

-----------------------------

23:06:43.732 OS Version: Windows x64 6.1.7601 Service Pack 1

23:06:43.732 Number of processors: 4 586 0x2A07

23:06:43.732 ComputerName: DONALD-PC UserName: Donald

23:06:45.152 Initialize success

23:08:00.081 AVAST engine defs: 12122800

23:09:17.683 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

23:09:17.683 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3

23:09:17.714 Disk 0 MBR read successfully

23:09:17.714 Disk 0 MBR scan

23:09:17.730 Disk 0 Windows 7 default MBR code

23:09:17.745 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22003 MB offset 63

23:09:17.761 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 454935 MB offset 45062328

23:09:17.776 Disk 0 scanning C:\Windows\system32\drivers

23:09:35.404 Service scanning

23:10:00.380 Modules scanning

23:10:00.396 Disk 0 trace - called modules:

23:10:00.427 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll

23:10:00.427 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800698e060]

23:10:00.427 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004abde40]

23:10:00.442 5 ACPI.sys[fffff88000f337a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004ac1050]

23:10:02.158 AVAST engine scan C:\Windows

23:10:08.071 AVAST engine scan C:\Windows\system32

23:14:01.073 AVAST engine scan C:\Windows\system32\drivers

23:14:15.830 AVAST engine scan C:\Users\Donald

23:14:37.296 AVAST engine scan C:\ProgramData

23:15:15.657 Scan finished successfully

23:17:48.599 Disk 0 MBR has been saved successfully to "C:\Users\Donald\Desktop\MBR.dat"

23:17:48.599 The log file has been saved successfully to "C:\Users\Donald\Desktop\aswMBR.txt"

Link to post
Share on other sites

  • Staff

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.

  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later

    [*]Please post the contents of OTL.txt in your next reply.

Gringo

Link to post
Share on other sites

OTL logfile created on: 29.12.2012 1:36:29 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Donald\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 68,01% Memory free

7,83 Gb Paging File | 6,30 Gb Available in Paging File | 80,44% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 444,27 Gb Total Space | 409,04 Gb Free Space | 92,07% Space Free | Partition Type: NTFS

Computer Name: DONALD-PC | User Name: Donald | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Donald\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)

PRC - C:\Windows\AsScrPro.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)

PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)

PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()

MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fi_b77a5c561934e089\mscorlib.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fi_31bf3856ad364e35\PresentationFramework.resources.dll ()

MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()

MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()

MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)

SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

SRV - (AtherosSvc) -- C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe (Atheros Commnucations)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)

SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)

DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)

DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)

DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)

DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)

DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)

DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)

DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)

DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)

DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )

DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()

DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)

DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox

IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com

IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT

IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\..\SearchScopes\{F1E95DB3-B78C-4A52-BA66-057CCE090B3C}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^FI&apn_uid=c8aaf38e-f8d5-4246-98e2-86f8aaba61a8&apn_sauid=49E1B8D5-254E-4025-B981-062BD15C9E42

IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

O1 HOSTS File: ([2012.12.28 20:55:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()

O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)

O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe (Atheros Communications)

O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd File not found

O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

O4 - HKLM..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)

O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()

O4 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)

O4 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 192.168.254.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BFECA8C-2C50-4D21-84A5-BC2F322CCCB6}: DhcpNameServer = 192.168.254.254 192.168.254.254

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.12.29 01:32:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Donald\Desktop\OTL.exe

[2012.12.28 22:55:51 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Donald\Desktop\aswMBR.exe

[2012.12.28 22:55:21 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Donald\Desktop\tdsskiller.exe

[2012.12.28 21:38:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2012.12.28 20:58:37 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2012.12.28 20:47:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2012.12.28 20:47:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2012.12.28 20:47:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2012.12.28 20:47:14 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012.12.28 20:47:01 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2012.12.28 20:44:32 | 005,014,093 | R--- | C] (Swearware) -- C:\Users\Donald\Desktop\ComboFix.exe

[2012.12.28 12:34:15 | 000,000,000 | ---D | C] -- C:\Users\Donald\Desktop\RK_Quarantine

[2012.12.27 21:41:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2012.12.27 20:30:28 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2012.12.22 14:43:47 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll

[2012.12.22 14:43:47 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll

[2012.12.22 14:43:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2012.12.22 14:43:46 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2012.12.15 13:22:52 | 000,000,000 | ---D | C] -- C:\files

[2012.12.14 14:50:50 | 000,000,000 | ---D | C] -- C:\downloads

[2012.12.14 07:21:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2012.12.14 03:21:14 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Malwarebytes

[2012.12.14 03:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.12.14 03:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.12.14 03:21:05 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.12.14 03:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.12.14 02:49:19 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys

[2012.12.14 02:49:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys

[2012.12.14 02:49:19 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll

[2012.12.14 02:49:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll

[2012.12.14 02:49:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe

[2012.12.14 02:49:18 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll

[2012.12.14 02:49:18 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe

[2012.12.14 02:49:18 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe

[2012.12.14 02:49:18 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe

[2012.12.14 02:49:18 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll

[2012.12.14 02:49:18 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll

[2012.12.14 02:49:18 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll

[2012.12.14 02:49:18 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll

[2012.12.14 02:49:18 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll

[2012.12.14 02:49:18 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe

[2012.12.14 02:49:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll

[2012.12.14 02:49:18 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll

[2012.12.14 02:49:18 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll

[2012.12.14 02:49:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll

[2012.12.14 02:49:18 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll

[2012.12.14 02:49:18 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll

[2012.12.14 02:49:18 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll

[2012.12.14 02:49:17 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll

[2012.12.14 02:49:17 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll

[2012.12.14 02:48:26 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll

[2012.12.14 02:48:26 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll

[2012.12.14 02:48:25 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys

[2012.12.14 02:48:19 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll

[2012.12.14 02:48:19 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll

[2012.12.14 02:48:09 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll

[2012.12.14 02:48:09 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll

[2012.12.14 02:48:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll

[2012.12.14 02:47:22 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe

[2012.12.14 02:47:12 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys

[2012.12.14 02:47:12 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll

[2012.12.14 02:47:12 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll

[2012.12.14 02:47:12 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll

[2012.12.14 02:47:11 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS

[2012.12.14 02:47:11 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll

[2012.12.14 02:47:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll

[2012.12.14 02:47:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll

[2012.12.14 01:50:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview

[2012.12.14 01:50:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders

[2012.12.14 01:38:36 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll

[2012.12.14 01:38:36 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll

[2012.12.14 01:38:32 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll

[2012.12.14 01:38:29 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll

[2012.12.14 01:38:25 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll

[2012.12.14 01:38:25 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll

[2012.12.14 01:38:22 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll

[2012.12.14 01:38:21 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll

[2012.12.14 01:38:21 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll

[2012.12.14 01:38:21 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll

[2012.12.14 01:38:20 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll

[2012.12.14 01:38:20 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll

[2012.12.14 01:38:20 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll

[2012.12.14 01:38:20 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe

[2012.12.14 01:38:20 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe

[2012.12.14 01:38:19 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll

[2012.12.14 01:38:19 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll

[2012.12.14 01:38:19 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe

[2012.12.14 01:38:19 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe

[2012.12.14 01:38:18 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll

[2012.12.14 01:38:18 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll

[2012.12.14 01:38:17 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll

[2012.12.14 01:38:17 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll

[2012.12.14 01:38:17 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll

[2012.12.14 01:38:17 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll

[2012.12.14 01:38:17 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll

[2012.12.14 01:38:16 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll

[2012.12.14 01:38:16 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll

[2012.12.14 01:38:16 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NaturalLanguage6.dll

[2012.12.14 01:38:15 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll

[2012.12.14 01:38:15 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll

[2012.12.14 01:38:15 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll

[2012.12.14 01:38:14 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL

[2012.12.14 01:38:14 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe

[2012.12.14 01:38:14 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll

[2012.12.14 01:38:14 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll

[2012.12.14 01:38:13 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe

[2012.12.14 01:38:13 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll

[2012.12.14 01:38:13 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL

[2012.12.14 01:38:13 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe

[2012.12.14 01:38:13 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe

[2012.12.14 01:38:13 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe

[2012.12.14 01:38:13 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpdd.dll

[2012.12.14 01:38:12 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll

[2012.12.14 01:38:12 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll

[2012.12.14 01:38:12 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll

[2012.12.14 01:38:11 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthFWSnapin.dll

[2012.12.14 01:38:11 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuthFWSnapin.dll

[2012.12.14 01:38:11 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll

[2012.12.14 01:38:11 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll

[2012.12.14 01:38:09 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll

[2012.12.14 01:38:09 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll

[2012.12.14 01:38:08 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll

[2012.12.14 01:38:07 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll

[2012.12.14 01:38:07 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll

[2012.12.14 01:38:06 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll

[2012.12.14 01:38:06 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll

[2012.12.14 01:38:06 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll

[2012.12.14 01:38:06 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll

[2012.12.14 01:38:05 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll

[2012.12.14 01:38:05 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werconcpl.dll

[2012.12.14 01:38:05 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll

[2012.12.14 01:38:05 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe

[2012.12.14 01:38:04 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll

[2012.12.14 01:38:04 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll

[2012.12.14 01:38:03 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll

[2012.12.14 01:38:03 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll

[2012.12.14 01:38:03 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll

[2012.12.14 01:38:03 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll

[2012.12.14 01:38:03 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll

[2012.12.14 01:38:03 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll

[2012.12.14 01:38:02 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll

[2012.12.14 01:38:02 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll

[2012.12.14 01:38:02 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll

[2012.12.14 01:38:02 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll

[2012.12.14 01:38:02 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll

[2012.12.14 01:38:02 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll

[2012.12.14 01:38:01 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll

[2012.12.14 01:38:01 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll

[2012.12.14 01:38:01 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll

[2012.12.14 01:38:01 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll

[2012.12.14 01:38:01 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll

[2012.12.14 01:38:01 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll

[2012.12.14 01:38:01 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll

[2012.12.14 01:38:01 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe

[2012.12.14 01:38:01 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.exe

[2012.12.14 01:38:01 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll

[2012.12.14 01:38:01 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll

[2012.12.14 01:38:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmonui.dll

[2012.12.14 01:38:00 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll

[2012.12.14 01:38:00 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll

[2012.12.14 01:38:00 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll

[2012.12.14 01:38:00 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll

[2012.12.14 01:38:00 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll

[2012.12.14 01:38:00 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENT.DLL

[2012.12.14 01:38:00 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3api.dll

[2012.12.14 01:37:59 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll

[2012.12.14 01:37:59 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Vault.dll

[2012.12.14 01:37:59 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll

[2012.12.14 01:37:59 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe

[2012.12.14 01:37:59 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmd.exe

[2012.12.14 01:37:59 | 000,281,600 | ---- | C] (Microsoft) -- C:\Windows\SysNative\DShowRdpFilter.dll

[2012.12.14 01:37:58 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL

[2012.12.14 01:37:58 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll

[2012.12.14 01:37:58 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll

[2012.12.14 01:37:57 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll

[2012.12.14 01:37:57 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll

[2012.12.14 01:37:57 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll

[2012.12.14 01:37:57 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll

[2012.12.14 01:37:57 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxs.dll

[2012.12.14 01:37:57 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll

[2012.12.14 01:37:57 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll

[2012.12.14 01:37:57 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll

[2012.12.14 01:37:57 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcbuilder.exe

[2012.12.14 01:37:57 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\DShowRdpFilter.dll

[2012.12.14 01:37:57 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgprint.dll

[2012.12.14 01:37:57 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll

[2012.12.14 01:37:56 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll

[2012.12.14 01:37:56 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll

[2012.12.14 01:37:56 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll

[2012.12.14 01:37:56 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll

[2012.12.14 01:37:55 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll

[2012.12.14 01:37:55 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll

[2012.12.14 01:37:55 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll

[2012.12.14 01:37:55 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll

[2012.12.14 01:37:55 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe

[2012.12.14 01:37:55 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll

[2012.12.14 01:37:55 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mcbuilder.exe

[2012.12.14 01:37:55 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prncache.dll

[2012.12.14 01:37:55 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3api.dll

[2012.12.14 01:37:54 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll

[2012.12.14 01:37:54 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll

[2012.12.14 01:37:54 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll

[2012.12.14 01:37:54 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll

[2012.12.14 01:37:54 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll

[2012.12.14 01:37:54 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll

[2012.12.14 01:37:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll

[2012.12.14 01:37:53 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll

[2012.12.14 01:37:53 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll

[2012.12.14 01:37:53 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll

[2012.12.14 01:37:53 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll

[2012.12.14 01:37:53 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll

[2012.12.14 01:37:53 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll

[2012.12.14 01:37:53 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll

[2012.12.14 01:37:53 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll

[2012.12.14 01:37:53 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.exe

[2012.12.14 01:37:53 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll

[2012.12.14 01:37:53 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll

[2012.12.14 01:37:52 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll

[2012.12.14 01:37:52 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll

[2012.12.14 01:37:52 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll

[2012.12.14 01:37:52 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fde.dll

[2012.12.14 01:37:51 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll

[2012.12.14 01:37:51 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localsec.dll

[2012.12.14 01:37:51 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll

[2012.12.14 01:37:51 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll

[2012.12.14 01:37:51 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netdiagfx.dll

[2012.12.14 01:37:51 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll

[2012.12.14 01:37:51 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll

[2012.12.14 01:37:51 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll

[2012.12.14 01:37:51 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll

[2012.12.14 01:37:51 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll

[2012.12.14 01:37:51 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSHVHOST.DLL

[2012.12.14 01:37:51 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll

[2012.12.14 01:37:51 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll

[2012.12.14 01:37:51 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netid.dll

[2012.12.14 01:37:51 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll

[2012.12.14 01:37:51 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll

[2012.12.14 01:37:50 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll

[2012.12.14 01:37:50 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll

[2012.12.14 01:37:50 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll

[2012.12.14 01:37:50 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspbda.dll

[2012.12.14 01:37:50 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\biocpl.dll

[2012.12.14 01:37:50 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe

[2012.12.14 01:37:50 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll

[2012.12.14 01:37:49 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll

[2012.12.14 01:37:49 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr

[2012.12.14 01:37:49 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe

[2012.12.14 01:37:49 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL

[2012.12.14 01:37:49 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitagent.exe

[2012.12.14 01:37:48 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallControlPanel.dll

[2012.12.14 01:37:48 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll

[2012.12.14 01:37:48 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll

[2012.12.14 01:37:48 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv

[2012.12.14 01:37:48 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe

[2012.12.14 01:37:48 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll

[2012.12.14 01:37:48 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll

[2012.12.14 01:37:48 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe

[2012.12.14 01:37:48 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll

[2012.12.14 01:37:48 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll

[2012.12.14 01:37:48 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe

[2012.12.14 01:37:48 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll

[2012.12.14 01:37:47 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll

[2012.12.14 01:37:47 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll

[2012.12.14 01:37:47 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\calc.exe

[2012.12.14 01:37:47 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll

[2012.12.14 01:37:47 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXP.dll

[2012.12.14 01:37:47 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll

[2012.12.14 01:37:47 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll

[2012.12.14 01:37:47 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll

[2012.12.14 01:37:47 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll

[2012.12.14 01:37:47 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetapi.dll

[2012.12.14 01:37:46 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll

[2012.12.14 01:37:46 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll

[2012.12.14 01:37:46 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl

[2012.12.14 01:37:46 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll

[2012.12.14 01:37:46 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll

[2012.12.14 01:37:46 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll

[2012.12.14 01:37:46 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll

[2012.12.14 01:37:46 | 000,128,000 | ---- | C] (Microsoft) -- C:\Windows\SysNative\Robocopy.exe

[2012.12.14 01:37:46 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thumbcache.dll

[2012.12.14 01:37:46 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys

[2012.12.14 01:37:45 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll

[2012.12.14 01:37:45 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DxpTaskSync.dll

[2012.12.14 01:37:45 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL

[2012.12.14 01:37:45 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll

[2012.12.14 01:37:45 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll

[2012.12.14 01:37:45 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll

[2012.12.14 01:37:45 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys

[2012.12.14 01:37:45 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll

[2012.12.14 01:37:45 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prncache.dll

[2012.12.14 01:37:45 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll

[2012.12.14 01:37:44 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll

[2012.12.14 01:37:44 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXPTaskRingtone.dll

[2012.12.14 01:37:44 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll

[2012.12.14 01:37:44 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll

[2012.12.14 01:37:43 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll

[2012.12.14 01:37:43 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll

[2012.12.14 01:37:43 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll

[2012.12.14 01:37:43 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll

[2012.12.14 01:37:43 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll

[2012.12.14 01:37:43 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\net1.exe

[2012.12.14 01:37:43 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll

[2012.12.14 01:37:42 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll

[2012.12.14 01:37:42 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdengin2.dll

[2012.12.14 01:37:42 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll

[2012.12.14 01:37:42 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll

[2012.12.14 01:37:42 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiadefui.dll

[2012.12.14 01:37:42 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll

[2012.12.14 01:37:42 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe

[2012.12.14 01:37:42 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll

[2012.12.14 01:37:42 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll

[2012.12.14 01:37:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samcli.dll

[2012.12.14 01:37:42 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll

[2012.12.14 01:37:41 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll

[2012.12.14 01:37:41 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll

[2012.12.14 01:37:41 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll

[2012.12.14 01:37:41 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll

[2012.12.14 01:37:41 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll

[2012.12.14 01:37:41 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netdiagfx.dll

[2012.12.14 01:37:41 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSHVHOST.DLL

[2012.12.14 01:37:41 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fde.dll

[2012.12.14 01:37:41 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe

[2012.12.14 01:37:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll

[2012.12.14 01:37:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QUTIL.DLL

[2012.12.14 01:37:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcl.exe

[2012.12.14 01:37:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe

[2012.12.14 01:37:40 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl

[2012.12.14 01:37:40 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TabletPC.cpl

[2012.12.14 01:37:40 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll

[2012.12.14 01:37:40 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll

[2012.12.14 01:37:40 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msconfig.exe

[2012.12.14 01:37:40 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll

[2012.12.14 01:37:40 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll

[2012.12.14 01:37:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll

[2012.12.14 01:37:39 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL

[2012.12.14 01:37:39 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll

[2012.12.14 01:37:39 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll

[2012.12.14 01:37:39 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll

[2012.12.14 01:37:39 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll

[2012.12.14 01:37:39 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdeploy.dll

[2012.12.14 01:37:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsmproxy.dll

[2012.12.14 01:37:38 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll

[2012.12.14 01:37:38 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll

[2012.12.14 01:37:38 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXPTaskRingtone.dll

[2012.12.14 01:37:38 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll

[2012.12.14 01:37:38 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll

[2012.12.14 01:37:37 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsCpl.dll

[2012.12.14 01:37:37 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll

[2012.12.14 01:37:37 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll

[2012.12.14 01:37:37 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Narrator.exe

[2012.12.14 01:37:37 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe

[2012.12.14 01:37:37 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe

[2012.12.14 01:37:37 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll

[2012.12.14 01:37:37 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe

[2012.12.14 01:37:37 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sharemediacpl.dll

[2012.12.14 01:37:37 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll

[2012.12.14 01:37:37 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll

[2012.12.14 01:37:37 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netjoin.dll

[2012.12.14 01:37:37 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoncli.dll

[2012.12.14 01:37:37 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll

[2012.12.14 01:37:37 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nci.dll

[2012.12.14 01:37:37 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll

[2012.12.14 01:37:37 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RpcRtRemote.dll

[2012.12.14 01:37:36 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe

[2012.12.14 01:37:36 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe

[2012.12.14 01:37:36 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe

[2012.12.14 01:37:36 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe

[2012.12.14 01:37:36 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll

[2012.12.14 01:37:36 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshipsec.dll

[2012.12.14 01:37:36 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll

[2012.12.14 01:37:36 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe

[2012.12.14 01:37:36 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll

[2012.12.14 01:37:36 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll

[2012.12.14 01:37:36 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll

[2012.12.14 01:37:36 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll

[2012.12.14 01:37:36 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe

[2012.12.14 01:37:36 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll

[2012.12.14 01:37:36 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll

[2012.12.14 01:37:36 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll

[2012.12.14 01:37:36 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnikeapi.dll

[2012.12.14 01:37:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\proquota.exe

[2012.12.14 01:37:35 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe

[2012.12.14 01:37:35 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll

[2012.12.14 01:37:35 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll

[2012.12.14 01:37:35 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll

[2012.12.14 01:37:35 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll

[2012.12.14 01:37:35 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll

[2012.12.14 01:37:35 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll

[2012.12.14 01:37:35 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe

[2012.12.14 01:37:35 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll

[2012.12.14 01:37:33 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl

[2012.12.14 01:37:33 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll

[2012.12.14 01:37:33 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll

[2012.12.14 01:37:33 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll

[2012.12.14 01:37:33 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll

[2012.12.14 01:37:33 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys

[2012.12.14 01:37:33 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prntvpt.dll

[2012.12.14 01:37:33 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll

[2012.12.14 01:37:33 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll

[2012.12.14 01:37:32 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll

[2012.12.14 01:37:32 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll

[2012.12.14 01:37:32 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll

[2012.12.14 01:37:32 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll

[2012.12.14 01:37:32 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll

[2012.12.14 01:37:32 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll

[2012.12.14 01:37:32 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll

[2012.12.14 01:37:32 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QAGENT.DLL

[2012.12.14 01:37:32 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netid.dll

[2012.12.14 01:37:32 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys

[2012.12.14 01:37:31 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe

[2012.12.14 01:37:31 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll

[2012.12.14 01:37:31 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll

[2012.12.14 01:37:31 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll

[2012.12.14 01:37:31 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpsrcwp.dll

[2012.12.14 01:37:30 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bootres.dll

[2012.12.14 01:37:30 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll

[2012.12.14 01:37:30 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DiagCpl.dll

[2012.12.14 01:37:30 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll

[2012.12.14 01:37:30 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll

[2012.12.14 01:37:30 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll

[2012.12.14 01:37:30 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\Robocopy.exe

[2012.12.14 01:37:30 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSTPager.ax

[2012.12.14 01:37:30 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nci.dll

[2012.12.14 01:37:30 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll

[2012.12.14 01:37:29 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DxpTaskSync.dll

[2012.12.14 01:37:29 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll

[2012.12.14 01:37:29 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll

[2012.12.14 01:37:29 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax

[2012.12.14 01:37:29 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe

[2012.12.14 01:37:29 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll

[2012.12.14 01:37:29 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll

[2012.12.14 01:37:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll

[2012.12.14 01:37:28 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll

[2012.12.14 01:37:28 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll

[2012.12.14 01:37:28 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll

[2012.12.14 01:37:27 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnfldr.dll

[2012.12.14 01:37:27 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\termmgr.dll

[2012.12.14 01:37:27 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll

[2012.12.14 01:37:27 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll

[2012.12.14 01:37:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe

[2012.12.14 01:37:27 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe

[2012.12.14 01:37:27 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll

[2012.12.14 01:37:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll

[2012.12.14 01:37:27 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll

[2012.12.14 01:37:27 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll

[2012.12.14 01:37:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\proquota.exe

[2012.12.14 01:37:27 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\userinit.exe

[2012.12.14 01:37:26 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll

[2012.12.14 01:37:26 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiadefui.dll

[2012.12.14 01:37:26 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll

[2012.12.14 01:37:26 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL

[2012.12.14 01:37:26 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll

[2012.12.14 01:37:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll

[2012.12.14 01:37:26 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys

[2012.12.14 01:37:26 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll

[2012.12.14 01:37:26 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logoncli.dll

[2012.12.14 01:37:26 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll

[2012.12.14 01:37:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userinit.exe

[2012.12.14 01:37:25 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll

[2012.12.14 01:37:25 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll

[2012.12.14 01:37:25 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll

[2012.12.14 01:37:25 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl

[2012.12.14 01:37:25 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr

[2012.12.14 01:37:25 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll

[2012.12.14 01:37:25 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe

[2012.12.14 01:37:25 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll

[2012.12.14 01:37:25 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\defaultlocationcpl.dll

[2012.12.14 01:37:25 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL

[2012.12.14 01:37:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll

[2012.12.14 01:37:24 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll

[2012.12.14 01:37:24 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll

[2012.12.14 01:37:23 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll

[2012.12.14 01:37:23 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll

[2012.12.14 01:37:23 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll

[2012.12.14 01:37:23 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll

[2012.12.14 01:37:23 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll

[2012.12.14 01:37:23 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll

[2012.12.14 01:37:23 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localsec.dll

[2012.12.14 01:37:23 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll

[2012.12.14 01:37:23 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll

[2012.12.14 01:37:23 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OnLineIDCpl.dll

[2012.12.14 01:37:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll

[2012.12.14 01:37:23 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll

[2012.12.14 01:37:22 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll

[2012.12.14 01:37:22 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll

[2012.12.14 01:37:22 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll

[2012.12.14 01:37:22 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll

[2012.12.14 01:37:22 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll

[2012.12.14 01:37:22 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll

[2012.12.14 01:37:22 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll

[2012.12.14 01:37:22 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\intl.cpl

[2012.12.14 01:37:22 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twext.dll

[2012.12.14 01:37:22 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prntvpt.dll

[2012.12.14 01:37:21 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll

[2012.12.14 01:37:21 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OobeFldr.dll

[2012.12.14 01:37:21 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsuiext.dll

[2012.12.14 01:37:21 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroleui.dll

[2012.12.14 01:37:21 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizeng.dll

[2012.12.14 01:37:21 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe

[2012.12.14 01:37:21 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll

[2012.12.14 01:37:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe

[2012.12.14 01:37:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroleui.dll

[2012.12.14 01:37:21 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxlib.dll

[2012.12.14 01:37:21 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recovery.dll

[2012.12.14 01:37:21 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cca.dll

[2012.12.14 01:37:21 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\isoburn.exe

[2012.12.14 01:37:21 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe

[2012.12.14 01:37:21 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sisbkup.dll

[2012.12.14 01:37:20 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll

[2012.12.14 01:37:20 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdcpl.dll

[2012.12.14 01:37:20 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl

[2012.12.14 01:37:20 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl

[2012.12.14 01:37:20 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shwebsvc.dll

[2012.12.14 01:37:20 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll

[2012.12.14 01:37:20 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efscore.dll

[2012.12.14 01:37:20 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recdisc.exe

[2012.12.14 01:37:20 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL

[2012.12.14 01:37:20 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syncui.dll

[2012.12.14 01:37:20 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VBICodec.ax

[2012.12.14 01:37:20 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll

[2012.12.14 01:37:20 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldp.dll

[2012.12.14 01:37:20 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netjoin.dll

[2012.12.14 01:37:20 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll

[2012.12.14 01:37:20 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll

[2012.12.14 01:37:20 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzutil.exe

[2012.12.14 01:37:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll

[2012.12.14 01:37:19 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll

[2012.12.14 01:37:19 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll

[2012.12.14 01:37:19 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll

[2012.12.14 01:37:19 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll

[2012.12.14 01:37:19 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll

[2012.12.14 01:37:19 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe

[2012.12.14 01:37:19 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll

[2012.12.14 01:37:19 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll

[2012.12.14 01:37:19 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll

[2012.12.14 01:37:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll

[2012.12.14 01:37:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksxbar.ax

[2012.12.14 01:37:18 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll

[2012.12.14 01:37:18 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll

[2012.12.14 01:37:18 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx

[2012.12.14 01:37:18 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizeng.dll

[2012.12.14 01:37:18 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termmgr.dll

[2012.12.14 01:37:18 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnfldr.dll

[2012.12.14 01:37:18 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx

[2012.12.14 01:37:18 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll

[2012.12.14 01:37:18 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll

[2012.12.14 01:37:18 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll

[2012.12.14 01:37:18 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll

[2012.12.14 01:37:18 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OnLineIDCpl.dll

[2012.12.14 01:37:18 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll

[2012.12.14 01:37:17 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl

[2012.12.14 01:37:17 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll

[2012.12.14 01:37:17 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlcese30.dll

[2012.12.14 01:37:17 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll

[2012.12.14 01:37:17 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl

[2012.12.14 01:37:17 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll

[2012.12.14 01:37:17 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll

[2012.12.14 01:37:17 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe

[2012.12.14 01:37:17 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll

[2012.12.14 01:37:17 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\defaultlocationcpl.dll

[2012.12.14 01:37:17 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\efscore.dll

[2012.12.14 01:37:17 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll

[2012.12.14 01:37:17 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll

[2012.12.14 01:37:17 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntlanman.dll

[2012.12.14 01:37:17 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll

[2012.12.14 01:37:17 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpd3d.dll

[2012.12.14 01:37:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll

[2012.12.14 01:37:17 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe

[2012.12.14 01:37:17 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sisbkup.dll

[2012.12.14 01:37:16 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll

[2012.12.14 01:37:16 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll

[2012.12.14 01:37:16 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll

[2012.12.14 01:37:16 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll

[2012.12.14 01:37:16 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ssText3d.scr

[2012.12.14 01:37:16 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp

[2012.12.14 01:37:16 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iTVData.dll

[2012.12.14 01:37:16 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syncui.dll

[2012.12.14 01:37:16 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll

[2012.12.14 01:37:16 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvcli.dll

[2012.12.14 01:37:16 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountControlSettings.dll

[2012.12.14 01:37:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll

[2012.12.14 01:37:15 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll

[2012.12.14 01:37:15 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll

[2012.12.14 01:37:15 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll

[2012.12.14 01:37:15 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll

[2012.12.14 01:37:15 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll

[2012.12.14 01:37:15 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll

[2012.12.14 01:37:15 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srrstr.dll

[2012.12.14 01:37:15 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe

[2012.12.14 01:37:15 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wavemsp.dll

[2012.12.14 01:37:15 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll

[2012.12.14 01:37:15 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquoui.dll

[2012.12.14 01:37:15 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdboot.exe

[2012.12.14 01:37:15 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl

[2012.12.14 01:37:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll

[2012.12.14 01:37:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPHLPR.DLL

[2012.12.14 01:37:15 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nslookup.exe

[2012.12.14 01:37:15 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSTPager.ax

[2012.12.14 01:37:15 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acppage.dll

[2012.12.14 01:37:14 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll

Link to post
Share on other sites

[2012.12.14 01:37:14 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll

[2012.12.14 01:37:14 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpx.dll

[2012.12.14 01:37:14 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.dll

[2012.12.14 01:37:14 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax

[2012.12.14 01:37:14 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpsrcwp.dll

[2012.12.14 01:37:14 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll

[2012.12.14 01:37:14 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPHLPR.DLL

[2012.12.14 01:37:14 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll

[2012.12.14 01:37:14 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll

[2012.12.14 01:37:14 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabinet.dll

[2012.12.14 01:37:14 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll

[2012.12.14 01:37:13 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfrgui.exe

[2012.12.14 01:37:13 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshipsec.dll

[2012.12.14 01:37:13 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\remotepg.dll

[2012.12.14 01:37:13 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kstvtune.ax

[2012.12.14 01:37:13 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\isoburn.exe

[2012.12.14 01:37:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wkscli.dll

[2012.12.14 01:37:13 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll

[2012.12.14 01:37:12 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll

[2012.12.14 01:37:12 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll

[2012.12.14 01:37:12 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll

[2012.12.14 01:37:12 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3ui.dll

[2012.12.14 01:37:12 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll

[2012.12.14 01:37:12 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wavemsp.dll

[2012.12.14 01:37:12 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll

[2012.12.14 01:37:12 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll

[2012.12.14 01:37:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\net1.exe

[2012.12.14 01:37:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll

[2012.12.14 01:37:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe

[2012.12.14 01:37:11 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll

[2012.12.14 01:37:11 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsuiext.dll

[2012.12.14 01:37:11 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll

[2012.12.14 01:37:11 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll

[2012.12.14 01:37:11 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe

[2012.12.14 01:37:11 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll

[2012.12.14 01:37:11 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll

[2012.12.14 01:37:11 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsqmcons.exe

[2012.12.14 01:37:11 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp

[2012.12.14 01:37:11 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys

[2012.12.14 01:37:11 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PkgMgr.exe

[2012.12.14 01:37:11 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstask.dll

[2012.12.14 01:37:11 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll

[2012.12.14 01:37:11 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe

[2012.12.14 01:37:11 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twext.dll

[2012.12.14 01:37:11 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzutil.exe

[2012.12.14 01:37:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe

[2012.12.14 01:37:10 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll

[2012.12.14 01:37:10 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Bubbles.scr

[2012.12.14 01:37:10 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcap.dll

[2012.12.14 01:37:10 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupugc.exe

[2012.12.14 01:37:10 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll

[2012.12.14 01:37:10 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll

[2012.12.14 01:37:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdmat.dll

[2012.12.14 01:37:10 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll

[2012.12.14 01:37:09 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll

[2012.12.14 01:37:09 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\main.cpl

[2012.12.14 01:37:09 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe

[2012.12.14 01:37:09 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssText3d.scr

[2012.12.14 01:37:09 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mystify.scr

[2012.12.14 01:37:09 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Ribbons.scr

[2012.12.14 01:37:09 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll

[2012.12.14 01:37:09 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll

[2012.12.14 01:37:09 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll

[2012.12.14 01:37:09 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll

[2012.12.14 01:37:09 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uxlib.dll

[2012.12.14 01:37:09 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe

[2012.12.14 01:37:09 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll

[2012.12.14 01:37:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll

[2012.12.14 01:37:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\muifontsetup.dll

[2012.12.14 01:37:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll

[2012.12.14 01:37:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe

[2012.12.14 01:37:08 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll

[2012.12.14 01:37:08 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingFolder.dll

[2012.12.14 01:37:08 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfmon.exe

[2012.12.14 01:37:08 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll

[2012.12.14 01:37:07 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll

[2012.12.14 01:37:07 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll

[2012.12.14 01:37:07 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimserv.exe

[2012.12.14 01:37:07 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe

[2012.12.14 01:37:07 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll

[2012.12.14 01:37:07 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll

[2012.12.14 01:37:07 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll

[2012.12.14 01:37:07 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll

[2012.12.14 01:37:07 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umb.dll

[2012.12.14 01:37:07 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPCRYPT.DLL

[2012.12.14 01:37:07 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\acppage.dll

[2012.12.14 01:37:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AzSqlExt.dll

[2012.12.14 01:37:07 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netutils.dll

[2012.12.14 01:37:06 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL

[2012.12.14 01:37:06 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll

[2012.12.14 01:37:06 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll

[2012.12.14 01:37:06 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll

[2012.12.14 01:37:06 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll

[2012.12.14 01:37:06 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll

[2012.12.14 01:37:06 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll

[2012.12.14 01:37:06 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetapi.dll

[2012.12.14 01:37:06 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfmon.exe

[2012.12.14 01:37:06 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\remotepg.dll

[2012.12.14 01:37:06 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MdSched.exe

[2012.12.14 01:37:06 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiavideo.dll

[2012.12.14 01:37:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QUTIL.DLL

[2012.12.14 01:37:06 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountControlSettings.dll

[2012.12.14 01:37:06 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe

[2012.12.14 01:37:06 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\runonce.exe

[2012.12.14 01:37:06 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPCRYPT.DLL

[2012.12.14 01:37:06 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syssetup.dll

[2012.12.14 01:37:05 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onexui.dll

[2012.12.14 01:37:05 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL

[2012.12.14 01:37:05 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe

[2012.12.14 01:37:05 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll

[2012.12.14 01:37:05 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll

[2012.12.14 01:37:05 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsadmin.exe

[2012.12.14 01:37:05 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iTVData.dll

[2012.12.14 01:37:05 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll

[2012.12.14 01:37:05 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll

[2012.12.14 01:37:05 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll

[2012.12.14 01:37:05 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll

[2012.12.14 01:37:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsbas.dll

[2012.12.14 01:37:05 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys

[2012.12.14 01:37:05 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax

[2012.12.14 01:37:05 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe

[2012.12.14 01:37:05 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\runonce.exe

[2012.12.14 01:37:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintIsolationProxy.dll

[2012.12.14 01:37:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vpnikeapi.dll

[2012.12.14 01:37:04 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL

[2012.12.14 01:37:04 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll

[2012.12.14 01:37:04 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll

[2012.12.14 01:37:04 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll

[2012.12.14 01:37:04 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll

[2012.12.14 01:37:04 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll

[2012.12.14 01:37:04 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsadmin.exe

[2012.12.14 01:37:04 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qcap.dll

[2012.12.14 01:37:04 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll

[2012.12.14 01:37:04 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSVRMGMT.DLL

[2012.12.14 01:37:04 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll

[2012.12.14 01:37:04 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shacct.dll

[2012.12.14 01:37:04 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll

[2012.12.14 01:37:04 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe

[2012.12.14 01:37:04 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll

[2012.12.14 01:37:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tabcal.exe

[2012.12.14 01:37:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll

[2012.12.14 01:37:04 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdmat.dll

[2012.12.14 01:37:04 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll

[2012.12.14 01:37:04 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lsmproxy.dll

[2012.12.14 01:37:03 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll

[2012.12.14 01:37:03 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Bubbles.scr

[2012.12.14 01:37:03 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceStatus.dll

[2012.12.14 01:37:03 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll

[2012.12.14 01:37:03 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3ui.dll

[2012.12.14 01:37:03 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlcese30.dll

[2012.12.14 01:37:03 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdv.dll

[2012.12.14 01:37:03 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll

[2012.12.14 01:37:03 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceSyncProvider.dll

[2012.12.14 01:37:03 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceSyncProvider.dll

[2012.12.14 01:37:03 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll

[2012.12.14 01:37:03 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll

[2012.12.14 01:37:03 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fphc.dll

[2012.12.14 01:37:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kstvtune.ax

[2012.12.14 01:37:03 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe

[2012.12.14 01:37:03 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spbcd.dll

[2012.12.14 01:37:03 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olethk32.dll

[2012.12.14 01:37:03 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll

[2012.12.14 01:37:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpd3d.dll

[2012.12.14 01:37:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll

[2012.12.14 01:37:02 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL

[2012.12.14 01:37:02 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceStatus.dll

[2012.12.14 01:37:02 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll

[2012.12.14 01:37:02 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll

[2012.12.14 01:37:02 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mystify.scr

[2012.12.14 01:37:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Ribbons.scr

[2012.12.14 01:37:02 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBICodec.ax

[2012.12.14 01:37:02 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll

[2012.12.14 01:37:02 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl

[2012.12.14 01:37:02 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\desk.cpl

[2012.12.14 01:37:02 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll

[2012.12.14 01:37:02 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiavideo.dll

[2012.12.14 01:37:02 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax

[2012.12.14 01:37:02 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSVRMGMT.DLL

[2012.12.14 01:37:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fphc.dll

[2012.12.14 01:37:02 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll

[2012.12.14 01:37:02 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amstream.dll

[2012.12.14 01:37:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll

[2012.12.14 01:37:02 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\takeown.exe

[2012.12.14 01:37:02 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe

[2012.12.14 01:37:02 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\takeown.exe

[2012.12.14 01:37:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\utildll.dll

[2012.12.14 01:37:01 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME

[2012.12.14 01:37:01 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL

[2012.12.14 01:37:01 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll

[2012.12.14 01:37:01 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdv.dll

[2012.12.14 01:37:01 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll

[2012.12.14 01:37:01 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppinst.dll

[2012.12.14 01:37:01 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstp.exe

[2012.12.14 01:37:01 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstp.exe

[2012.12.14 01:37:01 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QCLIPROV.DLL

[2012.12.14 01:37:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QCLIPROV.DLL

[2012.12.14 01:37:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertPolEng.dll

[2012.12.14 01:37:01 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cca.dll

[2012.12.14 01:37:01 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WavDest.dll

[2012.12.14 01:37:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\djoin.exe

[2012.12.14 01:37:01 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimgvw.dll

[2012.12.14 01:37:01 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HotStartUserAgent.dll

[2012.12.14 01:37:01 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nrpsrv.dll

[2012.12.14 01:37:00 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL

[2012.12.14 01:37:00 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll

[2012.12.14 01:37:00 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe

[2012.12.14 01:37:00 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsicli.exe

[2012.12.14 01:37:00 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll

[2012.12.14 01:37:00 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll

[2012.12.14 01:37:00 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll

[2012.12.14 01:37:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MuiUnattend.exe

[2012.12.14 01:37:00 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\g711codc.ax

[2012.12.14 01:37:00 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vfwwdm32.dll

[2012.12.14 01:37:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll

[2012.12.14 01:37:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MultiDigiMon.exe

[2012.12.14 01:37:00 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdhui.dll

[2012.12.14 01:37:00 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe

[2012.12.14 01:37:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AzSqlExt.dll

[2012.12.14 01:37:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll

[2012.12.14 01:36:59 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe

[2012.12.14 01:36:59 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe

[2012.12.14 01:36:59 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll

[2012.12.14 01:36:59 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicli.exe

[2012.12.14 01:36:59 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll

[2012.12.14 01:36:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe

[2012.12.14 01:36:59 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\desk.cpl

[2012.12.14 01:36:59 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll

[2012.12.14 01:36:59 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mobsync.exe

[2012.12.14 01:36:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amstream.dll

[2012.12.14 01:36:59 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll

[2012.12.14 01:36:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spbcd.dll

[2012.12.14 01:36:59 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wkscli.dll

[2012.12.14 01:36:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbisurf.ax

[2012.12.14 01:36:59 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe

[2012.12.14 01:36:59 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdmo.dll

[2012.12.14 01:36:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe

[2012.12.14 01:36:59 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe

[2012.12.14 01:36:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BWUnpairElevated.dll

[2012.12.14 01:36:58 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME

[2012.12.14 01:36:58 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll

[2012.12.14 01:36:58 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll

[2012.12.14 01:36:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll

[2012.12.14 01:36:58 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll

[2012.12.14 01:36:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll

[2012.12.14 01:36:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll

[2012.12.14 01:36:58 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll

[2012.12.14 01:36:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertPolEng.dll

[2012.12.14 01:36:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksxbar.ax

[2012.12.14 01:36:58 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciqtz32.dll

[2012.12.14 01:36:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\choice.exe

[2012.12.14 01:36:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syssetup.dll

[2012.12.14 01:36:57 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onexui.dll

[2012.12.14 01:36:57 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe

[2012.12.14 01:36:57 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe

[2012.12.14 01:36:57 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll

[2012.12.14 01:36:57 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe

[2012.12.14 01:36:57 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll

[2012.12.14 01:36:57 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe

[2012.12.14 01:36:57 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll

[2012.12.14 01:36:57 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe

[2012.12.14 01:36:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\luainstall.dll

[2012.12.14 01:36:57 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz32.dll

[2012.12.14 01:36:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe

[2012.12.14 01:36:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe

[2012.12.14 01:36:57 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedcli.dll

[2012.12.14 01:36:57 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe

[2012.12.14 01:36:56 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDPENCDD.dll

[2012.12.14 01:36:56 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll

[2012.12.14 01:36:56 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll

[2012.12.14 01:36:56 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe

[2012.12.14 01:36:56 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetmib1.dll

[2012.12.14 01:36:56 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll

[2012.12.14 01:36:56 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\repair-bde.exe

[2012.12.14 01:36:56 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\luainstall.dll

[2012.12.14 01:36:56 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdiasqmmodule.dll

[2012.12.14 01:36:56 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shimgvw.dll

[2012.12.14 01:36:56 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unlodctr.exe

[2012.12.14 01:36:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbisurf.ax

[2012.12.14 01:36:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdmo.dll

[2012.12.14 01:36:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spopk.dll

[2012.12.14 01:36:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spopk.dll

[2012.12.14 01:36:56 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe

[2012.12.14 01:36:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\muifontsetup.dll

[2012.12.14 01:36:55 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll

[2012.12.14 01:36:55 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll

[2012.12.14 01:36:55 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetmib1.dll

[2012.12.14 01:36:55 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\g711codc.ax

[2012.12.14 01:36:55 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSMON.dll

[2012.12.14 01:36:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll

[2012.12.14 01:36:55 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll

[2012.12.14 01:36:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys

[2012.12.14 01:36:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elsTrans.dll

[2012.12.14 01:36:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TRAPI.dll

[2012.12.14 01:36:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdprefdrvapi.dll

[2012.12.14 01:36:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfts.dll

[2012.12.14 01:36:54 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\napdsnap.dll

[2012.12.14 01:36:54 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\napdsnap.dll

[2012.12.14 01:36:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsauth.dll

[2012.12.14 01:36:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys

[2012.12.14 01:36:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsauth.dll

[2012.12.14 01:36:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll

[2012.12.14 01:36:54 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LogonUI.exe

[2012.12.14 01:36:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsperf.dll

[2012.12.14 01:36:54 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdprefdrvapi.dll

[2012.12.14 01:36:54 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elsTrans.dll

[2012.12.14 01:36:54 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TRAPI.dll

[2012.12.14 01:36:54 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsperf.dll

[2012.12.14 01:36:54 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSUNATD.exe

[2012.12.14 01:36:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schedcli.dll

[2012.12.14 01:36:53 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime

[2012.12.14 01:36:53 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime

[2012.12.14 01:36:53 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shgina.dll

[2012.12.14 01:36:53 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll

[2012.12.14 01:36:53 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll

[2012.12.14 01:36:53 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shgina.dll

[2012.12.14 01:36:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll

[2012.12.14 01:36:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched32.dll

[2012.12.14 01:36:52 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys

[2012.12.14 01:36:51 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshirda.dll

[2012.12.14 01:36:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshirda.dll

[2012.12.14 01:36:51 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched32.dll

[2012.12.14 01:36:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcfgex.dll

[2012.12.14 01:36:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\C_ISCII.DLL

[2012.12.14 01:36:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll

[2012.12.14 01:36:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll

[2012.12.14 01:36:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shunimpl.dll

[2012.12.14 01:36:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\C_ISCII.DLL

[2012.12.14 01:36:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUF.DLL

[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUF.DLL

[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSG.DLL

[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSF.DLL

[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDPO.DLL

[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdlk41a.dll

[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL

[2012.12.14 01:36:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx

[2012.12.14 01:36:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll

[2012.12.14 01:36:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx

[2012.12.14 01:36:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll

[2012.12.14 01:36:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll

[2012.12.14 01:36:47 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL

[2012.12.14 01:36:47 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL

[2012.12.14 01:36:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUQ.DLL

[2012.12.14 01:36:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSG.DLL

[2012.12.14 01:36:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdlk41a.dll

[2012.12.14 01:36:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGKL.DLL

[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUQ.DLL

[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDNEPR.DLL

[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL

[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGR1.DLL

[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGR1.DLL

[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGKL.DLL

[2012.12.14 01:36:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll

[2012.12.14 01:36:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll

[2012.12.14 01:36:46 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BlbEvents.dll

[2012.12.14 01:36:46 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pifmgr.dll

[2012.12.14 01:36:46 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pifmgr.dll

[2012.12.14 01:36:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDCZ1.DLL

[2012.12.14 01:36:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizres.dll

[2012.12.14 01:36:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizres.dll

[2012.12.14 01:36:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDCZ1.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUS.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUGHR1.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTURME.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAJIK.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSF.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDPO.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDNEPR.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMON.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMAORI.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDLT1.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBULG.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBLR.DLL

[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUS.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUGHR1.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTURME.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAJIK.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMON.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMAORI.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDLT1.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGEO.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGEO.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBULG.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBLR.DLL

[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL

[2012.12.14 01:36:33 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpx.dll

[2012.12.14 01:36:33 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll

[2012.12.14 01:36:28 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqmapi.dll

[2012.12.14 01:34:57 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wbemcomn.dll

[2012.12.14 01:34:51 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqmapi.dll

[2012.12.14 00:59:58 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys

[2012.12.14 00:59:58 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe

[2012.12.14 00:59:58 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys

[2012.12.14 00:59:56 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll

[2012.12.14 00:59:56 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll

[2012.12.14 00:59:56 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys

[2012.12.14 00:59:55 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys

[2012.12.14 00:59:55 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe

[2012.12.14 00:59:55 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe

[2012.12.14 00:59:55 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys

[2012.12.14 00:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET

[2012.12.14 00:42:59 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Avira

[2012.12.14 00:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2012.12.14 00:40:02 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys

[2012.12.14 00:40:02 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2012.12.14 00:40:02 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys

[2012.12.14 00:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2012.12.14 00:40:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira

[2012.12.14 00:27:42 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll

[2012.12.13 23:50:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat

[2012.12.13 23:50:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat

[2012.12.13 23:21:43 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys

[2012.12.13 23:21:43 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll

[2012.12.13 23:13:04 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe

[2012.12.13 23:10:16 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012.12.13 23:10:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012.12.13 23:10:16 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2012.12.13 23:10:16 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2012.12.13 23:10:16 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2012.12.13 23:10:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2012.12.13 23:10:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2012.12.13 23:10:16 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2012.12.13 23:10:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2012.12.13 23:10:16 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2012.12.13 23:10:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2012.12.13 23:10:16 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2012.12.13 23:10:15 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2012.12.13 23:10:15 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012.12.13 23:10:15 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2012.12.13 23:10:15 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2012.12.13 23:10:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012.12.13 23:10:15 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2012.12.13 23:10:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2012.12.13 23:10:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2012.12.13 23:10:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2012.12.13 23:10:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012.12.13 23:10:15 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2012.12.13 23:10:15 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2012.12.13 23:10:15 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2012.12.13 23:10:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2012.12.13 23:10:15 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2012.12.13 23:10:15 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2012.12.13 23:10:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012.12.13 23:10:15 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2012.12.13 23:10:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2012.12.13 23:10:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2012.12.13 23:10:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2012.12.13 23:10:14 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2012.12.13 23:10:14 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2012.12.13 23:10:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2012.12.13 23:10:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012.12.13 23:10:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2012.12.13 23:10:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2012.12.13 23:10:14 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2012.12.13 23:10:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2012.12.13 23:10:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2012.12.13 23:10:13 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2012.12.13 23:10:13 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012.12.13 23:10:13 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012.12.13 23:10:13 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012.12.13 23:10:13 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2012.12.13 23:10:13 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2012.12.13 23:10:13 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2012.12.13 23:10:13 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2012.12.13 23:10:13 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2012.12.13 23:10:13 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2012.12.13 23:10:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012.12.13 23:10:13 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012.12.13 23:10:13 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2012.12.13 23:10:13 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2012.12.13 23:10:13 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2012.12.13 23:10:13 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2012.12.13 23:10:13 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2012.12.13 23:10:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2012.12.13 23:10:13 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2012.12.13 23:10:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012.12.13 23:10:13 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2012.12.13 23:10:13 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2012.12.13 23:10:13 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2012.12.13 23:10:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2012.12.13 23:10:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2012.12.13 23:10:13 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2012.12.13 23:10:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2012.12.13 23:10:13 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2012.12.13 23:10:13 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2012.12.13 23:10:13 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2012.12.13 23:07:17 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll

[2012.12.13 23:07:17 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe

[2012.12.13 23:07:17 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll

[2012.12.13 23:07:17 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll

[2012.12.13 23:06:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll

[2012.12.13 23:06:17 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys

[2012.12.13 23:05:13 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll

[2012.12.13 23:05:09 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll

[2012.12.13 23:04:37 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll

[2012.12.13 23:04:37 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll

[2012.12.13 23:04:19 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll

[2012.12.13 23:04:19 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll

[2012.12.13 23:04:19 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll

[2012.12.13 23:04:18 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll

[2012.12.13 23:04:18 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll

[2012.12.13 23:04:18 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll

[2012.12.13 23:04:18 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe

[2012.12.13 23:04:17 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll

[2012.12.13 23:04:17 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll

[2012.12.13 23:04:17 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll

[2012.12.13 23:04:17 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe

[2012.12.13 23:04:17 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll

[2012.12.13 23:04:17 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll

[2012.12.13 23:04:15 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2012.12.13 23:04:14 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2012.12.13 23:04:14 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2012.12.13 23:04:05 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll

[2012.12.13 23:04:02 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll

[2012.12.13 23:04:02 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll

[2012.12.13 23:04:00 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll

[2012.12.13 23:04:00 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll

[2012.12.13 23:04:00 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll

[2012.12.13 23:03:59 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll

[2012.12.13 23:03:59 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax

[2012.12.13 23:03:59 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax

[2012.12.13 23:03:57 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll

[2012.12.13 23:03:57 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll

[2012.12.13 23:03:54 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

[2012.12.13 23:03:54 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll

[2012.12.13 23:03:54 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

[2012.12.13 23:03:54 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe

[2012.12.13 23:03:54 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2012.12.13 23:03:54 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

[2012.12.13 23:03:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2012.12.13 23:03:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

[2012.12.13 23:03:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2012.12.13 23:03:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

[2012.12.13 23:03:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2012.12.13 23:03:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2012.12.13 23:03:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2012.12.13 23:03:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2012.12.13 23:03:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2012.12.13 23:03:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2012.12.13 23:03:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2012.12.13 23:03:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2012.12.13 23:03:33 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe

[2012.12.13 23:03:33 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe

[2012.12.13 23:03:32 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll

[2012.12.13 23:03:32 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll

[2012.12.13 23:03:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll

[2012.12.13 23:03:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll

[2012.12.13 23:03:25 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll

[2012.12.13 23:03:25 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax

[2012.12.13 23:03:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax

[2012.12.13 23:03:24 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll

[2012.12.13 23:03:24 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax

[2012.12.13 23:03:24 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax

[2012.12.13 23:03:24 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax

[2012.12.13 23:03:24 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax

[2012.12.13 23:03:24 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax

[2012.12.13 23:03:24 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax

[2012.12.13 23:03:23 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2012.12.13 23:03:23 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe

[2012.12.13 23:03:19 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll

[2012.12.13 23:03:19 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll

[2012.12.13 23:03:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll

[2012.12.13 23:03:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll

[2012.12.13 23:03:19 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll

[2012.12.13 23:03:19 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll

[2012.12.13 23:03:19 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll

[2012.12.13 23:03:19 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll

[2012.12.13 23:03:19 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll

[2012.12.13 23:03:18 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll

[2012.12.13 23:03:18 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll

[2012.12.13 23:03:11 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll

[2012.12.13 23:03:11 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll

[2012.12.13 23:03:10 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll

[2012.12.13 23:03:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll

[2012.12.13 23:03:09 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll

[2012.12.13 23:03:09 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll

[2012.12.13 23:03:04 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi

[2012.12.13 23:03:04 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe

[2012.12.13 23:03:04 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi

[2012.12.13 23:03:04 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe

[2012.12.13 23:03:04 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll

[2012.12.13 23:03:04 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll

[2012.12.13 23:03:04 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll

[2012.12.13 23:03:04 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll

[2012.12.13 23:03:02 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

[2012.12.13 23:03:01 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll

[2012.12.13 23:03:01 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe

[2012.12.13 23:03:01 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgmgr32.dll

[2012.12.13 23:03:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll

[2012.12.13 23:03:00 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll

[2012.12.13 23:03:00 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll

[2012.12.13 23:03:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe

[2012.12.13 23:03:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe

[2012.12.13 23:02:59 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll

[2012.12.13 23:02:59 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll

[2012.12.13 23:02:59 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll

[2012.12.13 23:02:59 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll

[2012.12.13 23:02:57 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll

[2012.12.13 23:02:57 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll

[2012.12.13 23:02:56 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll

[2012.12.13 23:02:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll

[2012.12.13 23:02:55 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll

[2012.12.13 23:02:55 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll

[2012.12.13 23:02:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe

[2012.12.13 23:02:55 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll

[2012.12.13 23:02:54 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl

[2012.12.13 23:02:54 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl

[2012.12.13 23:02:54 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll

[2012.12.13 23:02:54 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll

[2012.12.13 23:02:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll

[2012.12.13 23:02:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll

[2012.12.13 23:02:52 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll

[2012.12.13 23:02:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll

[2012.12.13 23:02:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll

[2012.12.13 23:02:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll

[2012.12.13 23:02:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe

[2012.12.13 23:02:48 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WFS.exe

[2012.12.13 23:02:48 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe

[2012.12.13 23:02:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2012.12.13 23:02:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll

[2012.12.13 23:02:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll

[2012.12.13 23:02:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll

[2012.12.13 23:02:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe

[2012.12.13 23:02:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe

[2012.12.13 23:02:46 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys

[2012.12.13 23:02:40 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll

[2012.12.13 23:02:40 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll

[2012.12.13 23:02:29 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll

[2012.12.13 23:02:29 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll

[2012.12.13 23:02:27 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll

[2012.12.13 23:02:26 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll

[2012.12.13 23:02:26 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll

[2012.12.13 23:02:25 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll

[2012.12.13 23:02:25 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll

[2012.12.13 23:02:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe

[2012.12.13 23:02:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll

[2012.12.13 23:02:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll

[2012.12.13 22:50:51 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\Google

[2012.12.13 22:36:51 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll

[2012.12.13 22:36:51 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe

[2012.12.13 22:36:51 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll

[2012.12.13 22:36:47 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll

[2012.12.13 22:36:47 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll

[2012.12.13 22:36:47 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll

[2012.12.13 22:36:45 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll

[2012.12.13 22:36:45 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe

[2012.12.13 21:33:08 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Mozilla

[2012.12.13 21:31:27 | 000,000,000 | ---D | C] -- C:\Users\Donald\Documents\ASUS WebStorage

[2012.12.13 21:31:27 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Asus WebStorage

[2012.12.13 21:31:09 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\BMExplorer

[2012.12.13 21:31:09 | 000,000,000 | ---D | C] -- C:\Users\Donald\Documents\Bluetooth Folder

[2012.12.13 21:29:53 | 000,000,000 | R--D | C] -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012.12.13 21:29:53 | 000,000,000 | R--D | C] -- C:\Users\Donald\Searches

[2012.12.13 21:29:53 | 000,000,000 | R--D | C] -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012.12.13 21:29:52 | 000,000,000 | -H-D | C] -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2012.12.13 21:29:44 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Identities

[2012.12.13 21:29:42 | 000,000,000 | R--D | C] -- C:\Users\Donald\Contacts

[2012.12.13 21:29:25 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT

[2012.12.13 21:29:24 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\Power2Go

[2012.12.13 21:29:21 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\VirtualStore

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Verkkoympäristö

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Tulostinympäristö

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\AppData\Local\Temporary Internet Files

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Sendto

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Recent

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Documents\Omat videotiedostot

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Omat tiedostot

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Documents\Omat musiikkitiedostot

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Documents\Omat kuvatiedostot

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Mallit

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Local Settings

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Käynnistä-valikko

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\AppData\Local\History

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Cookies

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Application Data

[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\AppData\Local\Application Data

[2012.12.13 21:29:11 | 000,000,000 | --SD | C] -- C:\Users\Donald\AppData\Roaming\Microsoft

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Videos

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Saved Games

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Pictures

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Music

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Links

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Favorites

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Downloads

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Documents

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Desktop

[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012.12.13 21:29:11 | 000,000,000 | -H-D | C] -- C:\Users\Donald\AppData

[2012.12.13 21:29:11 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\Temp

[2012.12.13 21:29:11 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\Microsoft

[2012.12.13 21:29:11 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Media Center Programs

[2012.12.13 21:29:11 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite

========== Files - Modified Within 30 Days ==========

[2012.12.29 01:32:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donald\Desktop\OTL.exe

[2012.12.29 01:31:28 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.12.29 01:31:20 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini

[2012.12.29 01:30:28 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.12.29 01:30:28 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.12.29 01:27:12 | 003,116,386 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.12.29 01:27:12 | 000,628,980 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat

[2012.12.29 01:27:12 | 000,627,420 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.12.29 01:27:12 | 000,473,584 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat

[2012.12.29 01:27:12 | 000,459,998 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat

[2012.12.29 01:27:12 | 000,452,980 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat

[2012.12.29 01:27:12 | 000,127,492 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat

[2012.12.29 01:27:12 | 000,110,140 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.12.29 01:27:12 | 000,086,058 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat

[2012.12.29 01:27:12 | 000,083,556 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat

[2012.12.29 01:27:12 | 000,080,848 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat

[2012.12.29 01:22:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.12.29 01:22:34 | 3151,835,136 | -HS- | M] () -- C:\hiberfil.sys

[2012.12.28 23:17:48 | 000,000,512 | ---- | M] () -- C:\Users\Donald\Desktop\MBR.dat

[2012.12.28 23:02:54 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe

[2012.12.28 22:56:42 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Donald\Desktop\aswMBR.exe

[2012.12.28 22:55:27 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Donald\Desktop\tdsskiller.exe

[2012.12.28 22:44:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.12.28 20:55:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2012.12.28 20:44:59 | 005,014,093 | R--- | M] (Swearware) -- C:\Users\Donald\Desktop\ComboFix.exe

[2012.12.28 12:16:48 | 000,758,784 | ---- | M] () -- C:\Users\Donald\Desktop\RogueKiller.exe

[2012.12.28 12:16:36 | 000,550,017 | ---- | M] () -- C:\Users\Donald\Desktop\adwcleaner.exe

[2012.12.28 12:16:15 | 000,856,731 | ---- | M] () -- C:\Users\Donald\Desktop\SecurityCheck.exe

[2012.12.27 21:41:07 | 589,288,540 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2012.12.22 14:46:47 | 000,277,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.12.16 19:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll

[2012.12.16 16:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll

[2012.12.16 16:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2012.12.16 16:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2012.12.14 14:44:14 | 000,002,275 | ---- | M] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012.12.14 14:38:41 | 000,001,302 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini

[2012.12.14 07:26:47 | 000,049,202 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

[2012.12.14 07:26:47 | 000,049,202 | ---- | M] () -- C:\Windows\SysNative\license.rtf

[2012.12.14 03:21:06 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.12.14 02:39:28 | 000,001,934 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini

[2012.12.14 02:24:12 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll

[2012.12.14 02:24:12 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll

[2012.12.14 00:40:21 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2012.12.14 00:24:18 | 000,001,431 | ---- | M] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012.12.13 23:10:16 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012.12.13 23:10:16 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2012.12.13 23:10:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012.12.13 23:10:16 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2012.12.13 23:10:16 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2012.12.13 23:10:16 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2012.12.13 23:10:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2012.12.13 23:10:16 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2012.12.13 23:10:16 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2012.12.13 23:10:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2012.12.13 23:10:16 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2012.12.13 23:10:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2012.12.13 23:10:16 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2012.12.13 23:10:15 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2012.12.13 23:10:15 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012.12.13 23:10:15 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2012.12.13 23:10:15 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012.12.13 23:10:15 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2012.12.13 23:10:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2012.12.13 23:10:15 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2012.12.13 23:10:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2012.12.13 23:10:15 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012.12.13 23:10:15 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2012.12.13 23:10:15 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2012.12.13 23:10:15 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2012.12.13 23:10:15 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2012.12.13 23:10:15 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2012.12.13 23:10:15 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2012.12.13 23:10:15 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012.12.13 23:10:15 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2012.12.13 23:10:15 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2012.12.13 23:10:15 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2012.12.13 23:10:15 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2012.12.13 23:10:15 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2012.12.13 23:10:14 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2012.12.13 23:10:14 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2012.12.13 23:10:14 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2012.12.13 23:10:14 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012.12.13 23:10:14 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2012.12.13 23:10:14 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2012.12.13 23:10:14 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2012.12.13 23:10:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2012.12.13 23:10:14 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2012.12.13 23:10:13 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2012.12.13 23:10:13 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012.12.13 23:10:13 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012.12.13 23:10:13 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012.12.13 23:10:13 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2012.12.13 23:10:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2012.12.13 23:10:13 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2012.12.13 23:10:13 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2012.12.13 23:10:13 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2012.12.13 23:10:13 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2012.12.13 23:10:13 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012.12.13 23:10:13 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012.12.13 23:10:13 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2012.12.13 23:10:13 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2012.12.13 23:10:13 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2012.12.13 23:10:13 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2012.12.13 23:10:13 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2012.12.13 23:10:13 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2012.12.13 23:10:13 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2012.12.13 23:10:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012.12.13 23:10:13 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2012.12.13 23:10:13 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2012.12.13 23:10:13 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2012.12.13 23:10:13 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2012.12.13 23:10:13 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2012.12.13 23:10:13 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2012.12.13 23:10:13 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2012.12.13 23:10:13 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2012.12.13 23:10:13 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2012.12.13 23:10:13 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2012.12.13 23:10:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2012.12.13 22:54:07 | 000,002,289 | ---- | M] () -- C:\Users\Donald\Desktop\Google Chrome.lnk

[2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys

[2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys

Link to post
Share on other sites

========== Files Created - No Company Name ==========

[2012.12.28 23:17:48 | 000,000,512 | ---- | C] () -- C:\Users\Donald\Desktop\MBR.dat

[2012.12.28 20:47:23 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2012.12.28 20:47:23 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2012.12.28 20:47:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2012.12.28 20:47:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2012.12.28 20:47:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2012.12.28 12:16:47 | 000,758,784 | ---- | C] () -- C:\Users\Donald\Desktop\RogueKiller.exe

[2012.12.28 12:16:35 | 000,550,017 | ---- | C] () -- C:\Users\Donald\Desktop\adwcleaner.exe

[2012.12.28 12:16:13 | 000,856,731 | ---- | C] () -- C:\Users\Donald\Desktop\SecurityCheck.exe

[2012.12.27 21:41:07 | 589,288,540 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2012.12.14 07:21:50 | 3151,835,136 | -HS- | C] () -- C:\hiberfil.sys

[2012.12.14 03:21:06 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.12.14 01:38:14 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd

[2012.12.14 01:36:57 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml

[2012.12.14 01:36:45 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml

[2012.12.14 01:36:45 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml

[2012.12.14 01:36:26 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml

[2012.12.14 00:40:21 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2012.12.13 23:21:44 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

[2012.12.13 23:10:15 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2012.12.13 23:10:13 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2012.12.13 23:07:17 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

[2012.12.13 22:54:07 | 000,002,289 | ---- | C] () -- C:\Users\Donald\Desktop\Google Chrome.lnk

[2012.12.13 22:50:35 | 000,001,431 | ---- | C] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012.12.13 21:30:44 | 000,001,403 | ---- | C] () -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2012.12.13 21:29:57 | 000,001,437 | ---- | C] () -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012.12.13 21:29:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe

[2012.12.13 21:29:11 | 000,002,275 | ---- | C] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012.12.13 21:29:11 | 000,000,290 | ---- | C] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2012.12.13 21:29:11 | 000,000,272 | ---- | C] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2012.10.10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

[2012.10.10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin

[2012.10.10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin

[2011.03.23 14:19:54 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011.03.23 14:19:51 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011.03.23 14:19:50 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011.03.23 14:10:22 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll

[2011.03.23 14:08:57 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Link to post
Share on other sites

  • Staff

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the customFix.png text box.

    :OTL
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
    O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
    O4 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\..\SearchScopes\{F1E95DB3-B78C-4A52-BA66-057CCE090B3C}: "URL" = http://websearch.ask...81-062BD15C9E42

    :Files
    ipconfig /flushdns /c

    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]


  • Then click the Run Fix button at the top.
  • Click btnOK.png.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo

Link to post
Share on other sites

Computer status: Nothing seems to be amiss. Though, with the IP block functionality gone, I can't really know if the problem still persists. Nothing seems to be wrong. What malware was removed from the computer?

Is this the report you needed? I found it in a c:\_OTL folder. The report failed to appear automatically in the notepad, perhaps because I logged first in with normal, not admin rights.

========== OTL ==========

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IntelTBRunOnce not found.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.

Registry value HKEY_USERS\S-1-5-21-2065890004-3735609052-1085264056-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.

File Protocol\Handler\livecall - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.

File Protocol\Handler\msnim - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.

File Protocol\Handler\wlmailhtml - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.

File Protocol\Handler\wlpg - No CLSID value found not found.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry key HKEY_USERS\S-1-5-21-2065890004-3735609052-1085264056-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F1E95DB3-B78C-4A52-BA66-057CCE090B3C}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F1E95DB3-B78C-4A52-BA66-057CCE090B3C}\ not found.

========== FILES ==========

< ipconfig /flushdns /c >

Windows IP-m„„ritykset

DNS-tulkintatoiminnon v„limuistin tyhjent„minen onnistui.

C:\Users\Donald\Desktop\cmd.bat deleted successfully.

C:\Users\Donald\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Donald

User: normi

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Donald

User: normi

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12292012_222409

Link to post
Share on other sites

  • Staff

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

 ClearJavaCache:: 

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe

CFScriptB-4.gif

This will let ComboFix run again.

Restart if you have to.

Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  1. report from Combofix
  2. let me know of any problems you may have had
  3. How is the computer doing now after running the script?

Gringo

Link to post
Share on other sites

Computer status: Nothing seems wrong.

ComboFix 12-12-28.02 - Donald 29.12.2012 23:50:03.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4008.2771 [GMT 2:00]

Sijainti: c:\users\Donald\Desktop\ComboFix.exe

Käytetyt komentorivivalitsimet :: c:\users\Donald\Desktop\CFScript.txt

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Uusi palautuspiste luotu

.

.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-11-28 to 2012-12-29 )))))))))))))))))

.

.

2012-12-29 21:53 . 2012-12-29 21:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-12-29 21:53 . 2012-12-29 21:53 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-29 20:24 . 2012-12-29 20:24 -------- d-----w- C:\_OTL

2012-12-27 18:30 . 2012-12-27 18:30 -------- d-----w- C:\TDSSKiller_Quarantine

2012-12-22 12:43 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-22 12:43 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-22 12:43 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-12-22 12:43 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-15 11:22 . 2012-12-28 10:46 -------- d-----w- C:\files

2012-12-14 12:50 . 2012-12-28 10:12 -------- d-----w- C:\downloads

2012-12-14 12:38 . 2012-12-14 12:39 -------- d-----w- c:\users\normi

2012-12-14 01:21 . 2012-12-14 01:21 -------- d-----w- c:\programdata\Malwarebytes

2012-12-14 01:21 . 2012-12-14 01:21 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-12-14 01:21 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-14 00:48 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-12-14 00:47 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-12-13 23:50 . 2012-12-13 23:50 -------- d-----w- c:\windows\system32\SPReview

2012-12-13 23:50 . 2012-12-13 23:50 -------- d-----w- c:\windows\system32\EventProviders

2012-12-13 23:37 . 2010-11-20 13:33 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2012-12-13 23:36 . 2010-11-20 13:27 35840 ----a-w- c:\windows\system32\msdmo.dll

2012-12-13 23:34 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll

2012-12-13 23:34 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll

2012-12-13 23:34 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll

2012-12-13 22:54 . 2012-12-13 22:54 -------- d-----w- c:\program files (x86)\Microsoft.NET

2012-12-13 22:40 . 2012-12-03 13:36 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys

2012-12-13 22:40 . 2012-12-03 13:36 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-12-13 22:40 . 2012-11-16 18:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-12-13 22:40 . 2012-12-13 22:40 -------- d-----w- c:\programdata\Avira

2012-12-13 22:40 . 2012-12-13 22:40 -------- d-----w- c:\program files (x86)\Avira

2012-12-13 22:27 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll

2012-12-13 22:27 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-12-13 22:27 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2012-12-13 21:50 . 2012-12-13 21:50 -------- d-----w- c:\windows\SysWow64\Wat

2012-12-13 21:50 . 2012-12-13 21:50 -------- d-----w- c:\windows\system32\Wat

2012-12-13 21:33 . 2012-11-18 23:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F89374FA-520B-42AB-82DC-4BB82AFBE426}\mpengine.dll

2012-12-13 21:21 . 2012-07-26 07:45 2560 ----a-w- c:\windows\system32\drivers\sv-SE\wdf01000.sys.mui

2012-12-13 21:21 . 2012-07-26 07:31 2560 ----a-w- c:\windows\system32\drivers\da-DK\wdf01000.sys.mui

2012-12-13 21:21 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\nb-NO\wdf01000.sys.mui

2012-12-13 21:21 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\fi-FI\wdf01000.sys.mui

2012-12-13 21:21 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui

2012-12-13 21:21 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-12-13 21:21 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-12-13 21:21 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-12-13 21:16 . 2012-11-28 13:58 67413224 ----a-w- c:\windows\system32\MRT.exe

2012-12-13 21:13 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe

2012-12-13 21:07 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-12-13 21:07 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-12-13 21:07 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe

2012-12-13 21:07 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-12-13 21:07 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll

2012-12-13 21:07 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-12-13 21:07 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-12-13 21:06 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-12-13 21:06 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2012-12-13 21:06 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-12-13 21:06 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2012-12-13 21:06 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2012-12-13 21:05 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-12-13 21:05 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll

2012-12-13 21:05 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll

2012-12-13 21:05 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-12-13 21:03 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-12-13 21:02 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll

2012-12-13 20:36 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-12-13 20:36 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-12-13 20:36 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

2012-12-13 20:36 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-12-13 20:36 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

2012-12-13 20:36 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-12-13 20:36 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-12-13 20:36 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-12-13 20:36 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-12-13 19:29 . 2012-12-29 21:44 45056 ----a-w- c:\windows\system32\acovcnt.exe

2012-12-13 19:29 . 2012-12-13 19:31 -------- d-----w- C:\ASUS.DAT

2012-12-13 19:29 . 2012-12-13 19:29 -------- d-----w- c:\users\Donald

.

.

.

(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-14 00:24 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2012-12-14 00:24 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2012-12-13 22:25 . 2010-06-24 18:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-10-16 08:38 . 2012-12-13 21:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-12-13 21:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-12-13 21:04 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-10 00:22 . 2012-10-10 00:22 80384 ----a-w- c:\windows\system32\igdde64.dll

2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc

2012-10-10 00:22 . 2012-10-10 00:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll

2012-10-10 00:22 . 2012-10-10 00:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll

2012-10-10 00:22 . 2012-10-10 00:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe

2012-10-10 00:22 . 2012-10-10 00:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc

2012-10-10 00:22 . 2012-10-10 00:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll

2012-10-10 00:22 . 2012-10-10 00:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll

2012-10-10 00:22 . 2012-10-10 00:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll

2012-10-10 00:22 . 2012-10-10 00:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll

2012-10-10 00:22 . 2012-10-10 00:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc

2012-10-10 00:22 . 2012-10-10 00:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc

2012-10-10 00:22 . 2012-10-10 00:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll

2012-10-10 00:22 . 2011-03-23 12:19 12836864 ----a-w- c:\windows\system32\igd10umd64.dll

2012-10-10 00:22 . 2011-03-23 12:19 110592 ----a-w- c:\windows\system32\hccutils.dll

2012-10-10 00:22 . 2012-10-10 00:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll

2012-10-10 00:22 . 2012-10-10 00:22 12604416 ----a-w- c:\windows\system32\igdumd64.dll

2012-10-10 00:22 . 2012-10-10 00:22 441888 ----a-w- c:\windows\system32\igfxpers.exe

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc

2012-10-10 00:22 . 2012-10-10 00:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll

2012-10-10 00:22 . 2012-10-10 00:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys

2012-10-10 00:22 . 2012-10-10 00:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll

2012-10-10 00:22 . 2012-10-10 00:22 441856 ----a-w- c:\windows\system32\igfxdev.dll

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc

2012-10-10 00:22 . 2012-10-10 00:22 399392 ----a-w- c:\windows\system32\hkcmd.exe

2012-10-10 00:22 . 2012-10-10 00:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin

2012-10-10 00:22 . 2012-10-10 00:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl

2012-10-10 00:22 . 2012-10-10 00:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll

2012-10-10 00:22 . 2011-03-23 12:19 63488 ----a-w- c:\windows\system32\igfxsrvc.dll

2012-10-10 00:22 . 2011-03-23 12:19 9007616 ----a-w- c:\windows\system32\igfxress.dll

2012-10-10 00:22 . 2012-10-10 00:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll

2012-10-10 00:22 . 2012-10-10 00:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll

2012-10-10 00:22 . 2012-10-10 00:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc

2012-10-10 00:22 . 2012-10-10 00:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc

2012-10-10 00:22 . 2012-10-10 00:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe

2012-10-10 00:22 . 2012-10-10 00:22 185376 ----a-w- c:\windows\system32\difx64.exe

2012-10-10 00:22 . 2012-10-10 00:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll

2012-10-10 00:22 . 2012-10-10 00:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll

2012-10-10 00:22 . 2012-10-10 00:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc

2012-10-10 00:22 . 2012-10-10 00:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc

2012-10-10 00:22 . 2012-10-10 00:22 171040 ----a-w- c:\windows\system32\igfxtray.exe

2012-10-10 00:22 . 2012-10-10 00:22 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll

2012-10-10 00:22 . 2012-10-10 00:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe

2012-10-10 00:22 . 2012-10-10 00:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc

2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc

2012-10-10 00:22 . 2012-10-10 00:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc

2012-10-10 00:22 . 2012-10-10 00:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc

2012-10-10 00:22 . 2012-10-10 00:22 142336 ----a-w- c:\windows\system32\igfxdo.dll

2012-10-10 00:22 . 2012-10-10 00:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin

2012-10-10 00:22 . 2012-10-10 00:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll

2012-10-10 00:22 . 2012-10-10 00:22 386048 ----a-w- c:\windows\system32\igfxpph.dll

2012-10-10 00:22 . 2012-10-10 00:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll

2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc

2012-10-10 00:22 . 2012-10-10 00:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc

2012-10-10 00:22 . 2012-10-10 00:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc

2012-10-10 00:22 . 2012-10-10 00:22 28672 ----a-w- c:\windows\system32\igfxexps.dll

2012-10-10 00:22 . 2012-10-10 00:22 252448 ----a-w- c:\windows\system32\igfxext.exe

2012-10-10 00:22 . 2011-03-23 12:19 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll

2012-10-10 00:22 . 2012-10-10 00:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll

2012-10-10 00:22 . 2012-10-10 00:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc

2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc

2012-10-08 09:42 . 2012-10-08 09:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-10-08 09:42 . 2012-10-08 09:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-08 09:42 . 2012-10-08 09:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-08 09:42 . 2012-10-08 09:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-08 09:42 . 2012-10-08 09:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-08 09:42 . 2012-10-08 09:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-08 09:42 . 2012-10-08 09:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-08 09:42 . 2011-03-23 13:12 973672 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-10-08 09:42 . 2012-10-08 09:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-08 09:42 . 2012-10-08 09:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-08 09:42 . 2012-10-08 09:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys

2012-10-08 09:42 . 2012-10-08 09:42 2747240 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-08 09:42 . 2012-10-08 09:42 25256296 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-08 09:42 . 2012-10-08 09:42 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-10-08 09:42 . 2011-03-23 13:12 247144 ----a-w- c:\windows\system32\nvinitx.dll

2012-10-08 09:42 . 2012-10-08 09:42 9146728 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-08 09:42 . 2012-10-08 09:42 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll

2012-10-08 09:42 . 2012-10-08 09:42 7414632 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-08 09:42 . 2012-10-08 09:42 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-10-08 09:42 . 2012-10-08 09:42 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-08 09:42 . 2011-03-23 13:12 202600 ----a-w- c:\windows\SysWow64\nvinit.dll

2012-10-08 09:42 . 2012-10-08 09:42 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll

.

.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]

"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]

"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]

"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-04 384800]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-3-23 548528]

FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-3-23 12862]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]

R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]

R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]

R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-13 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]

S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-11-30 379520]

S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]

S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 333928]

.

.

'Ajoitetut tehtävät'-kansion sisältö

.

2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]

.

2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-23 2188904]

"AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]

"AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040]

"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Täydentävä tarkistus -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://asus.msn.com

mStart Page = hxxp://asus.msn.com

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 192.168.254.254 192.168.254.254

.

- - - - POISTETUT JÄMÄRIVIT - - - -

.

SafeBoot-36332484.sys

.

.

.

--------------------- LUKITUT REKISTERIAVAIMET ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Valmistumisajankohta: 2012-12-29 23:54:49

ComboFix-quarantined-files.txt 2012-12-29 21:54

ComboFix2.txt 2012-12-28 18:58

.

Ennen ajoa: 439 157 116 928 tavua vapaana

Ajon jälkeen: 439 247 704 064 tavua vapaana

.

- - End Of File - - D41C1A31FBCF3294967FDBB7DF089986

Link to post
Share on other sites

  • Staff

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.
    Download CCleaner from here http://www.ccleaner.com/
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
    • Click Run Cleaner.
    • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.

Click OK to either and let MBAM proceed with the disinfection process.

If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic

"information and logs"

  • In your next post I need the following
  1. Log From MBAM
  2. report from Hijackthis
  3. let me know of any problems you may have had
  4. How is the computer doing now?

Gringo

Link to post
Share on other sites

Computer status: Only glitch encountered so far was one of those momentary browsing related freezes when signing in to this forum. Possibly a site related problem, since the freeze repeats for me if I use backspace to wipe the last letter from the password field during logon.

There are two logs for mbam. The latter scans the empty cd-drive E:, if it for some reason is necessary.

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Tietokantaversio: v2012.12.30.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Donald :: DONALD-PC [järjestelmänvalvoja]

30.12.2012 16:39:33

mbam-log-2012-12-30 (16-39-33).txt

Tarkistustyyppi: Täysi tarkistus (C:\|)

Tarkistussuodattimia valittu: Muisti | Käynnistys | Rekisteri | Tietojärjestelmä | Heuristinen/Ylimäärinen | Heuristinen/Shuriken | Mahdollisesti haitallinen ohjelma | Mahdollisesti haitallinen muutos | Vertaisverkko (Peer-to-Peer)

Käytöstä poistetut tarkistusvalinnat:

Tarkistettuja kohteita: 415075

Kulunut aika: 48 minuutti(a), 8 sekunti(a)

Epäilyttäviä muistiprosesseja: 0

(Ei haitallisia kohteita)

Epäilyttäviä muistimoduuleja: 0

(Ei haitallisia kohteita)

Epäilyttäviä rekisteriavaimia: 0

(Ei haitallisia kohteita)

Epäilyttäviä rekisteriarvoja: 0

(Ei haitallisia kohteita)

Epäilyttäviä rekisterikohteita: 0

(Ei haitallisia kohteita)

Epäilyttäviä kansioita: 0

(Ei haitallisia kohteita)

Epäilyttäviä tiedostoja: 0

(Ei haitallisia kohteita)

(loppu)

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Tietokantaversio: v2012.12.30.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Donald :: DONALD-PC [järjestelmänvalvoja]

30.12.2012 17:40:37

mbam-log-2012-12-30 (17-40-37).txt

Tarkistustyyppi: Täysi tarkistus (E:\|)

Tarkistussuodattimia valittu: Muisti | Käynnistys | Rekisteri | Tietojärjestelmä | Heuristinen/Ylimäärinen | Heuristinen/Shuriken | Mahdollisesti haitallinen ohjelma | Mahdollisesti haitallinen muutos | Vertaisverkko (Peer-to-Peer)

Käytöstä poistetut tarkistusvalinnat:

Tarkistettuja kohteita: 242948

Kulunut aika: 17 sekunti(a)

Epäilyttäviä muistiprosesseja: 0

(Ei haitallisia kohteita)

Epäilyttäviä muistimoduuleja: 0

(Ei haitallisia kohteita)

Epäilyttäviä rekisteriavaimia: 0

(Ei haitallisia kohteita)

Epäilyttäviä rekisteriarvoja: 0

(Ei haitallisia kohteita)

Epäilyttäviä rekisterikohteita: 0

(Ei haitallisia kohteita)

Epäilyttäviä kansioita: 0

(Ei haitallisia kohteita)

Epäilyttäviä tiedostoja: 0

(Ei haitallisia kohteita)

(loppu)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:46:58, on 30.12.2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Users\Donald\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKUS\S-1-5-21-2065890004-3735609052-1085264056-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2065890004-3735609052-1085264056-1000\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2065890004-3735609052-1085264056-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'UpdatusUser')

O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

O4 - Global Startup: FancyStart daemon.lnk = ?

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll

O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Päivitä-palvelu (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Partner Service - Unknown owner - C:\ProgramData\Partner\Partner.exe (file missing)

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: Intel® Turbo Boost Technology Monitor (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--

End of file - 23048 bytes

Link to post
Share on other sites

  • Staff

Hello

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional

These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
      O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
      O4 - HKUS\S-1-5-21-2065890004-3735609052-1085264056-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
      O4 - HKUS\S-1-5-21-2065890004-3735609052-1085264056-1000\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User 'UpdatusUser')
      O4 - HKUS\S-1-5-21-2065890004-3735609052-1085264056-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'UpdatusUser')
      O4 - Global Startup: FancyStart daemon.lnk = ?

[*] Close all open windows and browsers/email, etc...

[*] Click on the "Fix Checked" button

[*] When completed, close the application.

  • NOTE**You can research each of those lines
>here< and see if you want to keep them or not
just copy the name between the brackets and paste into the search space
O4 - HKLM\..\Run: [IntelliPoint]

NOTE**

sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe

(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit

(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit

and select to run as administrator

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start

    [*]When asked, allow the add/on to be installed

    • Click Start

    [*]Make sure that the option Remove found threats is unticked

    [*]Click on Advanced Settings, ensure the options

    • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

    [*]Click Scan

    [*]wait for the virus definitions to be downloaded

    [*]Wait for the scan to finish

When the scan is complete

  • If no threats were found
    • put a checkmark in "Uninstall application on close"
    • close program
    • report to me that nothing was found

  • If threats were found
    • click on "list of threats found"
    • click on "export to text file" and save it as ESET SCAN and save to the desktop
    • Click on back
    • put a checkmark in "Uninstall application on close"
    • click on finish
    • close program
    • copy and paste the report here

Gringo

Link to post
Share on other sites

Ran the fix and finished the eset scan without problems. No threats found.

Computer status: The internet explorer security settings seem to have been adjusted from the high to adjusted on their own. No other changes or problems.

I have some questions:

What was found previously?

Any idea how I got infected?

Should I still perform a clean install on the OS to be sure?

Can I rely on the recovery partition in the computer to do the job properly?

What programs, if any, do I need to acquire before reformat from the internet?

Will the computer be at risk of infection while I install the plethora of windows updates this involves?

Link to post
Share on other sites

  • Staff

Hello

I have some questions:

What was found previously? - the reports don,t show enough to say what it was but I do not see anything like rootkits in the reports

Any idea how I got infected? - there is no way to tell this

Should I still perform a clean install on the OS to be sure? - I do not think it is needed at this time

Can I rely on the recovery partition in the computer to do the job properly? - I do not see any reason why not.

What programs, if any, do I need to acquire before reformat from the internet? - you mean like security programs then see bellow

Will the computer be at risk of infection while I install the plethora of windows updates this involves? - well I would not go to any high risk websites untill you are done

Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are.

:Why we need to remove some of our tools:

  • Some of the tools we have used to clean your computer were made by fellow malware fighters and are very powerful and if used incorrectly or at the wronge time can make the computer an expensive paper weight.
    They are updated all the time and some of them more than once a day so by the time you are ready to use them again they will already be outdated.
    The following procedures will implement some cleanup procedures to remove these tools. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.

:DeFogger:

Note** Defogger only needs to be run if it was run when we first started. If you have not already run it then skip this.

  • To re-enable your Emulation drivers, double click DeFogger to run the tool.
    • The application window will appear
    • Click the Re-enable button to re-enable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger will now ask to reboot the machine - click OK.

Your Emulation drivers are now re-enabled.

:Uninstall ComboFix:

  • turn off all active protection software
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.
  • CF-Uninstall.png

:Remove the rest of our tools:

Please download OTCleanIt and save it to desktop. This tool will remove all the tools we used to clean your pc.

  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.
  • If asked to restart the computer, please do so

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

:The programs you can keep:

Some of the programs that we have used would be a good idea to keep and used often in helping to keep the computer clean. I use these programs on my computer.

Revo Uninstaller Free - this is the uninstaller that I had you download and works allot better than add/remove in windows and has saved me more than once from corrupted installs and uninstalls
CCleaner - This is a good program to clean out temp files, I would use this once a week or before any malware scan to remove unwanted temp files - It has a built in registry cleaner but I would leave that alone and not use any registry cleaner
Malwarebytes' Anti-Malware The Gold standerd today in antimalware scanners

:Security programs:

One of the questions I am asked all the time is "What programs do you use" I have at this time 4 computers in my home and I have this setup on all 4 of them.

  • Microsoft Security Essentials - provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
  • WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
  • Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
    totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often. (I have upgraded to the paid version of MBAM and I am glad I did)
    Note** If you decide to install MSE you will need to uninstall your present Antivirus

:Security awareness:

The other question I am asked all the time is "How can I prevent this from happening again." and the short answer to that is to be aware of what is out there and how to start spotting dangers.

Here are some articles that are must reads and should be read by everybody in your household that uses the internet

internetsafety
Internet Safety for Kids

Here is some more reading for you from some of my colleges

PC Safety and Security - What Do I Need? from my friends at Tech Support Forum
COMPUTER SECURITY - a short guide to staying safer online from my friends at Malware Removal

quoted from Tech Support Forum

Conclusion

There is no such thing as ‘perfect security’. This applies to many things, not just computer systems. Using the above guide you should be able to take all the reasonable steps you can to prevent infection. However, the most important part of all this is you, the user. Surf sensibly and think before you download a file or click on a link. Take a few moments to assess the possible risks and you should be able to enjoy all the internet has to offer.

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Gringo

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.