Bobobot
-
Posts
24 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Bobobot
-
-
Ran the fix and finished the eset scan without problems. No threats found.
Computer status: The internet explorer security settings seem to have been adjusted from the high to adjusted on their own. No other changes or problems.
I have some questions:
What was found previously?
Any idea how I got infected?
Should I still perform a clean install on the OS to be sure?
Can I rely on the recovery partition in the computer to do the job properly?
What programs, if any, do I need to acquire before reformat from the internet?
Will the computer be at risk of infection while I install the plethora of windows updates this involves?
-
Computer status: Only glitch encountered so far was one of those momentary browsing related freezes when signing in to this forum. Possibly a site related problem, since the freeze repeats for me if I use backspace to wipe the last letter from the password field during logon.
There are two logs for mbam. The latter scans the empty cd-drive E:, if it for some reason is necessary.
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Tietokantaversio: v2012.12.30.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Donald :: DONALD-PC [järjestelmänvalvoja]
30.12.2012 16:39:33
mbam-log-2012-12-30 (16-39-33).txt
Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistussuodattimia valittu: Muisti | Käynnistys | Rekisteri | Tietojärjestelmä | Heuristinen/Ylimäärinen | Heuristinen/Shuriken | Mahdollisesti haitallinen ohjelma | Mahdollisesti haitallinen muutos | Vertaisverkko (Peer-to-Peer)
Käytöstä poistetut tarkistusvalinnat:
Tarkistettuja kohteita: 415075
Kulunut aika: 48 minuutti(a), 8 sekunti(a)
Epäilyttäviä muistiprosesseja: 0
(Ei haitallisia kohteita)
Epäilyttäviä muistimoduuleja: 0
(Ei haitallisia kohteita)
Epäilyttäviä rekisteriavaimia: 0
(Ei haitallisia kohteita)
Epäilyttäviä rekisteriarvoja: 0
(Ei haitallisia kohteita)
Epäilyttäviä rekisterikohteita: 0
(Ei haitallisia kohteita)
Epäilyttäviä kansioita: 0
(Ei haitallisia kohteita)
Epäilyttäviä tiedostoja: 0
(Ei haitallisia kohteita)
(loppu)
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Tietokantaversio: v2012.12.30.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Donald :: DONALD-PC [järjestelmänvalvoja]
30.12.2012 17:40:37
mbam-log-2012-12-30 (17-40-37).txt
Tarkistustyyppi: Täysi tarkistus (E:\|)
Tarkistussuodattimia valittu: Muisti | Käynnistys | Rekisteri | Tietojärjestelmä | Heuristinen/Ylimäärinen | Heuristinen/Shuriken | Mahdollisesti haitallinen ohjelma | Mahdollisesti haitallinen muutos | Vertaisverkko (Peer-to-Peer)
Käytöstä poistetut tarkistusvalinnat:
Tarkistettuja kohteita: 242948
Kulunut aika: 17 sekunti(a)
Epäilyttäviä muistiprosesseja: 0
(Ei haitallisia kohteita)
Epäilyttäviä muistimoduuleja: 0
(Ei haitallisia kohteita)
Epäilyttäviä rekisteriavaimia: 0
(Ei haitallisia kohteita)
Epäilyttäviä rekisteriarvoja: 0
(Ei haitallisia kohteita)
Epäilyttäviä rekisterikohteita: 0
(Ei haitallisia kohteita)
Epäilyttäviä kansioita: 0
(Ei haitallisia kohteita)
Epäilyttäviä tiedostoja: 0
(Ei haitallisia kohteita)
(loppu)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:46:58, on 30.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Users\Donald\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKUS\S-1-5-21-2065890004-3735609052-1085264056-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2065890004-3735609052-1085264056-1000\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2065890004-3735609052-1085264056-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'UpdatusUser')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Päivitä-palvelu (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Partner Service - Unknown owner - C:\ProgramData\Partner\Partner.exe (file missing)
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: Intel® Turbo Boost Technology Monitor (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
--
End of file - 23048 bytes
-
Computer status: Nothing seems wrong.
ComboFix 12-12-28.02 - Donald 29.12.2012 23:50:03.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4008.2771 [GMT 2:00]
Sijainti: c:\users\Donald\Desktop\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\users\Donald\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Uusi palautuspiste luotu
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-11-28 to 2012-12-29 )))))))))))))))))
.
.
2012-12-29 21:53 . 2012-12-29 21:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-29 21:53 . 2012-12-29 21:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-29 20:24 . 2012-12-29 20:24 -------- d-----w- C:\_OTL
2012-12-27 18:30 . 2012-12-27 18:30 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-22 12:43 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 12:43 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 12:43 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 12:43 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-15 11:22 . 2012-12-28 10:46 -------- d-----w- C:\files
2012-12-14 12:50 . 2012-12-28 10:12 -------- d-----w- C:\downloads
2012-12-14 12:38 . 2012-12-14 12:39 -------- d-----w- c:\users\normi
2012-12-14 01:21 . 2012-12-14 01:21 -------- d-----w- c:\programdata\Malwarebytes
2012-12-14 01:21 . 2012-12-14 01:21 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-14 01:21 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-14 00:48 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-12-14 00:47 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-12-13 23:50 . 2012-12-13 23:50 -------- d-----w- c:\windows\system32\SPReview
2012-12-13 23:50 . 2012-12-13 23:50 -------- d-----w- c:\windows\system32\EventProviders
2012-12-13 23:37 . 2010-11-20 13:33 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-12-13 23:36 . 2010-11-20 13:27 35840 ----a-w- c:\windows\system32\msdmo.dll
2012-12-13 23:34 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-12-13 23:34 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-12-13 23:34 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-12-13 22:54 . 2012-12-13 22:54 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-12-13 22:40 . 2012-12-03 13:36 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-12-13 22:40 . 2012-12-03 13:36 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-12-13 22:40 . 2012-11-16 18:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-12-13 22:40 . 2012-12-13 22:40 -------- d-----w- c:\programdata\Avira
2012-12-13 22:40 . 2012-12-13 22:40 -------- d-----w- c:\program files (x86)\Avira
2012-12-13 22:27 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-12-13 22:27 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-12-13 22:27 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-12-13 21:50 . 2012-12-13 21:50 -------- d-----w- c:\windows\SysWow64\Wat
2012-12-13 21:50 . 2012-12-13 21:50 -------- d-----w- c:\windows\system32\Wat
2012-12-13 21:33 . 2012-11-18 23:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F89374FA-520B-42AB-82DC-4BB82AFBE426}\mpengine.dll
2012-12-13 21:21 . 2012-07-26 07:45 2560 ----a-w- c:\windows\system32\drivers\sv-SE\wdf01000.sys.mui
2012-12-13 21:21 . 2012-07-26 07:31 2560 ----a-w- c:\windows\system32\drivers\da-DK\wdf01000.sys.mui
2012-12-13 21:21 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\nb-NO\wdf01000.sys.mui
2012-12-13 21:21 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\fi-FI\wdf01000.sys.mui
2012-12-13 21:21 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-12-13 21:21 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 21:21 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 21:21 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 21:16 . 2012-11-28 13:58 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-13 21:13 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-12-13 21:07 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 21:07 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 21:07 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-13 21:07 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 21:07 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 21:07 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 21:07 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 21:06 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-12-13 21:06 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-12-13 21:06 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-12-13 21:06 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-12-13 21:06 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-12-13 21:05 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-12-13 21:05 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2012-12-13 21:05 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-12-13 21:05 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-12-13 21:03 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-12-13 21:02 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-12-13 20:36 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-12-13 20:36 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-12-13 20:36 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-12-13 20:36 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-12-13 20:36 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-12-13 20:36 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-12-13 20:36 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-12-13 20:36 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-12-13 20:36 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-12-13 19:29 . 2012-12-29 21:44 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-12-13 19:29 . 2012-12-13 19:31 -------- d-----w- C:\ASUS.DAT
2012-12-13 19:29 . 2012-12-13 19:29 -------- d-----w- c:\users\Donald
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 00:24 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-12-14 00:24 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-12-13 22:25 . 2010-06-24 18:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-16 08:38 . 2012-12-13 21:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-13 21:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-13 21:04 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 00:22 . 2012-10-10 00:22 80384 ----a-w- c:\windows\system32\igdde64.dll
2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-10-10 00:22 . 2012-10-10 00:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll
2012-10-10 00:22 . 2012-10-10 00:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-10-10 00:22 . 2012-10-10 00:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe
2012-10-10 00:22 . 2012-10-10 00:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-10-10 00:22 . 2012-10-10 00:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-10-10 00:22 . 2012-10-10 00:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-10-10 00:22 . 2012-10-10 00:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-10-10 00:22 . 2012-10-10 00:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-10-10 00:22 . 2012-10-10 00:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-10-10 00:22 . 2012-10-10 00:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-10-10 00:22 . 2012-10-10 00:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-10-10 00:22 . 2011-03-23 12:19 12836864 ----a-w- c:\windows\system32\igd10umd64.dll
2012-10-10 00:22 . 2011-03-23 12:19 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-10-10 00:22 . 2012-10-10 00:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-10-10 00:22 . 2012-10-10 00:22 12604416 ----a-w- c:\windows\system32\igdumd64.dll
2012-10-10 00:22 . 2012-10-10 00:22 441888 ----a-w- c:\windows\system32\igfxpers.exe
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-10-10 00:22 . 2012-10-10 00:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-10-10 00:22 . 2012-10-10 00:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-10-10 00:22 . 2012-10-10 00:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-10 00:22 . 2012-10-10 00:22 441856 ----a-w- c:\windows\system32\igfxdev.dll
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-10-10 00:22 . 2012-10-10 00:22 399392 ----a-w- c:\windows\system32\hkcmd.exe
2012-10-10 00:22 . 2012-10-10 00:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin
2012-10-10 00:22 . 2012-10-10 00:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-10-10 00:22 . 2012-10-10 00:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll
2012-10-10 00:22 . 2011-03-23 12:19 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-10 00:22 . 2011-03-23 12:19 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-10-10 00:22 . 2012-10-10 00:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-10-10 00:22 . 2012-10-10 00:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-10-10 00:22 . 2012-10-10 00:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-10-10 00:22 . 2012-10-10 00:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-10-10 00:22 . 2012-10-10 00:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-10 00:22 . 2012-10-10 00:22 185376 ----a-w- c:\windows\system32\difx64.exe
2012-10-10 00:22 . 2012-10-10 00:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-10-10 00:22 . 2012-10-10 00:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll
2012-10-10 00:22 . 2012-10-10 00:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-10-10 00:22 . 2012-10-10 00:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-10-10 00:22 . 2012-10-10 00:22 171040 ----a-w- c:\windows\system32\igfxtray.exe
2012-10-10 00:22 . 2012-10-10 00:22 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-10-10 00:22 . 2012-10-10 00:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-10 00:22 . 2012-10-10 00:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-10-10 00:22 . 2012-10-10 00:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-10-10 00:22 . 2012-10-10 00:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-10-10 00:22 . 2012-10-10 00:22 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-10-10 00:22 . 2012-10-10 00:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin
2012-10-10 00:22 . 2012-10-10 00:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2012-10-10 00:22 . 2012-10-10 00:22 386048 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-10 00:22 . 2012-10-10 00:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-10-10 00:22 . 2012-10-10 00:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-10-10 00:22 . 2012-10-10 00:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-10-10 00:22 . 2012-10-10 00:22 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-10-10 00:22 . 2012-10-10 00:22 252448 ----a-w- c:\windows\system32\igfxext.exe
2012-10-10 00:22 . 2011-03-23 12:19 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-10-10 00:22 . 2012-10-10 00:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-10-10 00:22 . 2012-10-10 00:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-10-08 09:42 . 2012-10-08 09:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-08 09:42 . 2012-10-08 09:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-08 09:42 . 2012-10-08 09:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-08 09:42 . 2012-10-08 09:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-08 09:42 . 2012-10-08 09:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-08 09:42 . 2012-10-08 09:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-08 09:42 . 2012-10-08 09:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-08 09:42 . 2011-03-23 13:12 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-08 09:42 . 2012-10-08 09:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-08 09:42 . 2012-10-08 09:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-08 09:42 . 2012-10-08 09:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-10-08 09:42 . 2012-10-08 09:42 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-08 09:42 . 2012-10-08 09:42 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-08 09:42 . 2012-10-08 09:42 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-08 09:42 . 2011-03-23 13:12 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-08 09:42 . 2012-10-08 09:42 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-08 09:42 . 2012-10-08 09:42 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-08 09:42 . 2012-10-08 09:42 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-08 09:42 . 2012-10-08 09:42 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-08 09:42 . 2012-10-08 09:42 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-08 09:42 . 2011-03-23 13:12 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-08 09:42 . 2012-10-08 09:42 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-04 384800]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-3-23 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-3-23 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-13 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-11-30 379520]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 333928]
.
.
'Ajoitetut tehtävät'-kansion sisältö
.
2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]
.
2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-23 2188904]
"AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]
"AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Täydentävä tarkistus -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.254.254 192.168.254.254
.
- - - - POISTETUT JÄMÄRIVIT - - - -
.
SafeBoot-36332484.sys
.
.
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Valmistumisajankohta: 2012-12-29 23:54:49
ComboFix-quarantined-files.txt 2012-12-29 21:54
ComboFix2.txt 2012-12-28 18:58
.
Ennen ajoa: 439 157 116 928 tavua vapaana
Ajon jälkeen: 439 247 704 064 tavua vapaana
.
- - End Of File - - D41C1A31FBCF3294967FDBB7DF089986
-
Computer status: Nothing seems to be amiss. Though, with the IP block functionality gone, I can't really know if the problem still persists. Nothing seems to be wrong. What malware was removed from the computer?
Is this the report you needed? I found it in a c:\_OTL folder. The report failed to appear automatically in the notepad, perhaps because I logged first in with normal, not admin rights.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IntelTBRunOnce not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2065890004-3735609052-1085264056-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_USERS\S-1-5-21-2065890004-3735609052-1085264056-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F1E95DB3-B78C-4A52-BA66-057CCE090B3C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F1E95DB3-B78C-4A52-BA66-057CCE090B3C}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-m„„ritykset
DNS-tulkintatoiminnon v„limuistin tyhjent„minen onnistui.
C:\Users\Donald\Desktop\cmd.bat deleted successfully.
C:\Users\Donald\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Donald
User: normi
User: Public
User: UpdatusUser
Total Java Files Cleaned = 0,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Donald
User: normi
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 12292012_222409
-
========== Files Created - No Company Name ==========
[2012.12.28 23:17:48 | 000,000,512 | ---- | C] () -- C:\Users\Donald\Desktop\MBR.dat
[2012.12.28 20:47:23 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.28 20:47:23 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.28 20:47:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.28 20:47:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.28 20:47:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.28 12:16:47 | 000,758,784 | ---- | C] () -- C:\Users\Donald\Desktop\RogueKiller.exe
[2012.12.28 12:16:35 | 000,550,017 | ---- | C] () -- C:\Users\Donald\Desktop\adwcleaner.exe
[2012.12.28 12:16:13 | 000,856,731 | ---- | C] () -- C:\Users\Donald\Desktop\SecurityCheck.exe
[2012.12.27 21:41:07 | 589,288,540 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.12.14 07:21:50 | 3151,835,136 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.14 03:21:06 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.14 01:38:14 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012.12.14 01:36:57 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012.12.14 01:36:45 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012.12.14 01:36:45 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012.12.14 01:36:26 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012.12.14 00:40:21 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.13 23:21:44 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.13 23:10:15 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.12.13 23:10:13 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.12.13 23:07:17 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.13 22:54:07 | 000,002,289 | ---- | C] () -- C:\Users\Donald\Desktop\Google Chrome.lnk
[2012.12.13 22:50:35 | 000,001,431 | ---- | C] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012.12.13 21:30:44 | 000,001,403 | ---- | C] () -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.12.13 21:29:57 | 000,001,437 | ---- | C] () -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.12.13 21:29:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe
[2012.12.13 21:29:11 | 000,002,275 | ---- | C] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012.12.13 21:29:11 | 000,000,290 | ---- | C] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012.12.13 21:29:11 | 000,000,272 | ---- | C] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012.10.10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.10.10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.10.10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2011.03.23 14:19:54 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.03.23 14:19:51 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.03.23 14:19:50 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.03.23 14:10:22 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2011.03.23 14:08:57 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
-
[2012.12.14 01:37:14 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2012.12.14 01:37:14 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpx.dll
[2012.12.14 01:37:14 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.dll
[2012.12.14 01:37:14 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2012.12.14 01:37:14 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpsrcwp.dll
[2012.12.14 01:37:14 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2012.12.14 01:37:14 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPHLPR.DLL
[2012.12.14 01:37:14 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll
[2012.12.14 01:37:14 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll
[2012.12.14 01:37:14 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabinet.dll
[2012.12.14 01:37:14 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012.12.14 01:37:13 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfrgui.exe
[2012.12.14 01:37:13 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshipsec.dll
[2012.12.14 01:37:13 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\remotepg.dll
[2012.12.14 01:37:13 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kstvtune.ax
[2012.12.14 01:37:13 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\isoburn.exe
[2012.12.14 01:37:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wkscli.dll
[2012.12.14 01:37:13 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2012.12.14 01:37:12 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2012.12.14 01:37:12 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2012.12.14 01:37:12 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2012.12.14 01:37:12 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3ui.dll
[2012.12.14 01:37:12 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2012.12.14 01:37:12 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wavemsp.dll
[2012.12.14 01:37:12 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2012.12.14 01:37:12 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2012.12.14 01:37:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\net1.exe
[2012.12.14 01:37:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2012.12.14 01:37:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2012.12.14 01:37:11 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2012.12.14 01:37:11 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsuiext.dll
[2012.12.14 01:37:11 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2012.12.14 01:37:11 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2012.12.14 01:37:11 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe
[2012.12.14 01:37:11 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2012.12.14 01:37:11 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll
[2012.12.14 01:37:11 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsqmcons.exe
[2012.12.14 01:37:11 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2012.12.14 01:37:11 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2012.12.14 01:37:11 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PkgMgr.exe
[2012.12.14 01:37:11 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstask.dll
[2012.12.14 01:37:11 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2012.12.14 01:37:11 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2012.12.14 01:37:11 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twext.dll
[2012.12.14 01:37:11 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzutil.exe
[2012.12.14 01:37:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2012.12.14 01:37:10 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2012.12.14 01:37:10 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Bubbles.scr
[2012.12.14 01:37:10 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcap.dll
[2012.12.14 01:37:10 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupugc.exe
[2012.12.14 01:37:10 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2012.12.14 01:37:10 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2012.12.14 01:37:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdmat.dll
[2012.12.14 01:37:10 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2012.12.14 01:37:09 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2012.12.14 01:37:09 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\main.cpl
[2012.12.14 01:37:09 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2012.12.14 01:37:09 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssText3d.scr
[2012.12.14 01:37:09 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mystify.scr
[2012.12.14 01:37:09 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Ribbons.scr
[2012.12.14 01:37:09 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2012.12.14 01:37:09 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2012.12.14 01:37:09 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
[2012.12.14 01:37:09 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2012.12.14 01:37:09 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uxlib.dll
[2012.12.14 01:37:09 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2012.12.14 01:37:09 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2012.12.14 01:37:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll
[2012.12.14 01:37:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\muifontsetup.dll
[2012.12.14 01:37:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2012.12.14 01:37:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2012.12.14 01:37:08 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2012.12.14 01:37:08 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingFolder.dll
[2012.12.14 01:37:08 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfmon.exe
[2012.12.14 01:37:08 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll
[2012.12.14 01:37:07 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll
[2012.12.14 01:37:07 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2012.12.14 01:37:07 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimserv.exe
[2012.12.14 01:37:07 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2012.12.14 01:37:07 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2012.12.14 01:37:07 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll
[2012.12.14 01:37:07 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2012.12.14 01:37:07 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2012.12.14 01:37:07 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umb.dll
[2012.12.14 01:37:07 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPCRYPT.DLL
[2012.12.14 01:37:07 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\acppage.dll
[2012.12.14 01:37:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AzSqlExt.dll
[2012.12.14 01:37:07 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netutils.dll
[2012.12.14 01:37:06 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2012.12.14 01:37:06 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll
[2012.12.14 01:37:06 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2012.12.14 01:37:06 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2012.12.14 01:37:06 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2012.12.14 01:37:06 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2012.12.14 01:37:06 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012.12.14 01:37:06 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetapi.dll
[2012.12.14 01:37:06 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfmon.exe
[2012.12.14 01:37:06 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\remotepg.dll
[2012.12.14 01:37:06 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MdSched.exe
[2012.12.14 01:37:06 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiavideo.dll
[2012.12.14 01:37:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QUTIL.DLL
[2012.12.14 01:37:06 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountControlSettings.dll
[2012.12.14 01:37:06 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012.12.14 01:37:06 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\runonce.exe
[2012.12.14 01:37:06 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPCRYPT.DLL
[2012.12.14 01:37:06 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syssetup.dll
[2012.12.14 01:37:05 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onexui.dll
[2012.12.14 01:37:05 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2012.12.14 01:37:05 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe
[2012.12.14 01:37:05 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2012.12.14 01:37:05 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2012.12.14 01:37:05 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsadmin.exe
[2012.12.14 01:37:05 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iTVData.dll
[2012.12.14 01:37:05 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2012.12.14 01:37:05 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2012.12.14 01:37:05 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll
[2012.12.14 01:37:05 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll
[2012.12.14 01:37:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsbas.dll
[2012.12.14 01:37:05 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2012.12.14 01:37:05 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2012.12.14 01:37:05 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2012.12.14 01:37:05 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\runonce.exe
[2012.12.14 01:37:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintIsolationProxy.dll
[2012.12.14 01:37:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vpnikeapi.dll
[2012.12.14 01:37:04 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2012.12.14 01:37:04 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2012.12.14 01:37:04 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2012.12.14 01:37:04 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2012.12.14 01:37:04 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2012.12.14 01:37:04 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2012.12.14 01:37:04 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsadmin.exe
[2012.12.14 01:37:04 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qcap.dll
[2012.12.14 01:37:04 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll
[2012.12.14 01:37:04 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSVRMGMT.DLL
[2012.12.14 01:37:04 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2012.12.14 01:37:04 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shacct.dll
[2012.12.14 01:37:04 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll
[2012.12.14 01:37:04 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2012.12.14 01:37:04 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2012.12.14 01:37:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tabcal.exe
[2012.12.14 01:37:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2012.12.14 01:37:04 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdmat.dll
[2012.12.14 01:37:04 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2012.12.14 01:37:04 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lsmproxy.dll
[2012.12.14 01:37:03 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2012.12.14 01:37:03 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Bubbles.scr
[2012.12.14 01:37:03 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceStatus.dll
[2012.12.14 01:37:03 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2012.12.14 01:37:03 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3ui.dll
[2012.12.14 01:37:03 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlcese30.dll
[2012.12.14 01:37:03 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdv.dll
[2012.12.14 01:37:03 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2012.12.14 01:37:03 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceSyncProvider.dll
[2012.12.14 01:37:03 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceSyncProvider.dll
[2012.12.14 01:37:03 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2012.12.14 01:37:03 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2012.12.14 01:37:03 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fphc.dll
[2012.12.14 01:37:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kstvtune.ax
[2012.12.14 01:37:03 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2012.12.14 01:37:03 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spbcd.dll
[2012.12.14 01:37:03 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olethk32.dll
[2012.12.14 01:37:03 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2012.12.14 01:37:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpd3d.dll
[2012.12.14 01:37:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll
[2012.12.14 01:37:02 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2012.12.14 01:37:02 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceStatus.dll
[2012.12.14 01:37:02 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2012.12.14 01:37:02 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2012.12.14 01:37:02 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mystify.scr
[2012.12.14 01:37:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Ribbons.scr
[2012.12.14 01:37:02 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBICodec.ax
[2012.12.14 01:37:02 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2012.12.14 01:37:02 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2012.12.14 01:37:02 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\desk.cpl
[2012.12.14 01:37:02 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2012.12.14 01:37:02 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiavideo.dll
[2012.12.14 01:37:02 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2012.12.14 01:37:02 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSVRMGMT.DLL
[2012.12.14 01:37:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fphc.dll
[2012.12.14 01:37:02 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2012.12.14 01:37:02 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amstream.dll
[2012.12.14 01:37:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2012.12.14 01:37:02 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\takeown.exe
[2012.12.14 01:37:02 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2012.12.14 01:37:02 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\takeown.exe
[2012.12.14 01:37:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\utildll.dll
[2012.12.14 01:37:01 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2012.12.14 01:37:01 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2012.12.14 01:37:01 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2012.12.14 01:37:01 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdv.dll
[2012.12.14 01:37:01 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2012.12.14 01:37:01 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppinst.dll
[2012.12.14 01:37:01 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstp.exe
[2012.12.14 01:37:01 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstp.exe
[2012.12.14 01:37:01 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QCLIPROV.DLL
[2012.12.14 01:37:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QCLIPROV.DLL
[2012.12.14 01:37:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertPolEng.dll
[2012.12.14 01:37:01 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cca.dll
[2012.12.14 01:37:01 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WavDest.dll
[2012.12.14 01:37:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\djoin.exe
[2012.12.14 01:37:01 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimgvw.dll
[2012.12.14 01:37:01 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HotStartUserAgent.dll
[2012.12.14 01:37:01 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nrpsrv.dll
[2012.12.14 01:37:00 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2012.12.14 01:37:00 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2012.12.14 01:37:00 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2012.12.14 01:37:00 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsicli.exe
[2012.12.14 01:37:00 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2012.12.14 01:37:00 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2012.12.14 01:37:00 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2012.12.14 01:37:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MuiUnattend.exe
[2012.12.14 01:37:00 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\g711codc.ax
[2012.12.14 01:37:00 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vfwwdm32.dll
[2012.12.14 01:37:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2012.12.14 01:37:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MultiDigiMon.exe
[2012.12.14 01:37:00 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdhui.dll
[2012.12.14 01:37:00 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe
[2012.12.14 01:37:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AzSqlExt.dll
[2012.12.14 01:37:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2012.12.14 01:36:59 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2012.12.14 01:36:59 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2012.12.14 01:36:59 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll
[2012.12.14 01:36:59 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicli.exe
[2012.12.14 01:36:59 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll
[2012.12.14 01:36:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2012.12.14 01:36:59 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\desk.cpl
[2012.12.14 01:36:59 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2012.12.14 01:36:59 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mobsync.exe
[2012.12.14 01:36:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amstream.dll
[2012.12.14 01:36:59 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2012.12.14 01:36:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spbcd.dll
[2012.12.14 01:36:59 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wkscli.dll
[2012.12.14 01:36:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbisurf.ax
[2012.12.14 01:36:59 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe
[2012.12.14 01:36:59 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdmo.dll
[2012.12.14 01:36:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe
[2012.12.14 01:36:59 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
[2012.12.14 01:36:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BWUnpairElevated.dll
[2012.12.14 01:36:58 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2012.12.14 01:36:58 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll
[2012.12.14 01:36:58 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll
[2012.12.14 01:36:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2012.12.14 01:36:58 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2012.12.14 01:36:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2012.12.14 01:36:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2012.12.14 01:36:58 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2012.12.14 01:36:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertPolEng.dll
[2012.12.14 01:36:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksxbar.ax
[2012.12.14 01:36:58 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciqtz32.dll
[2012.12.14 01:36:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\choice.exe
[2012.12.14 01:36:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syssetup.dll
[2012.12.14 01:36:57 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onexui.dll
[2012.12.14 01:36:57 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2012.12.14 01:36:57 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2012.12.14 01:36:57 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2012.12.14 01:36:57 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe
[2012.12.14 01:36:57 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2012.12.14 01:36:57 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2012.12.14 01:36:57 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2012.12.14 01:36:57 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2012.12.14 01:36:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\luainstall.dll
[2012.12.14 01:36:57 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz32.dll
[2012.12.14 01:36:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2012.12.14 01:36:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2012.12.14 01:36:57 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedcli.dll
[2012.12.14 01:36:57 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
[2012.12.14 01:36:56 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDPENCDD.dll
[2012.12.14 01:36:56 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2012.12.14 01:36:56 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012.12.14 01:36:56 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe
[2012.12.14 01:36:56 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetmib1.dll
[2012.12.14 01:36:56 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2012.12.14 01:36:56 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\repair-bde.exe
[2012.12.14 01:36:56 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\luainstall.dll
[2012.12.14 01:36:56 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdiasqmmodule.dll
[2012.12.14 01:36:56 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shimgvw.dll
[2012.12.14 01:36:56 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unlodctr.exe
[2012.12.14 01:36:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbisurf.ax
[2012.12.14 01:36:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdmo.dll
[2012.12.14 01:36:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spopk.dll
[2012.12.14 01:36:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spopk.dll
[2012.12.14 01:36:56 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2012.12.14 01:36:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\muifontsetup.dll
[2012.12.14 01:36:55 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2012.12.14 01:36:55 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2012.12.14 01:36:55 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetmib1.dll
[2012.12.14 01:36:55 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\g711codc.ax
[2012.12.14 01:36:55 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSMON.dll
[2012.12.14 01:36:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2012.12.14 01:36:55 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2012.12.14 01:36:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2012.12.14 01:36:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elsTrans.dll
[2012.12.14 01:36:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TRAPI.dll
[2012.12.14 01:36:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdprefdrvapi.dll
[2012.12.14 01:36:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfts.dll
[2012.12.14 01:36:54 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\napdsnap.dll
[2012.12.14 01:36:54 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\napdsnap.dll
[2012.12.14 01:36:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsauth.dll
[2012.12.14 01:36:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys
[2012.12.14 01:36:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsauth.dll
[2012.12.14 01:36:54 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2012.12.14 01:36:54 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LogonUI.exe
[2012.12.14 01:36:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsperf.dll
[2012.12.14 01:36:54 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdprefdrvapi.dll
[2012.12.14 01:36:54 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elsTrans.dll
[2012.12.14 01:36:54 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TRAPI.dll
[2012.12.14 01:36:54 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsperf.dll
[2012.12.14 01:36:54 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSUNATD.exe
[2012.12.14 01:36:54 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schedcli.dll
[2012.12.14 01:36:53 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2012.12.14 01:36:53 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2012.12.14 01:36:53 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shgina.dll
[2012.12.14 01:36:53 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2012.12.14 01:36:53 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2012.12.14 01:36:53 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shgina.dll
[2012.12.14 01:36:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012.12.14 01:36:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched32.dll
[2012.12.14 01:36:52 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2012.12.14 01:36:51 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshirda.dll
[2012.12.14 01:36:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshirda.dll
[2012.12.14 01:36:51 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched32.dll
[2012.12.14 01:36:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcfgex.dll
[2012.12.14 01:36:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\C_ISCII.DLL
[2012.12.14 01:36:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2012.12.14 01:36:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2012.12.14 01:36:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shunimpl.dll
[2012.12.14 01:36:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\C_ISCII.DLL
[2012.12.14 01:36:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUF.DLL
[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUF.DLL
[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSG.DLL
[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSF.DLL
[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDPO.DLL
[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdlk41a.dll
[2012.12.14 01:36:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012.12.14 01:36:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2012.12.14 01:36:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2012.12.14 01:36:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2012.12.14 01:36:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2012.12.14 01:36:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2012.12.14 01:36:47 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2012.12.14 01:36:47 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012.12.14 01:36:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUQ.DLL
[2012.12.14 01:36:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSG.DLL
[2012.12.14 01:36:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdlk41a.dll
[2012.12.14 01:36:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGKL.DLL
[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUQ.DLL
[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDNEPR.DLL
[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGR1.DLL
[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGR1.DLL
[2012.12.14 01:36:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGKL.DLL
[2012.12.14 01:36:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2012.12.14 01:36:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2012.12.14 01:36:46 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BlbEvents.dll
[2012.12.14 01:36:46 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pifmgr.dll
[2012.12.14 01:36:46 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pifmgr.dll
[2012.12.14 01:36:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDCZ1.DLL
[2012.12.14 01:36:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizres.dll
[2012.12.14 01:36:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizres.dll
[2012.12.14 01:36:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDCZ1.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUS.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUGHR1.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTURME.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAJIK.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSF.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDPO.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDNEPR.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMON.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMAORI.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDLT1.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBULG.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBLR.DLL
[2012.12.14 01:36:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUS.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUGHR1.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTURME.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAJIK.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMON.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMAORI.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDLT1.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGEO.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGEO.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBULG.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBLR.DLL
[2012.12.14 01:36:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2012.12.14 01:36:33 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpx.dll
[2012.12.14 01:36:33 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2012.12.14 01:36:28 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqmapi.dll
[2012.12.14 01:34:57 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wbemcomn.dll
[2012.12.14 01:34:51 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqmapi.dll
[2012.12.14 00:59:58 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012.12.14 00:59:58 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe
[2012.12.14 00:59:58 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012.12.14 00:59:56 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012.12.14 00:59:56 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012.12.14 00:59:56 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012.12.14 00:59:55 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012.12.14 00:59:55 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012.12.14 00:59:55 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012.12.14 00:59:55 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012.12.14 00:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.12.14 00:42:59 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Avira
[2012.12.14 00:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.12.14 00:40:02 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.12.14 00:40:02 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.12.14 00:40:02 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.12.14 00:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.12.14 00:40:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.12.14 00:27:42 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012.12.13 23:50:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012.12.13 23:50:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012.12.13 23:21:43 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.12.13 23:21:43 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.12.13 23:13:04 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.12.13 23:10:16 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.12.13 23:10:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.12.13 23:10:16 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.12.13 23:10:16 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.12.13 23:10:16 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.12.13 23:10:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.12.13 23:10:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.12.13 23:10:16 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.12.13 23:10:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.12.13 23:10:16 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.12.13 23:10:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.12.13 23:10:16 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.12.13 23:10:15 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.12.13 23:10:15 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.12.13 23:10:15 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.12.13 23:10:15 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.12.13 23:10:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.12.13 23:10:15 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.12.13 23:10:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.12.13 23:10:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.12.13 23:10:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.12.13 23:10:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.12.13 23:10:15 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.12.13 23:10:15 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.12.13 23:10:15 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.12.13 23:10:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.12.13 23:10:15 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.12.13 23:10:15 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.12.13 23:10:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.12.13 23:10:15 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.12.13 23:10:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.12.13 23:10:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.12.13 23:10:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.12.13 23:10:14 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.12.13 23:10:14 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.12.13 23:10:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.12.13 23:10:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.12.13 23:10:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.12.13 23:10:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.12.13 23:10:14 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.12.13 23:10:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.12.13 23:10:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.12.13 23:10:13 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.12.13 23:10:13 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.12.13 23:10:13 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.12.13 23:10:13 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.12.13 23:10:13 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.12.13 23:10:13 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.12.13 23:10:13 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.12.13 23:10:13 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.12.13 23:10:13 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.12.13 23:10:13 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.12.13 23:10:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.12.13 23:10:13 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.12.13 23:10:13 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.12.13 23:10:13 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.12.13 23:10:13 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.12.13 23:10:13 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.12.13 23:10:13 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.12.13 23:10:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.12.13 23:10:13 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.12.13 23:10:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.12.13 23:10:13 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.12.13 23:10:13 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.12.13 23:10:13 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.12.13 23:10:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.12.13 23:10:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.12.13 23:10:13 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.12.13 23:10:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.12.13 23:10:13 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.12.13 23:10:13 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.12.13 23:10:13 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.12.13 23:07:17 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.12.13 23:07:17 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.12.13 23:07:17 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.12.13 23:07:17 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.12.13 23:06:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.12.13 23:06:17 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.12.13 23:05:13 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012.12.13 23:05:09 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.12.13 23:04:37 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012.12.13 23:04:37 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012.12.13 23:04:19 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012.12.13 23:04:19 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012.12.13 23:04:19 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012.12.13 23:04:18 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012.12.13 23:04:18 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012.12.13 23:04:18 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012.12.13 23:04:18 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012.12.13 23:04:17 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012.12.13 23:04:17 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012.12.13 23:04:17 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012.12.13 23:04:17 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012.12.13 23:04:17 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012.12.13 23:04:17 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012.12.13 23:04:15 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.12.13 23:04:14 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.12.13 23:04:14 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.12.13 23:04:05 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.12.13 23:04:02 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.12.13 23:04:02 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.12.13 23:04:00 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012.12.13 23:04:00 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012.12.13 23:04:00 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012.12.13 23:03:59 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012.12.13 23:03:59 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012.12.13 23:03:59 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012.12.13 23:03:57 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.12.13 23:03:57 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.12.13 23:03:54 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.12.13 23:03:54 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.12.13 23:03:54 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.12.13 23:03:54 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.12.13 23:03:54 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.12.13 23:03:54 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.12.13 23:03:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.12.13 23:03:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.12.13 23:03:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.12.13 23:03:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.12.13 23:03:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.12.13 23:03:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.12.13 23:03:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.12.13 23:03:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.12.13 23:03:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.12.13 23:03:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.12.13 23:03:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.12.13 23:03:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.12.13 23:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.12.13 23:03:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.12.13 23:03:33 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012.12.13 23:03:33 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012.12.13 23:03:32 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.12.13 23:03:32 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.12.13 23:03:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.12.13 23:03:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.12.13 23:03:25 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.12.13 23:03:25 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.12.13 23:03:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.12.13 23:03:24 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.12.13 23:03:24 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012.12.13 23:03:24 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012.12.13 23:03:24 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012.12.13 23:03:24 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012.12.13 23:03:24 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012.12.13 23:03:24 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012.12.13 23:03:23 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.12.13 23:03:23 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012.12.13 23:03:19 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.12.13 23:03:19 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.12.13 23:03:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.12.13 23:03:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.12.13 23:03:19 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.12.13 23:03:19 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.12.13 23:03:19 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.12.13 23:03:19 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.12.13 23:03:19 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.12.13 23:03:18 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012.12.13 23:03:18 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012.12.13 23:03:11 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.12.13 23:03:11 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.12.13 23:03:10 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.12.13 23:03:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.12.13 23:03:09 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.12.13 23:03:09 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.12.13 23:03:04 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012.12.13 23:03:04 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012.12.13 23:03:04 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012.12.13 23:03:04 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012.12.13 23:03:04 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2012.12.13 23:03:04 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012.12.13 23:03:04 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012.12.13 23:03:04 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012.12.13 23:03:02 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.12.13 23:03:01 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.12.13 23:03:01 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.12.13 23:03:01 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgmgr32.dll
[2012.12.13 23:03:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.12.13 23:03:00 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012.12.13 23:03:00 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012.12.13 23:03:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012.12.13 23:03:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012.12.13 23:02:59 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.12.13 23:02:59 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012.12.13 23:02:59 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012.12.13 23:02:59 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012.12.13 23:02:57 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012.12.13 23:02:57 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012.12.13 23:02:56 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012.12.13 23:02:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012.12.13 23:02:55 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.12.13 23:02:55 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.12.13 23:02:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2012.12.13 23:02:55 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.12.13 23:02:54 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.12.13 23:02:54 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.12.13 23:02:54 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012.12.13 23:02:54 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012.12.13 23:02:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll
[2012.12.13 23:02:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll
[2012.12.13 23:02:52 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.12.13 23:02:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll
[2012.12.13 23:02:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.12.13 23:02:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.12.13 23:02:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.12.13 23:02:48 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WFS.exe
[2012.12.13 23:02:48 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012.12.13 23:02:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.12.13 23:02:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.12.13 23:02:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.12.13 23:02:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.12.13 23:02:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012.12.13 23:02:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012.12.13 23:02:46 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012.12.13 23:02:40 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.12.13 23:02:40 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.12.13 23:02:29 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.12.13 23:02:29 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.12.13 23:02:27 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.12.13 23:02:26 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.12.13 23:02:26 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.12.13 23:02:25 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.12.13 23:02:25 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.12.13 23:02:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.12.13 23:02:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.12.13 23:02:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.12.13 22:50:51 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\Google
[2012.12.13 22:36:51 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.12.13 22:36:51 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.12.13 22:36:51 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.12.13 22:36:47 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.12.13 22:36:47 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.12.13 22:36:47 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.12.13 22:36:45 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.12.13 22:36:45 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.12.13 21:33:08 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Mozilla
[2012.12.13 21:31:27 | 000,000,000 | ---D | C] -- C:\Users\Donald\Documents\ASUS WebStorage
[2012.12.13 21:31:27 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Asus WebStorage
[2012.12.13 21:31:09 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\BMExplorer
[2012.12.13 21:31:09 | 000,000,000 | ---D | C] -- C:\Users\Donald\Documents\Bluetooth Folder
[2012.12.13 21:29:53 | 000,000,000 | R--D | C] -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.12.13 21:29:53 | 000,000,000 | R--D | C] -- C:\Users\Donald\Searches
[2012.12.13 21:29:53 | 000,000,000 | R--D | C] -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.12.13 21:29:52 | 000,000,000 | -H-D | C] -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012.12.13 21:29:44 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Identities
[2012.12.13 21:29:42 | 000,000,000 | R--D | C] -- C:\Users\Donald\Contacts
[2012.12.13 21:29:25 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2012.12.13 21:29:24 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\Power2Go
[2012.12.13 21:29:21 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\VirtualStore
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Verkkoympäristö
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Tulostinympäristö
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\AppData\Local\Temporary Internet Files
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Sendto
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Recent
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Documents\Omat videotiedostot
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Omat tiedostot
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Documents\Omat musiikkitiedostot
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Documents\Omat kuvatiedostot
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Mallit
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Local Settings
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Käynnistä-valikko
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\AppData\Local\History
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Cookies
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\Application Data
[2012.12.13 21:29:12 | 000,000,000 | -HSD | C] -- C:\Users\Donald\AppData\Local\Application Data
[2012.12.13 21:29:11 | 000,000,000 | --SD | C] -- C:\Users\Donald\AppData\Roaming\Microsoft
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Videos
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Saved Games
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Pictures
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Music
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Links
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Favorites
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Downloads
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Documents
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\Desktop
[2012.12.13 21:29:11 | 000,000,000 | R--D | C] -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.12.13 21:29:11 | 000,000,000 | -H-D | C] -- C:\Users\Donald\AppData
[2012.12.13 21:29:11 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\Temp
[2012.12.13 21:29:11 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Local\Microsoft
[2012.12.13 21:29:11 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Media Center Programs
[2012.12.13 21:29:11 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
========== Files - Modified Within 30 Days ==========
[2012.12.29 01:32:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donald\Desktop\OTL.exe
[2012.12.29 01:31:28 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.29 01:31:20 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012.12.29 01:30:28 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.29 01:30:28 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.29 01:27:12 | 003,116,386 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.29 01:27:12 | 000,628,980 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2012.12.29 01:27:12 | 000,627,420 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.29 01:27:12 | 000,473,584 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2012.12.29 01:27:12 | 000,459,998 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat
[2012.12.29 01:27:12 | 000,452,980 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2012.12.29 01:27:12 | 000,127,492 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2012.12.29 01:27:12 | 000,110,140 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.29 01:27:12 | 000,086,058 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2012.12.29 01:27:12 | 000,083,556 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2012.12.29 01:27:12 | 000,080,848 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat
[2012.12.29 01:22:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.29 01:22:34 | 3151,835,136 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.28 23:17:48 | 000,000,512 | ---- | M] () -- C:\Users\Donald\Desktop\MBR.dat
[2012.12.28 23:02:54 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012.12.28 22:56:42 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Donald\Desktop\aswMBR.exe
[2012.12.28 22:55:27 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Donald\Desktop\tdsskiller.exe
[2012.12.28 22:44:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.28 20:55:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.12.28 20:44:59 | 005,014,093 | R--- | M] (Swearware) -- C:\Users\Donald\Desktop\ComboFix.exe
[2012.12.28 12:16:48 | 000,758,784 | ---- | M] () -- C:\Users\Donald\Desktop\RogueKiller.exe
[2012.12.28 12:16:36 | 000,550,017 | ---- | M] () -- C:\Users\Donald\Desktop\adwcleaner.exe
[2012.12.28 12:16:15 | 000,856,731 | ---- | M] () -- C:\Users\Donald\Desktop\SecurityCheck.exe
[2012.12.27 21:41:07 | 589,288,540 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.12.22 14:46:47 | 000,277,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.16 19:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.16 16:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.16 16:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.16 16:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.14 14:44:14 | 000,002,275 | ---- | M] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012.12.14 14:38:41 | 000,001,302 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.12.14 07:26:47 | 000,049,202 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.12.14 07:26:47 | 000,049,202 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.12.14 03:21:06 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.14 02:39:28 | 000,001,934 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.12.14 02:24:12 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2012.12.14 02:24:12 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2012.12.14 00:40:21 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.14 00:24:18 | 000,001,431 | ---- | M] () -- C:\Users\Donald\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012.12.13 23:10:16 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.12.13 23:10:16 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.12.13 23:10:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.12.13 23:10:16 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.12.13 23:10:16 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.12.13 23:10:16 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.12.13 23:10:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.12.13 23:10:16 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.12.13 23:10:16 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.12.13 23:10:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.12.13 23:10:16 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.12.13 23:10:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.12.13 23:10:16 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.12.13 23:10:15 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.12.13 23:10:15 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.12.13 23:10:15 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.12.13 23:10:15 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.12.13 23:10:15 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.12.13 23:10:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.12.13 23:10:15 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.12.13 23:10:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.12.13 23:10:15 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.12.13 23:10:15 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.12.13 23:10:15 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.12.13 23:10:15 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.12.13 23:10:15 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.12.13 23:10:15 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.12.13 23:10:15 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.12.13 23:10:15 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.12.13 23:10:15 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.12.13 23:10:15 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.12.13 23:10:15 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.12.13 23:10:15 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.12.13 23:10:15 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.12.13 23:10:14 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.12.13 23:10:14 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.12.13 23:10:14 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.12.13 23:10:14 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.12.13 23:10:14 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.12.13 23:10:14 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.12.13 23:10:14 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.12.13 23:10:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.12.13 23:10:14 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.12.13 23:10:13 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.12.13 23:10:13 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.12.13 23:10:13 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.12.13 23:10:13 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.12.13 23:10:13 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.12.13 23:10:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.12.13 23:10:13 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.12.13 23:10:13 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.12.13 23:10:13 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.12.13 23:10:13 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.12.13 23:10:13 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.12.13 23:10:13 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.12.13 23:10:13 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.12.13 23:10:13 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.12.13 23:10:13 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.12.13 23:10:13 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.12.13 23:10:13 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.12.13 23:10:13 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.12.13 23:10:13 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.12.13 23:10:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.12.13 23:10:13 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.12.13 23:10:13 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.12.13 23:10:13 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.12.13 23:10:13 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.12.13 23:10:13 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.12.13 23:10:13 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.12.13 23:10:13 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.12.13 23:10:13 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.12.13 23:10:13 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.12.13 23:10:13 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.12.13 23:10:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.12.13 22:54:07 | 000,002,289 | ---- | M] () -- C:\Users\Donald\Desktop\Google Chrome.lnk
[2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
-
OTL logfile created on: 29.12.2012 1:36:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Donald\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040b | Country: Suomi | Language: FIN | Date Format: d.M.yyyy
3,91 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 68,01% Memory free
7,83 Gb Paging File | 6,30 Gb Available in Paging File | 80,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,27 Gb Total Space | 409,04 Gb Free Space | 92,07% Space Free | Partition Type: NTFS
Computer Name: DONALD-PC | User Name: Donald | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Donald\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fi_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fi_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\..\SearchScopes\{F1E95DB3-B78C-4A52-BA66-057CCE090B3C}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^FI&apn_uid=c8aaf38e-f8d5-4246-98e2-86f8aaba61a8&apn_sauid=49E1B8D5-254E-4025-B981-062BD15C9E42
IE - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
O1 HOSTS File: ([2012.12.28 20:55:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2065890004-3735609052-1085264056-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BFECA8C-2C50-4D21-84A5-BC2F322CCCB6}: DhcpNameServer = 192.168.254.254 192.168.254.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.29 01:32:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Donald\Desktop\OTL.exe
[2012.12.28 22:55:51 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Donald\Desktop\aswMBR.exe
[2012.12.28 22:55:21 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Donald\Desktop\tdsskiller.exe
[2012.12.28 21:38:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.28 20:58:37 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.12.28 20:47:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.28 20:47:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.28 20:47:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.28 20:47:14 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.28 20:47:01 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.28 20:44:32 | 005,014,093 | R--- | C] (Swearware) -- C:\Users\Donald\Desktop\ComboFix.exe
[2012.12.28 12:34:15 | 000,000,000 | ---D | C] -- C:\Users\Donald\Desktop\RK_Quarantine
[2012.12.27 21:41:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.12.27 20:30:28 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.12.22 14:43:47 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.22 14:43:47 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.22 14:43:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.22 14:43:46 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.15 13:22:52 | 000,000,000 | ---D | C] -- C:\files
[2012.12.14 14:50:50 | 000,000,000 | ---D | C] -- C:\downloads
[2012.12.14 07:21:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.12.14 03:21:14 | 000,000,000 | ---D | C] -- C:\Users\Donald\AppData\Roaming\Malwarebytes
[2012.12.14 03:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.14 03:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.14 03:21:05 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.14 03:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.12.14 02:49:19 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012.12.14 02:49:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012.12.14 02:49:19 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2012.12.14 02:49:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012.12.14 02:49:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012.12.14 02:49:18 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.12.14 02:49:18 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012.12.14 02:49:18 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012.12.14 02:49:18 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2012.12.14 02:49:18 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012.12.14 02:49:18 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012.12.14 02:49:18 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012.12.14 02:49:18 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2012.12.14 02:49:18 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2012.12.14 02:49:18 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2012.12.14 02:49:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2012.12.14 02:49:18 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2012.12.14 02:49:18 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012.12.14 02:49:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012.12.14 02:49:18 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012.12.14 02:49:18 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2012.12.14 02:49:18 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2012.12.14 02:49:17 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012.12.14 02:49:17 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012.12.14 02:48:26 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.12.14 02:48:26 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.12.14 02:48:25 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.12.14 02:48:19 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.12.14 02:48:19 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.12.14 02:48:09 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.12.14 02:48:09 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.12.14 02:48:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.12.14 02:47:22 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.12.14 02:47:12 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.12.14 02:47:12 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.12.14 02:47:12 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.12.14 02:47:12 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.12.14 02:47:11 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.12.14 02:47:11 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.12.14 02:47:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.12.14 02:47:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.12.14 01:50:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012.12.14 01:50:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012.12.14 01:38:36 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2012.12.14 01:38:36 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2012.12.14 01:38:32 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012.12.14 01:38:29 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012.12.14 01:38:25 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2012.12.14 01:38:25 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2012.12.14 01:38:22 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2012.12.14 01:38:21 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2012.12.14 01:38:21 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2012.12.14 01:38:21 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2012.12.14 01:38:20 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2012.12.14 01:38:20 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2012.12.14 01:38:20 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2012.12.14 01:38:20 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2012.12.14 01:38:20 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2012.12.14 01:38:19 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2012.12.14 01:38:19 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2012.12.14 01:38:19 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2012.12.14 01:38:19 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2012.12.14 01:38:18 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2012.12.14 01:38:18 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2012.12.14 01:38:17 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012.12.14 01:38:17 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2012.12.14 01:38:17 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2012.12.14 01:38:17 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2012.12.14 01:38:17 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2012.12.14 01:38:16 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2012.12.14 01:38:16 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2012.12.14 01:38:16 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NaturalLanguage6.dll
[2012.12.14 01:38:15 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012.12.14 01:38:15 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2012.12.14 01:38:15 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2012.12.14 01:38:14 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2012.12.14 01:38:14 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012.12.14 01:38:14 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2012.12.14 01:38:14 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012.12.14 01:38:13 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2012.12.14 01:38:13 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2012.12.14 01:38:13 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2012.12.14 01:38:13 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2012.12.14 01:38:13 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2012.12.14 01:38:13 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2012.12.14 01:38:13 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpdd.dll
[2012.12.14 01:38:12 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2012.12.14 01:38:12 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2012.12.14 01:38:12 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2012.12.14 01:38:11 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthFWSnapin.dll
[2012.12.14 01:38:11 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuthFWSnapin.dll
[2012.12.14 01:38:11 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2012.12.14 01:38:11 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2012.12.14 01:38:09 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2012.12.14 01:38:09 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2012.12.14 01:38:08 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2012.12.14 01:38:07 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2012.12.14 01:38:07 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2012.12.14 01:38:06 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2012.12.14 01:38:06 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2012.12.14 01:38:06 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2012.12.14 01:38:06 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2012.12.14 01:38:05 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2012.12.14 01:38:05 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werconcpl.dll
[2012.12.14 01:38:05 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2012.12.14 01:38:05 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2012.12.14 01:38:04 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2012.12.14 01:38:04 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2012.12.14 01:38:03 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2012.12.14 01:38:03 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2012.12.14 01:38:03 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2012.12.14 01:38:03 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2012.12.14 01:38:03 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll
[2012.12.14 01:38:03 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2012.12.14 01:38:02 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2012.12.14 01:38:02 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2012.12.14 01:38:02 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2012.12.14 01:38:02 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012.12.14 01:38:02 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2012.12.14 01:38:02 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2012.12.14 01:38:01 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012.12.14 01:38:01 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2012.12.14 01:38:01 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2012.12.14 01:38:01 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2012.12.14 01:38:01 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2012.12.14 01:38:01 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2012.12.14 01:38:01 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2012.12.14 01:38:01 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2012.12.14 01:38:01 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.exe
[2012.12.14 01:38:01 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2012.12.14 01:38:01 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2012.12.14 01:38:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmonui.dll
[2012.12.14 01:38:00 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2012.12.14 01:38:00 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2012.12.14 01:38:00 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2012.12.14 01:38:00 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2012.12.14 01:38:00 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll
[2012.12.14 01:38:00 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENT.DLL
[2012.12.14 01:38:00 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3api.dll
[2012.12.14 01:37:59 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2012.12.14 01:37:59 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Vault.dll
[2012.12.14 01:37:59 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2012.12.14 01:37:59 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe
[2012.12.14 01:37:59 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmd.exe
[2012.12.14 01:37:59 | 000,281,600 | ---- | C] (Microsoft) -- C:\Windows\SysNative\DShowRdpFilter.dll
[2012.12.14 01:37:58 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2012.12.14 01:37:58 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2012.12.14 01:37:58 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2012.12.14 01:37:57 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2012.12.14 01:37:57 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2012.12.14 01:37:57 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2012.12.14 01:37:57 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2012.12.14 01:37:57 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxs.dll
[2012.12.14 01:37:57 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2012.12.14 01:37:57 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
[2012.12.14 01:37:57 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2012.12.14 01:37:57 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcbuilder.exe
[2012.12.14 01:37:57 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2012.12.14 01:37:57 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgprint.dll
[2012.12.14 01:37:57 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2012.12.14 01:37:56 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2012.12.14 01:37:56 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
[2012.12.14 01:37:56 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2012.12.14 01:37:56 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012.12.14 01:37:55 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2012.12.14 01:37:55 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2012.12.14 01:37:55 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2012.12.14 01:37:55 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2012.12.14 01:37:55 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2012.12.14 01:37:55 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2012.12.14 01:37:55 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mcbuilder.exe
[2012.12.14 01:37:55 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prncache.dll
[2012.12.14 01:37:55 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3api.dll
[2012.12.14 01:37:54 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2012.12.14 01:37:54 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2012.12.14 01:37:54 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2012.12.14 01:37:54 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2012.12.14 01:37:54 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2012.12.14 01:37:54 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2012.12.14 01:37:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2012.12.14 01:37:53 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2012.12.14 01:37:53 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2012.12.14 01:37:53 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2012.12.14 01:37:53 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2012.12.14 01:37:53 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2012.12.14 01:37:53 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2012.12.14 01:37:53 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2012.12.14 01:37:53 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2012.12.14 01:37:53 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.exe
[2012.12.14 01:37:53 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2012.12.14 01:37:53 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2012.12.14 01:37:52 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2012.12.14 01:37:52 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012.12.14 01:37:52 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2012.12.14 01:37:52 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fde.dll
[2012.12.14 01:37:51 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2012.12.14 01:37:51 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localsec.dll
[2012.12.14 01:37:51 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2012.12.14 01:37:51 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll
[2012.12.14 01:37:51 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netdiagfx.dll
[2012.12.14 01:37:51 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2012.12.14 01:37:51 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2012.12.14 01:37:51 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2012.12.14 01:37:51 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2012.12.14 01:37:51 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2012.12.14 01:37:51 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSHVHOST.DLL
[2012.12.14 01:37:51 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2012.12.14 01:37:51 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2012.12.14 01:37:51 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netid.dll
[2012.12.14 01:37:51 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012.12.14 01:37:51 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2012.12.14 01:37:50 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2012.12.14 01:37:50 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2012.12.14 01:37:50 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2012.12.14 01:37:50 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspbda.dll
[2012.12.14 01:37:50 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\biocpl.dll
[2012.12.14 01:37:50 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2012.12.14 01:37:50 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2012.12.14 01:37:49 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2012.12.14 01:37:49 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2012.12.14 01:37:49 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2012.12.14 01:37:49 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2012.12.14 01:37:49 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitagent.exe
[2012.12.14 01:37:48 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallControlPanel.dll
[2012.12.14 01:37:48 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll
[2012.12.14 01:37:48 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2012.12.14 01:37:48 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2012.12.14 01:37:48 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2012.12.14 01:37:48 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2012.12.14 01:37:48 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2012.12.14 01:37:48 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2012.12.14 01:37:48 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012.12.14 01:37:48 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2012.12.14 01:37:48 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2012.12.14 01:37:48 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2012.12.14 01:37:47 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2012.12.14 01:37:47 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2012.12.14 01:37:47 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\calc.exe
[2012.12.14 01:37:47 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2012.12.14 01:37:47 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXP.dll
[2012.12.14 01:37:47 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2012.12.14 01:37:47 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2012.12.14 01:37:47 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll
[2012.12.14 01:37:47 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2012.12.14 01:37:47 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetapi.dll
[2012.12.14 01:37:46 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2012.12.14 01:37:46 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2012.12.14 01:37:46 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2012.12.14 01:37:46 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2012.12.14 01:37:46 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2012.12.14 01:37:46 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2012.12.14 01:37:46 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2012.12.14 01:37:46 | 000,128,000 | ---- | C] (Microsoft) -- C:\Windows\SysNative\Robocopy.exe
[2012.12.14 01:37:46 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thumbcache.dll
[2012.12.14 01:37:46 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys
[2012.12.14 01:37:45 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2012.12.14 01:37:45 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DxpTaskSync.dll
[2012.12.14 01:37:45 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2012.12.14 01:37:45 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2012.12.14 01:37:45 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll
[2012.12.14 01:37:45 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2012.12.14 01:37:45 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2012.12.14 01:37:45 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll
[2012.12.14 01:37:45 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prncache.dll
[2012.12.14 01:37:45 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2012.12.14 01:37:44 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2012.12.14 01:37:44 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXPTaskRingtone.dll
[2012.12.14 01:37:44 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2012.12.14 01:37:44 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2012.12.14 01:37:43 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2012.12.14 01:37:43 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2012.12.14 01:37:43 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2012.12.14 01:37:43 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2012.12.14 01:37:43 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2012.12.14 01:37:43 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\net1.exe
[2012.12.14 01:37:43 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2012.12.14 01:37:42 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2012.12.14 01:37:42 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdengin2.dll
[2012.12.14 01:37:42 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll
[2012.12.14 01:37:42 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2012.12.14 01:37:42 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiadefui.dll
[2012.12.14 01:37:42 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2012.12.14 01:37:42 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2012.12.14 01:37:42 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2012.12.14 01:37:42 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2012.12.14 01:37:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samcli.dll
[2012.12.14 01:37:42 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2012.12.14 01:37:41 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2012.12.14 01:37:41 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2012.12.14 01:37:41 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2012.12.14 01:37:41 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2012.12.14 01:37:41 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2012.12.14 01:37:41 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netdiagfx.dll
[2012.12.14 01:37:41 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSHVHOST.DLL
[2012.12.14 01:37:41 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fde.dll
[2012.12.14 01:37:41 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2012.12.14 01:37:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2012.12.14 01:37:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QUTIL.DLL
[2012.12.14 01:37:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcl.exe
[2012.12.14 01:37:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2012.12.14 01:37:40 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2012.12.14 01:37:40 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TabletPC.cpl
[2012.12.14 01:37:40 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2012.12.14 01:37:40 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll
[2012.12.14 01:37:40 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msconfig.exe
[2012.12.14 01:37:40 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2012.12.14 01:37:40 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2012.12.14 01:37:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2012.12.14 01:37:39 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2012.12.14 01:37:39 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2012.12.14 01:37:39 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2012.12.14 01:37:39 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2012.12.14 01:37:39 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2012.12.14 01:37:39 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdeploy.dll
[2012.12.14 01:37:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsmproxy.dll
[2012.12.14 01:37:38 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2012.12.14 01:37:38 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2012.12.14 01:37:38 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXPTaskRingtone.dll
[2012.12.14 01:37:38 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2012.12.14 01:37:38 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll
[2012.12.14 01:37:37 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsCpl.dll
[2012.12.14 01:37:37 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2012.12.14 01:37:37 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2012.12.14 01:37:37 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Narrator.exe
[2012.12.14 01:37:37 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2012.12.14 01:37:37 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2012.12.14 01:37:37 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2012.12.14 01:37:37 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2012.12.14 01:37:37 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sharemediacpl.dll
[2012.12.14 01:37:37 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2012.12.14 01:37:37 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2012.12.14 01:37:37 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netjoin.dll
[2012.12.14 01:37:37 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoncli.dll
[2012.12.14 01:37:37 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2012.12.14 01:37:37 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nci.dll
[2012.12.14 01:37:37 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2012.12.14 01:37:37 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RpcRtRemote.dll
[2012.12.14 01:37:36 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2012.12.14 01:37:36 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2012.12.14 01:37:36 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2012.12.14 01:37:36 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2012.12.14 01:37:36 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2012.12.14 01:37:36 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshipsec.dll
[2012.12.14 01:37:36 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2012.12.14 01:37:36 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2012.12.14 01:37:36 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll
[2012.12.14 01:37:36 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2012.12.14 01:37:36 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2012.12.14 01:37:36 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2012.12.14 01:37:36 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2012.12.14 01:37:36 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012.12.14 01:37:36 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2012.12.14 01:37:36 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2012.12.14 01:37:36 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnikeapi.dll
[2012.12.14 01:37:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\proquota.exe
[2012.12.14 01:37:35 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2012.12.14 01:37:35 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2012.12.14 01:37:35 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2012.12.14 01:37:35 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2012.12.14 01:37:35 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2012.12.14 01:37:35 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2012.12.14 01:37:35 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2012.12.14 01:37:35 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2012.12.14 01:37:35 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll
[2012.12.14 01:37:33 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2012.12.14 01:37:33 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2012.12.14 01:37:33 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2012.12.14 01:37:33 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2012.12.14 01:37:33 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2012.12.14 01:37:33 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys
[2012.12.14 01:37:33 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prntvpt.dll
[2012.12.14 01:37:33 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2012.12.14 01:37:33 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2012.12.14 01:37:32 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2012.12.14 01:37:32 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2012.12.14 01:37:32 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2012.12.14 01:37:32 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2012.12.14 01:37:32 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll
[2012.12.14 01:37:32 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2012.12.14 01:37:32 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll
[2012.12.14 01:37:32 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QAGENT.DLL
[2012.12.14 01:37:32 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netid.dll
[2012.12.14 01:37:32 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2012.12.14 01:37:31 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2012.12.14 01:37:31 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2012.12.14 01:37:31 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2012.12.14 01:37:31 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2012.12.14 01:37:31 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpsrcwp.dll
[2012.12.14 01:37:30 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bootres.dll
[2012.12.14 01:37:30 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2012.12.14 01:37:30 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DiagCpl.dll
[2012.12.14 01:37:30 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2012.12.14 01:37:30 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll
[2012.12.14 01:37:30 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2012.12.14 01:37:30 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\Robocopy.exe
[2012.12.14 01:37:30 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSTPager.ax
[2012.12.14 01:37:30 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nci.dll
[2012.12.14 01:37:30 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2012.12.14 01:37:29 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DxpTaskSync.dll
[2012.12.14 01:37:29 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2012.12.14 01:37:29 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll
[2012.12.14 01:37:29 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2012.12.14 01:37:29 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe
[2012.12.14 01:37:29 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2012.12.14 01:37:29 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2012.12.14 01:37:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2012.12.14 01:37:28 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2012.12.14 01:37:28 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2012.12.14 01:37:28 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2012.12.14 01:37:27 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnfldr.dll
[2012.12.14 01:37:27 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\termmgr.dll
[2012.12.14 01:37:27 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll
[2012.12.14 01:37:27 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2012.12.14 01:37:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2012.12.14 01:37:27 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe
[2012.12.14 01:37:27 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2012.12.14 01:37:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012.12.14 01:37:27 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2012.12.14 01:37:27 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2012.12.14 01:37:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\proquota.exe
[2012.12.14 01:37:27 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\userinit.exe
[2012.12.14 01:37:26 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2012.12.14 01:37:26 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiadefui.dll
[2012.12.14 01:37:26 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2012.12.14 01:37:26 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2012.12.14 01:37:26 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2012.12.14 01:37:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2012.12.14 01:37:26 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2012.12.14 01:37:26 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012.12.14 01:37:26 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logoncli.dll
[2012.12.14 01:37:26 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2012.12.14 01:37:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userinit.exe
[2012.12.14 01:37:25 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll
[2012.12.14 01:37:25 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2012.12.14 01:37:25 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll
[2012.12.14 01:37:25 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2012.12.14 01:37:25 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2012.12.14 01:37:25 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2012.12.14 01:37:25 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe
[2012.12.14 01:37:25 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2012.12.14 01:37:25 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\defaultlocationcpl.dll
[2012.12.14 01:37:25 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2012.12.14 01:37:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll
[2012.12.14 01:37:24 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll
[2012.12.14 01:37:24 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2012.12.14 01:37:23 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2012.12.14 01:37:23 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2012.12.14 01:37:23 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2012.12.14 01:37:23 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll
[2012.12.14 01:37:23 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2012.12.14 01:37:23 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll
[2012.12.14 01:37:23 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localsec.dll
[2012.12.14 01:37:23 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll
[2012.12.14 01:37:23 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll
[2012.12.14 01:37:23 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OnLineIDCpl.dll
[2012.12.14 01:37:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll
[2012.12.14 01:37:23 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2012.12.14 01:37:22 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2012.12.14 01:37:22 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll
[2012.12.14 01:37:22 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll
[2012.12.14 01:37:22 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2012.12.14 01:37:22 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2012.12.14 01:37:22 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2012.12.14 01:37:22 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2012.12.14 01:37:22 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\intl.cpl
[2012.12.14 01:37:22 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twext.dll
[2012.12.14 01:37:22 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prntvpt.dll
[2012.12.14 01:37:21 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2012.12.14 01:37:21 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OobeFldr.dll
[2012.12.14 01:37:21 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsuiext.dll
[2012.12.14 01:37:21 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroleui.dll
[2012.12.14 01:37:21 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizeng.dll
[2012.12.14 01:37:21 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe
[2012.12.14 01:37:21 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2012.12.14 01:37:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2012.12.14 01:37:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroleui.dll
[2012.12.14 01:37:21 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxlib.dll
[2012.12.14 01:37:21 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recovery.dll
[2012.12.14 01:37:21 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cca.dll
[2012.12.14 01:37:21 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\isoburn.exe
[2012.12.14 01:37:21 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2012.12.14 01:37:21 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sisbkup.dll
[2012.12.14 01:37:20 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2012.12.14 01:37:20 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdcpl.dll
[2012.12.14 01:37:20 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2012.12.14 01:37:20 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl
[2012.12.14 01:37:20 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shwebsvc.dll
[2012.12.14 01:37:20 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2012.12.14 01:37:20 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efscore.dll
[2012.12.14 01:37:20 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recdisc.exe
[2012.12.14 01:37:20 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2012.12.14 01:37:20 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syncui.dll
[2012.12.14 01:37:20 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VBICodec.ax
[2012.12.14 01:37:20 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2012.12.14 01:37:20 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldp.dll
[2012.12.14 01:37:20 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netjoin.dll
[2012.12.14 01:37:20 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2012.12.14 01:37:20 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2012.12.14 01:37:20 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzutil.exe
[2012.12.14 01:37:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2012.12.14 01:37:19 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2012.12.14 01:37:19 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll
[2012.12.14 01:37:19 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2012.12.14 01:37:19 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2012.12.14 01:37:19 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2012.12.14 01:37:19 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2012.12.14 01:37:19 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2012.12.14 01:37:19 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2012.12.14 01:37:19 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2012.12.14 01:37:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2012.12.14 01:37:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksxbar.ax
[2012.12.14 01:37:18 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2012.12.14 01:37:18 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll
[2012.12.14 01:37:18 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2012.12.14 01:37:18 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizeng.dll
[2012.12.14 01:37:18 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termmgr.dll
[2012.12.14 01:37:18 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnfldr.dll
[2012.12.14 01:37:18 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2012.12.14 01:37:18 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2012.12.14 01:37:18 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2012.12.14 01:37:18 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2012.12.14 01:37:18 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll
[2012.12.14 01:37:18 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OnLineIDCpl.dll
[2012.12.14 01:37:18 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2012.12.14 01:37:17 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2012.12.14 01:37:17 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2012.12.14 01:37:17 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlcese30.dll
[2012.12.14 01:37:17 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2012.12.14 01:37:17 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl
[2012.12.14 01:37:17 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2012.12.14 01:37:17 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll
[2012.12.14 01:37:17 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2012.12.14 01:37:17 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll
[2012.12.14 01:37:17 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\defaultlocationcpl.dll
[2012.12.14 01:37:17 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\efscore.dll
[2012.12.14 01:37:17 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2012.12.14 01:37:17 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
[2012.12.14 01:37:17 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntlanman.dll
[2012.12.14 01:37:17 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2012.12.14 01:37:17 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpd3d.dll
[2012.12.14 01:37:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2012.12.14 01:37:17 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2012.12.14 01:37:17 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sisbkup.dll
[2012.12.14 01:37:16 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2012.12.14 01:37:16 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll
[2012.12.14 01:37:16 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2012.12.14 01:37:16 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll
[2012.12.14 01:37:16 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ssText3d.scr
[2012.12.14 01:37:16 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2012.12.14 01:37:16 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iTVData.dll
[2012.12.14 01:37:16 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syncui.dll
[2012.12.14 01:37:16 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2012.12.14 01:37:16 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvcli.dll
[2012.12.14 01:37:16 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountControlSettings.dll
[2012.12.14 01:37:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2012.12.14 01:37:15 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll
[2012.12.14 01:37:15 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012.12.14 01:37:15 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2012.12.14 01:37:15 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2012.12.14 01:37:15 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2012.12.14 01:37:15 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2012.12.14 01:37:15 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srrstr.dll
[2012.12.14 01:37:15 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2012.12.14 01:37:15 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wavemsp.dll
[2012.12.14 01:37:15 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll
[2012.12.14 01:37:15 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquoui.dll
[2012.12.14 01:37:15 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdboot.exe
[2012.12.14 01:37:15 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2012.12.14 01:37:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2012.12.14 01:37:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPHLPR.DLL
[2012.12.14 01:37:15 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nslookup.exe
[2012.12.14 01:37:15 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSTPager.ax
[2012.12.14 01:37:15 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acppage.dll
[2012.12.14 01:37:14 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
-
23:05:24.0026 4292 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
23:05:24.0026 4292 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
23:05:24.0026 4292 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:05:24.0026 4292 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe - ok
23:05:24.0026 4292 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
23:05:24.0026 4292 C:\Windows\SysWOW64\d3d10_1core.dll - ok
23:05:24.0042 4292 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
23:05:24.0042 4292 C:\Windows\SysWOW64\wshbth.dll - ok
23:05:24.0042 4292 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
23:05:24.0042 4292 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
23:05:24.0042 4292 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
23:05:24.0042 4292 C:\Windows\System32\d3d10_1core.dll - ok
23:05:24.0058 4292 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
23:05:24.0058 4292 C:\Windows\SysWOW64\mswsock.dll - ok
23:05:24.0058 4292 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
23:05:24.0058 4292 C:\Windows\SysWOW64\wbemcomn.dll - ok
23:05:24.0058 4292 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
23:05:24.0058 4292 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
23:05:24.0073 4292 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
23:05:24.0073 4292 C:\Windows\SysWOW64\dxgi.dll - ok
23:05:24.0073 4292 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
23:05:24.0073 4292 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
23:05:24.0073 4292 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
23:05:24.0073 4292 C:\Windows\System32\dxgi.dll - ok
23:05:24.0089 4292 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll
23:05:24.0089 4292 C:\Windows\SysWOW64\apisetschema.dll - ok
23:05:24.0089 4292 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
23:05:24.0089 4292 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
23:05:24.0089 4292 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] C:\Windows\System32\msdtc.exe
23:05:24.0089 4292 C:\Windows\System32\msdtc.exe - ok
23:05:24.0104 4292 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
23:05:24.0104 4292 C:\Windows\SysWOW64\secur32.dll - ok
23:05:24.0104 4292 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
23:05:24.0104 4292 C:\Windows\SysWOW64\wship6.dll - ok
23:05:24.0104 4292 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
23:05:24.0104 4292 C:\Windows\System32\msiexec.exe - ok
23:05:24.0120 4292 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
23:05:24.0120 4292 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
23:05:24.0120 4292 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
23:05:24.0120 4292 C:\Windows\SysWOW64\ntdsapi.dll - ok
23:05:24.0120 4292 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
23:05:24.0120 4292 C:\Windows\SysWOW64\rasadhlp.dll - ok
23:05:24.0136 4292 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
23:05:24.0136 4292 C:\Windows\SysWOW64\credssp.dll - ok
23:05:24.0136 4292 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
23:05:24.0136 4292 C:\Windows\SysWOW64\MMDevAPI.dll - ok
23:05:24.0151 4292 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
23:05:24.0151 4292 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
23:05:24.0151 4292 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
23:05:24.0151 4292 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
23:05:24.0151 4292 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
23:05:24.0151 4292 C:\Windows\SysWOW64\powrprof.dll - ok
23:05:24.0167 4292 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
23:05:24.0167 4292 C:\Windows\SysWOW64\dssenh.dll - ok
23:05:24.0167 4292 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
23:05:24.0167 4292 C:\Windows\System32\Locator.exe - ok
23:05:24.0167 4292 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
23:05:24.0167 4292 C:\Windows\System32\dssenh.dll - ok
23:05:24.0182 4292 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
23:05:24.0182 4292 C:\Windows\SysWOW64\propsys.dll - ok
23:05:24.0182 4292 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
23:05:24.0182 4292 C:\Windows\System32\sppsvc.exe - ok
23:05:24.0182 4292 [ EFA67664E181EAF2DEA190EE71C0C9AB ] C:\Windows\System32\igd10umd64.dll
23:05:24.0182 4292 C:\Windows\System32\igd10umd64.dll - ok
23:05:24.0198 4292 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
23:05:24.0198 4292 C:\Windows\servicing\TrustedInstaller.exe - ok
23:05:24.0198 4292 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
23:05:24.0198 4292 C:\Windows\System32\UI0Detect.exe - ok
23:05:24.0198 4292 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
23:05:24.0198 4292 C:\Windows\System32\vds.exe - ok
23:05:24.0214 4292 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
23:05:24.0214 4292 C:\Windows\System32\VSSVC.exe - ok
23:05:24.0214 4292 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
23:05:24.0214 4292 C:\Windows\System32\localspl.dll - ok
23:05:24.0214 4292 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] C:\Windows\System32\Wat\WatAdminSvc.exe
23:05:24.0214 4292 C:\Windows\System32\Wat\WatAdminSvc.exe - ok
23:05:24.0214 4292 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
23:05:24.0214 4292 C:\Windows\SysWOW64\AudioSes.dll - ok
23:05:24.0229 4292 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
23:05:24.0229 4292 C:\Windows\System32\spoolss.dll - ok
23:05:24.0229 4292 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
23:05:24.0229 4292 C:\Windows\System32\wbengine.exe - ok
23:05:24.0245 4292 [ 149126216A694E6BA84E92ECA77AAE3B ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
23:05:24.0245 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe - ok
23:05:24.0245 4292 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
23:05:24.0245 4292 C:\Windows\System32\uDWM.dll - ok
23:05:24.0245 4292 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
23:05:24.0245 4292 C:\Windows\SysWOW64\slc.dll - ok
23:05:24.0260 4292 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
23:05:24.0260 4292 C:\Windows\System32\PrintIsolationProxy.dll - ok
23:05:24.0260 4292 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:05:24.0260 4292 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe - ok
23:05:24.0260 4292 [ 1917BE7C440DC7CF04304F0AFD7FDD16 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
23:05:24.0260 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe - ok
23:05:24.0276 4292 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
23:05:24.0276 4292 C:\Windows\System32\FXSMON.dll - ok
23:05:24.0276 4292 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
23:05:24.0276 4292 C:\Windows\System32\wbem\WmiApSrv.exe - ok
23:05:24.0276 4292 [ AA11E1368EEB237DD100BAC6AFFE1C57 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
23:05:24.0276 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe - ok
23:05:24.0292 4292 [ 5808C52A626C245047ED307BFA355049 ] C:\Program Files\Elantech\ETDApi.dll
23:05:24.0292 4292 C:\Program Files\Elantech\ETDApi.dll - ok
23:05:24.0292 4292 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
23:05:24.0292 4292 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
23:05:24.0292 4292 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
23:05:24.0292 4292 C:\Windows\System32\tcpmon.dll - ok
23:05:24.0307 4292 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
23:05:24.0307 4292 C:\Windows\SysWOW64\ktmw32.dll - ok
23:05:24.0307 4292 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
23:05:24.0307 4292 C:\Windows\SysWOW64\snmpapi.dll - ok
23:05:24.0307 4292 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
23:05:24.0307 4292 C:\Windows\System32\snmpapi.dll - ok
23:05:24.0323 4292 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
23:05:24.0323 4292 C:\Windows\SysWOW64\wevtapi.dll - ok
23:05:24.0323 4292 [ 4A7C441D99D86704D194E7678873B95D ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
23:05:24.0323 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe - ok
23:05:24.0323 4292 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
23:05:24.0323 4292 C:\Windows\System32\SearchIndexer.exe - ok
23:05:24.0338 4292 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\SysWOW64\wsnmp32.dll
23:05:24.0338 4292 C:\Windows\SysWOW64\wsnmp32.dll - ok
23:05:24.0338 4292 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
23:05:24.0338 4292 C:\Windows\System32\wsnmp32.dll - ok
23:05:24.0338 4292 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
23:05:24.0338 4292 C:\Windows\SysWOW64\msxml6.dll - ok
23:05:24.0354 4292 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
23:05:24.0354 4292 C:\Windows\System32\usbmon.dll - ok
23:05:24.0354 4292 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
23:05:24.0354 4292 C:\Windows\SysWOW64\hid.dll - ok
23:05:24.0354 4292 [ AC84CAEC1241871C51FC085C41F24955 ] C:\Windows\SysWOW64\fi-FI\TaskEng.exe.mui
23:05:24.0354 4292 C:\Windows\SysWOW64\fi-FI\TaskEng.exe.mui - ok
23:05:24.0370 4292 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\SysWOW64\WlS0WndH.dll
23:05:24.0370 4292 C:\Windows\SysWOW64\WlS0WndH.dll - ok
23:05:24.0370 4292 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
23:05:24.0370 4292 C:\Windows\System32\WSDMon.dll - ok
23:05:24.0370 4292 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\SysWOW64\WSDApi.dll
23:05:24.0370 4292 C:\Windows\SysWOW64\WSDApi.dll - ok
23:05:24.0385 4292 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll
23:05:24.0385 4292 C:\Windows\SysWOW64\TSChannel.dll - ok
23:05:24.0385 4292 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
23:05:24.0385 4292 C:\Windows\SysWOW64\xmllite.dll - ok
23:05:24.0385 4292 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
23:05:24.0385 4292 C:\Windows\System32\WSDApi.dll - ok
23:05:24.0401 4292 [ 90B4FDF61459637D9D46C9F91DBCA1D3 ] C:\Windows\System32\nvinitx.dll
23:05:24.0401 4292 C:\Windows\System32\nvinitx.dll - ok
23:05:24.0401 4292 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\SysWOW64\webservices.dll
23:05:24.0401 4292 C:\Windows\SysWOW64\webservices.dll - ok
23:05:24.0401 4292 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
23:05:24.0401 4292 C:\Windows\System32\webservices.dll - ok
23:05:24.0416 4292 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
23:05:24.0416 4292 C:\Windows\SysWOW64\FirewallAPI.dll - ok
23:05:24.0416 4292 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
23:05:24.0416 4292 C:\Windows\System32\TSChannel.dll - ok
23:05:24.0416 4292 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:05:24.0416 4292 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
23:05:24.0432 4292 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll
23:05:24.0432 4292 C:\Windows\SysWOW64\fundisc.dll - ok
23:05:24.0432 4292 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
23:05:24.0432 4292 C:\Windows\System32\fundisc.dll - ok
23:05:24.0448 4292 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\SysWOW64\fdPnp.dll
23:05:24.0448 4292 C:\Windows\SysWOW64\fdPnp.dll - ok
23:05:24.0448 4292 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
23:05:24.0448 4292 C:\Windows\System32\fdPnp.dll - ok
23:05:24.0448 4292 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
23:05:24.0448 4292 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
23:05:24.0463 4292 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
23:05:24.0463 4292 C:\Windows\SysWOW64\gpapi.dll - ok
23:05:24.0463 4292 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
23:05:24.0463 4292 C:\Windows\SysWOW64\dsrole.dll - ok
23:05:24.0463 4292 [ AB71EEDC65349322C583A67AC85F8CE8 ] C:\Windows\SysWOW64\fi-FI\runonce.exe.mui
23:05:24.0463 4292 C:\Windows\SysWOW64\fi-FI\runonce.exe.mui - ok
23:05:24.0479 4292 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
23:05:24.0479 4292 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
23:05:24.0479 4292 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\SysWOW64\win32spl.dll
23:05:24.0479 4292 C:\Windows\SysWOW64\win32spl.dll - ok
23:05:24.0479 4292 [ 180E79B16063F7DFD005DC021AC543C6 ] C:\Program Files\P4G\BatteryLife.exe
23:05:24.0479 4292 C:\Program Files\P4G\BatteryLife.exe - ok
23:05:24.0479 4292 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
23:05:24.0494 4292 C:\Windows\System32\win32spl.dll - ok
23:05:24.0494 4292 [ DE3B04D5AF8A1578F5430697546EB157 ] C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
23:05:24.0494 4292 C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe - ok
23:05:24.0510 4292 [ 868E3486E7EC522330344152A5535783 ] C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
23:05:24.0510 4292 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe - ok
23:05:24.0510 4292 [ 3ACABCA6A8DB71B7F19C8A7523AE1846 ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
23:05:24.0510 4292 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - ok
23:05:24.0510 4292 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
23:05:24.0510 4292 C:\Windows\SysWOW64\devrtl.dll - ok
23:05:24.0526 4292 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
23:05:24.0526 4292 C:\Windows\SysWOW64\SPInf.dll - ok
23:05:24.0526 4292 [ 7E5F5E64C91FEDFE72E4C1728094BA69 ] C:\Program Files\P4G\DevMng.dll
23:05:24.0526 4292 C:\Program Files\P4G\DevMng.dll - ok
23:05:24.0526 4292 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
23:05:24.0526 4292 C:\Windows\SysWOW64\taskschd.dll - ok
23:05:24.0541 4292 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
23:05:24.0541 4292 C:\Windows\System32\inetpp.dll - ok
23:05:24.0541 4292 [ 99AE34CA806B8BE848E2FB6A408659DE ] C:\Windows\SysWOW64\fi-FI\setupapi.dll.mui
23:05:24.0541 4292 C:\Windows\SysWOW64\fi-FI\setupapi.dll.mui - ok
23:05:24.0541 4292 [ 9AB802C4321BA2BD6D5F41CCCE6CDB9E ] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
23:05:24.0541 4292 C:\Program Files (x86)\ASUS\Splendid\OVS.dll - ok
23:05:24.0557 4292 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
23:05:24.0557 4292 C:\Windows\SysWOW64\cscapi.dll - ok
23:05:24.0557 4292 [ 5BB1F77C8AF725A15EC9366498D275BB ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
23:05:24.0557 4292 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - ok
23:05:24.0557 4292 [ 50E6288786474CC1275108D33FCC9488 ] C:\Program Files\P4G\OvrClk.dll
23:05:24.0557 4292 C:\Program Files\P4G\OvrClk.dll - ok
23:05:24.0572 4292 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
23:05:24.0572 4292 C:\Windows\SysWOW64\oleacc.dll - ok
23:05:24.0572 4292 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
23:05:24.0572 4292 C:\Windows\SysWOW64\imagehlp.dll - ok
23:05:24.0572 4292 [ 4DAB623EEE6BCF33BF90D964F442687A ] C:\Windows\SysWOW64\fi-FI\shell32.dll.mui
23:05:24.0572 4292 C:\Windows\SysWOW64\fi-FI\shell32.dll.mui - ok
23:05:24.0588 4292 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
23:05:24.0588 4292 C:\Windows\SysWOW64\msi.dll - ok
23:05:24.0588 4292 [ 5368DAC1D13B2331A4F6E7530EBCDBE8 ] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
23:05:24.0588 4292 C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll - ok
23:05:24.0588 4292 [ 37DEB76A2CF005841C4E45DE2B94D84F ] C:\Windows\AsScrPro.exe
23:05:24.0588 4292 C:\Windows\AsScrPro.exe - ok
23:05:24.0604 4292 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
23:05:24.0604 4292 C:\Windows\SysWOW64\mscoree.dll - ok
23:05:24.0604 4292 [ 0F3698E52A5D45E05FC8B8C22296FD35 ] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
23:05:24.0604 4292 C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll - ok
23:05:24.0604 4292 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
23:05:24.0604 4292 C:\Windows\SysWOW64\wininet.dll - ok
23:05:24.0619 4292 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
23:05:24.0619 4292 C:\Windows\SysWOW64\iertutil.dll - ok
23:05:24.0619 4292 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
23:05:24.0619 4292 C:\Windows\SysWOW64\mfc42.dll - ok
23:05:24.0619 4292 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
23:05:24.0619 4292 C:\Windows\SysWOW64\urlmon.dll - ok
23:05:24.0635 4292 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
23:05:24.0635 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
23:05:24.0635 4292 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
23:05:24.0635 4292 C:\Windows\SysWOW64\odbc32.dll - ok
23:05:24.0635 4292 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
23:05:24.0635 4292 C:\Windows\SysWOW64\odbcint.dll - ok
23:05:24.0650 4292 [ 757A595F75E7840A7132EC11E6E6188A ] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe
23:05:24.0650 4292 C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe - ok
23:05:24.0650 4292 [ C4E9E285E1730D864DD4B35B73CDAFDB ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
23:05:24.0650 4292 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll - ok
23:05:24.0666 4292 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
23:05:24.0666 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
23:05:24.0666 4292 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
23:05:24.0666 4292 C:\Windows\SysWOW64\dbghelp.dll - ok
23:05:24.0666 4292 [ 48FDF435B8595604E54125B321924510 ] C:\Windows\SysWOW64\Macromed\Flash\Flash9f.ocx
23:05:24.0666 4292 C:\Windows\SysWOW64\Macromed\Flash\Flash9f.ocx - ok
23:05:24.0682 4292 [ D3EAD1CF16BA729A7F7C9A5D94AA7C05 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
23:05:24.0682 4292 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll - ok
23:05:24.0682 4292 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
23:05:24.0682 4292 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
23:05:24.0682 4292 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
23:05:24.0682 4292 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
23:05:24.0697 4292 [ BAC51269AD827F2889206066D6404C73 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_fi.dll
23:05:24.0697 4292 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_fi.dll - ok
23:05:24.0697 4292 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
23:05:24.0697 4292 C:\Windows\SysWOW64\riched20.dll - ok
23:05:24.0697 4292 [ F8D65A4E644D152ADCD662B4DF5777B7 ] C:\Windows\SysWOW64\fi-FI\crypt32.dll.mui
23:05:24.0697 4292 C:\Windows\SysWOW64\fi-FI\crypt32.dll.mui - ok
23:05:24.0713 4292 [ 859CFCE4A0F72916911BD9F6C6E84581 ] C:\Windows\SysWOW64\ncrypt.dll
23:05:24.0713 4292 C:\Windows\SysWOW64\ncrypt.dll - ok
23:05:24.0713 4292 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
23:05:24.0713 4292 C:\Windows\SysWOW64\bcrypt.dll - ok
23:05:24.0713 4292 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
23:05:24.0713 4292 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
23:05:24.0728 4292 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
23:05:24.0728 4292 C:\Windows\SysWOW64\ncobjapi.dll - ok
23:05:24.0728 4292 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
23:05:24.0728 4292 C:\Windows\SysWOW64\cryptnet.dll - ok
23:05:24.0728 4292 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
23:05:24.0728 4292 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
23:05:24.0744 4292 [ E7B90C35D43360A9EBE9D3CCD46FF407 ] C:\Windows\SysWOW64\fi-FI\user32.dll.mui
23:05:24.0744 4292 C:\Windows\SysWOW64\fi-FI\user32.dll.mui - ok
23:05:24.0744 4292 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
23:05:24.0744 4292 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
23:05:24.0744 4292 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
23:05:24.0744 4292 C:\Windows\SysWOW64\regsvr32.exe - ok
23:05:24.0760 4292 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
23:05:24.0760 4292 C:\Windows\SysWOW64\SensApi.dll - ok
23:05:24.0760 4292 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
23:05:24.0760 4292 C:\Windows\SysWOW64\cmd.exe - ok
23:05:24.0760 4292 [ 57B4D34232852BFE4453BE571DF90D21 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
23:05:24.0760 4292 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe - ok
23:05:24.0775 4292 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
23:05:24.0775 4292 C:\Windows\SysWOW64\mstask.dll - ok
23:05:24.0775 4292 [ 41A5048E49372F091B2AE5A5B705B72D ] C:\Windows\SysWOW64\ACEngSvr.exe
23:05:24.0775 4292 C:\Windows\SysWOW64\ACEngSvr.exe - ok
23:05:24.0775 4292 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
23:05:24.0775 4292 C:\Windows\SysWOW64\cabinet.dll - ok
23:05:24.0791 4292 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
23:05:24.0791 4292 C:\Windows\SysWOW64\mscms.dll - ok
23:05:24.0791 4292 [ C3A5FFD57C2563204CD9351F0C7A0DEA ] C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll
23:05:24.0791 4292 C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll - ok
23:05:24.0791 4292 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
23:05:24.0791 4292 C:\Windows\SysWOW64\ieframe.dll - ok
23:05:24.0806 4292 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
23:05:24.0806 4292 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
23:05:24.0806 4292 [ A1A6FC56A1D0DADC164637FE43C40605 ] C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll
23:05:24.0806 4292 C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll - ok
23:05:24.0822 4292 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
23:05:24.0822 4292 C:\Windows\System32\dbghelp.dll - ok
23:05:24.0822 4292 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
23:05:24.0822 4292 C:\Windows\AppPatch\AcGenral.dll - ok
23:05:24.0822 4292 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
23:05:24.0822 4292 C:\Windows\System32\conhost.exe - ok
23:05:24.0838 4292 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
23:05:24.0838 4292 C:\Windows\System32\wbem\cimwin32.dll - ok
23:05:24.0838 4292 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
23:05:24.0838 4292 C:\Windows\SysWOW64\ddraw.dll - ok
23:05:24.0838 4292 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
23:05:24.0838 4292 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
23:05:24.0853 4292 [ 6A5D0ED8F280AB8E312A4252472A14A4 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
23:05:24.0853 4292 C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll - ok
23:05:24.0853 4292 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll
23:05:24.0853 4292 C:\Windows\SysWOW64\framedynos.dll - ok
23:05:24.0853 4292 [ 9BB0FDC5EB7601DD09FA97D2B1F2F2B7 ] C:\Windows\System32\fi-FI\conhost.exe.mui
23:05:24.0853 4292 C:\Windows\System32\fi-FI\conhost.exe.mui - ok
23:05:24.0869 4292 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
23:05:24.0869 4292 C:\Windows\System32\ddraw.dll - ok
23:05:24.0869 4292 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
23:05:24.0869 4292 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
23:05:24.0869 4292 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
23:05:24.0869 4292 C:\Windows\SysWOW64\wmp.dll - ok
23:05:24.0884 4292 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
23:05:24.0884 4292 C:\Windows\SysWOW64\msacm32.dll - ok
23:05:24.0884 4292 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
23:05:24.0884 4292 C:\Windows\SysWOW64\dciman32.dll - ok
23:05:24.0884 4292 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\SysWOW64\tzres.dll
23:05:24.0884 4292 C:\Windows\SysWOW64\tzres.dll - ok
23:05:24.0900 4292 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
23:05:24.0900 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
23:05:24.0900 4292 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
23:05:24.0900 4292 C:\Windows\System32\dciman32.dll - ok
23:05:24.0900 4292 [ 8FC9E5BC953CCE45E324AE26991E42E2 ] C:\Windows\SysWOW64\fi-FI\tzres.dll.mui
23:05:24.0916 4292 C:\Windows\SysWOW64\fi-FI\tzres.dll.mui - ok
23:05:24.0916 4292 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
23:05:24.0916 4292 C:\Windows\SysWOW64\sfc.dll - ok
23:05:24.0916 4292 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
23:05:24.0916 4292 C:\Windows\SysWOW64\sfc_os.dll - ok
23:05:24.0931 4292 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
23:05:24.0931 4292 C:\Windows\SysWOW64\sxs.dll - ok
23:05:24.0931 4292 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll
23:05:24.0931 4292 C:\Windows\SysWOW64\wmi.dll - ok
23:05:24.0931 4292 [ E29B87694C0754A8538A8C90429EAA76 ] C:\Windows\SysWOW64\fi-FI\ieframe.dll.mui
23:05:24.0931 4292 C:\Windows\SysWOW64\fi-FI\ieframe.dll.mui - ok
23:05:24.0947 4292 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
23:05:24.0947 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
23:05:24.0947 4292 [ A819E93B3C11D18749887E19B7998985 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\fi\mscorrc.dll
23:05:24.0947 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\fi\mscorrc.dll - ok
23:05:24.0947 4292 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
23:05:24.0947 4292 C:\Windows\System32\aelupsvc.dll - ok
23:05:24.0962 4292 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
23:05:24.0962 4292 C:\Windows\SysWOW64\winbrand.dll - ok
23:05:24.0962 4292 [ B7E778D134F78C578B8A50A9EEA389FC ] C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fi_b77a5c561934e089\mscorlib.resources.dll
23:05:24.0962 4292 C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fi_b77a5c561934e089\mscorlib.resources.dll - ok
23:05:24.0962 4292 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
23:05:24.0962 4292 C:\Windows\SysWOW64\wmploc.DLL - ok
23:05:24.0978 4292 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
23:05:24.0978 4292 C:\Windows\SysWOW64\shdocvw.dll - ok
23:05:24.0978 4292 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
23:05:24.0978 4292 C:\Windows\System32\framedynos.dll - ok
23:05:24.0978 4292 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
23:05:24.0978 4292 C:\Windows\System32\wmi.dll - ok
23:05:24.0994 4292 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
23:05:24.0994 4292 C:\Windows\SysWOW64\dsound.dll - ok
23:05:24.0994 4292 [ 4F72C8B661DEC62F4DF0F15D33106372 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll
23:05:24.0994 4292 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll - ok
23:05:24.0994 4292 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
23:05:24.0994 4292 C:\Windows\System32\dsound.dll - ok
23:05:25.0009 4292 [ FAC8EC602E5C5C4D41BAB6255F2ECF5E ] C:\Windows\System32\igdumd64.dll
23:05:25.0009 4292 C:\Windows\System32\igdumd64.dll - ok
23:05:25.0009 4292 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
23:05:25.0009 4292 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
23:05:25.0009 4292 [ 2168E61B9E3B06EEB8B3EACDFDC4699B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
23:05:25.0009 4292 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll - ok
23:05:25.0025 4292 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
23:05:25.0025 4292 C:\Windows\SysWOW64\opengl32.dll - ok
23:05:25.0025 4292 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
23:05:25.0025 4292 C:\Windows\System32\opengl32.dll - ok
23:05:25.0025 4292 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
23:05:25.0025 4292 C:\Windows\SysWOW64\glu32.dll - ok
23:05:25.0040 4292 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
23:05:25.0040 4292 C:\Windows\System32\glu32.dll - ok
23:05:25.0040 4292 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
23:05:25.0040 4292 C:\Windows\SysWOW64\oledlg.dll - ok
23:05:25.0040 4292 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
23:05:25.0040 4292 C:\Windows\System32\oledlg.dll - ok
23:05:25.0056 4292 [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
23:05:25.0056 4292 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
23:05:25.0056 4292 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Donald\AppData\Local\Temp\303C5924-D044-422D-9649-59179DC3471C.exe
23:05:25.0056 4292 C:\Users\Donald\AppData\Local\Temp\303C5924-D044-422D-9649-59179DC3471C.exe - ok
23:05:25.0056 4292 [ F56FA195D54F4203B43F45BC57AB682C ] C:\Program Files (x86)\ASUS\Splendid\ACOVS.exe
23:05:25.0056 4292 C:\Program Files (x86)\ASUS\Splendid\ACOVS.exe - ok
23:05:25.0072 4292 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
23:05:25.0072 4292 C:\Windows\System32\RtkCfg64.dll - ok
23:05:25.0072 4292 [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
23:05:25.0072 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok
23:05:25.0072 4292 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
23:05:25.0072 4292 C:\Windows\System32\drivers\fastfat.sys - ok
23:05:25.0087 4292 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
23:05:25.0087 4292 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
23:05:25.0087 4292 [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
23:05:25.0087 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok
23:05:25.0103 4292 [ 858716CED10DBBF0BC5748F71ED2F59D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
23:05:25.0103 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll - ok
23:05:25.0103 4292 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
23:05:25.0103 4292 C:\Windows\SysWOW64\EhStorShell.dll - ok
23:05:25.0103 4292 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
23:05:25.0103 4292 C:\Windows\SysWOW64\ntshrui.dll - ok
23:05:25.0118 4292 [ 72D6FA91968E109D9783B5D027251A82 ] C:\Program Files\P4G\IntlDPST.exe
23:05:25.0118 4292 C:\Program Files\P4G\IntlDPST.exe - ok
23:05:25.0118 4292 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
23:05:25.0118 4292 C:\Windows\SysWOW64\imageres.dll - ok
23:05:25.0118 4292 [ B6663FC132F0262A5EF48DB2D0187DE3 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
23:05:25.0118 4292 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
23:05:25.0134 4292 [ 9170C065FC76758E5D317B8FBA884F0C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
23:05:25.0134 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll - ok
23:05:25.0134 4292 [ A77BA10A0D610BBB6101AEA1E633ABE1 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
23:05:25.0134 4292 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
23:05:25.0134 4292 [ AE0A2DE2BB518D204F94DDCF93BBCC4C ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
23:05:25.0134 4292 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
23:05:25.0150 4292 [ 9E5868DB59C6D8E949F724DBBC639A31 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
23:05:25.0150 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll - ok
23:05:25.0150 4292 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
23:05:25.0150 4292 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
23:05:25.0165 4292 [ B720B4D1C97FBE02BE32812B580F1849 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
23:05:25.0165 4292 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
23:05:25.0165 4292 [ EC248BC9C9C225FD289F250756503146 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
23:05:25.0165 4292 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
23:05:25.0165 4292 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
23:05:25.0165 4292 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
23:05:25.0181 4292 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
23:05:25.0181 4292 C:\Windows\SysWOW64\nlaapi.dll - ok
23:05:25.0181 4292 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
23:05:25.0181 4292 C:\Windows\SysWOW64\NapiNSP.dll - ok
23:05:25.0181 4292 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
23:05:25.0181 4292 C:\Windows\System32\NapiNSP.dll - ok
23:05:25.0196 4292 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
23:05:25.0196 4292 C:\Windows\SysWOW64\pnrpnsp.dll - ok
23:05:25.0196 4292 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
23:05:25.0196 4292 C:\Windows\System32\pnrpnsp.dll - ok
23:05:25.0196 4292 [ F68CAFF425A9F37E498193BDDC5CC652 ] C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
23:05:25.0196 4292 C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok
23:05:25.0212 4292 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
23:05:25.0212 4292 C:\Windows\SysWOW64\dnsapi.dll - ok
23:05:25.0212 4292 [ 8A6909152203FE482EDDD269E8E203BC ] C:\Windows\System32\igfxext.exe
23:05:25.0212 4292 C:\Windows\System32\igfxext.exe - ok
23:05:25.0212 4292 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
23:05:25.0212 4292 C:\Windows\SysWOW64\winrnr.dll - ok
23:05:25.0228 4292 [ 1D8C97EA71A8124D1DA1C0B0DAE7FE7D ] C:\Windows\System32\igfxexps.dll
23:05:25.0228 4292 C:\Windows\System32\igfxexps.dll - ok
23:05:25.0228 4292 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
23:05:25.0228 4292 C:\Windows\System32\winrnr.dll - ok
23:05:25.0228 4292 [ FF3FC4BE04D01830799605B6F7B55DB0 ] C:\Windows\System32\igfxsrvc.exe
23:05:25.0228 4292 C:\Windows\System32\igfxsrvc.exe - ok
23:05:25.0243 4292 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
23:05:25.0243 4292 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
23:05:25.0243 4292 [ 2A72853494912BB034AF7AC1C86EC04E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
23:05:25.0243 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll - ok
23:05:25.0259 4292 [ 3850B7343C380BF0F50992BACC2023C1 ] C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fi_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
23:05:25.0259 4292 C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fi_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll - ok
23:05:25.0259 4292 [ C8C318BB20B480E43E706D585AFE03AC ] C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
23:05:25.0259 4292 C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll - ok
23:05:25.0259 4292 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
23:05:25.0259 4292 C:\Windows\SysWOW64\icm32.dll - ok
23:05:25.0274 4292 [ AC6A3801F3CDE7EB41B3F52E9B0A1C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
23:05:25.0274 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll - ok
23:05:25.0274 4292 [ E46CABE15B5BDBDA989DF863F4C7C67D ] C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fi_31bf3856ad364e35\PresentationFramework.resources.dll
23:05:25.0274 4292 C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fi_31bf3856ad364e35\PresentationFramework.resources.dll - ok
23:05:25.0274 4292 [ 43104328E99680FCF282E71CC45CB5D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
23:05:25.0274 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll - ok
23:05:25.0290 4292 [ 4BC67DC2BB58DC6E2A6BCB9B4450B0B8 ] C:\Windows\System32\igfxsrvc.dll
23:05:25.0290 4292 C:\Windows\System32\igfxsrvc.dll - ok
23:05:25.0290 4292 [ A3C74AB32273776E077E6C98BAC97E44 ] C:\Windows\System32\igfxdev.dll
23:05:25.0290 4292 C:\Windows\System32\igfxdev.dll - ok
23:05:25.0290 4292 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
23:05:25.0290 4292 C:\Windows\SysWOW64\d3d9.dll - ok
23:05:25.0306 4292 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
23:05:25.0306 4292 C:\Windows\SysWOW64\d3d8thk.dll - ok
23:05:25.0306 4292 [ CCFE69A4D6447AC0BA65BBD3938E6C18 ] C:\Windows\SysWOW64\igdumd32.dll
23:05:25.0306 4292 C:\Windows\SysWOW64\igdumd32.dll - ok
23:05:25.0306 4292 [ 7221E380FB8BFCF0160B9D4E704E7E77 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
23:05:25.0306 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll - ok
23:05:25.0321 4292 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
23:05:25.0321 4292 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
23:05:25.0321 4292 [ A96DF7F02B248C65DF3947D8B0D588EB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll
23:05:25.0321 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll - ok
23:05:25.0321 4292 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
23:05:25.0321 4292 C:\Windows\SysWOW64\shfolder.dll - ok
23:05:25.0337 4292 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
23:05:25.0337 4292 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
23:05:25.0337 4292 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
23:05:25.0337 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
23:05:25.0352 4292 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
23:05:25.0352 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
23:05:25.0352 4292 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
23:05:25.0352 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
23:05:25.0352 4292 [ 020C2F610BE801B9B50AF1BFF4A5B24B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll
23:05:25.0352 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll - ok
23:05:25.0368 4292 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
23:05:25.0368 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
23:05:25.0368 4292 [ 76F39902E25F43FE9450AD3D6A14D0D8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll
23:05:25.0368 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll - ok
23:05:25.0368 4292 [ 72AB8C3F8AB7B550A896357C9E0896DA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll
23:05:25.0384 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll - ok
23:05:25.0384 4292 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
23:05:25.0384 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
23:05:25.0384 4292 [ C1DE7F05533BC9FCAE05CD4242D34399 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\fi\mscorrc.dll
23:05:25.0384 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\fi\mscorrc.dll - ok
23:05:25.0399 4292 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
23:05:25.0399 4292 C:\Windows\System32\mscoree.dll - ok
23:05:25.0399 4292 [ 80739D6157FDF84E444C659AC3B0E41E ] C:\Windows\SysWOW64\PresentationNative_v0300.dll
23:05:25.0399 4292 C:\Windows\SysWOW64\PresentationNative_v0300.dll - ok
23:05:25.0399 4292 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
23:05:25.0399 4292 C:\Windows\SysWOW64\winhttp.dll - ok
23:05:25.0415 4292 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
23:05:25.0415 4292 C:\Windows\SysWOW64\webio.dll - ok
23:05:25.0415 4292 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
23:05:25.0415 4292 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
23:05:25.0415 4292 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
23:05:25.0415 4292 C:\Windows\SysWOW64\esent.dll - ok
23:05:25.0430 4292 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
23:05:25.0430 4292 C:\Windows\System32\esent.dll - ok
23:05:25.0430 4292 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
23:05:25.0430 4292 C:\Windows\System32\wbem\NCProv.dll - ok
23:05:25.0430 4292 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
23:05:25.0430 4292 C:\Windows\System32\ie4uinit.exe - ok
23:05:25.0446 4292 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
23:05:25.0446 4292 C:\Windows\System32\iedkcs32.dll - ok
23:05:25.0446 4292 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
23:05:25.0446 4292 C:\Windows\SysWOW64\SndVolSSO.dll - ok
23:05:25.0446 4292 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\76734252.sys
23:05:25.0446 4292 C:\Windows\System32\drivers\76734252.sys - ok
23:05:25.0462 4292 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
23:05:25.0462 4292 C:\Windows\SysWOW64\timedate.cpl - ok
23:05:25.0462 4292 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
23:05:25.0462 4292 C:\Windows\System32\timedate.cpl - ok
23:05:25.0462 4292 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
23:05:25.0462 4292 C:\Windows\SysWOW64\actxprxy.dll - ok
23:05:25.0477 4292 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
23:05:25.0477 4292 C:\Windows\System32\actxprxy.dll - ok
23:05:25.0477 4292 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
23:05:25.0477 4292 C:\Windows\System32\shdocvw.dll - ok
23:05:25.0477 4292 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
23:05:25.0477 4292 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
23:05:25.0493 4292 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
23:05:25.0493 4292 C:\Windows\SysWOW64\linkinfo.dll - ok
23:05:25.0493 4292 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
23:05:25.0493 4292 C:\Windows\SysWOW64\duser.dll - ok
23:05:25.0493 4292 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll
23:05:25.0493 4292 C:\Windows\SysWOW64\msutb.dll - ok
23:05:25.0508 4292 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
23:05:25.0508 4292 C:\Windows\SysWOW64\dui70.dll - ok
23:05:25.0508 4292 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
23:05:25.0508 4292 C:\Windows\SysWOW64\shacct.dll - ok
23:05:25.0508 4292 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
23:05:25.0508 4292 C:\Windows\SysWOW64\samlib.dll - ok
23:05:25.0524 4292 [ 98B6F9204610EC0B7D2ADFF3E6F058A8 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
23:05:25.0524 4292 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
23:05:25.0524 4292 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
23:05:25.0524 4292 C:\Windows\SysWOW64\msftedit.dll - ok
23:05:25.0524 4292 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
23:05:25.0524 4292 C:\Windows\System32\msftedit.dll - ok
23:05:25.0540 4292 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
23:05:25.0540 4292 C:\Windows\SysWOW64\msls31.dll - ok
23:05:25.0540 4292 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
23:05:25.0540 4292 C:\Windows\System32\msls31.dll - ok
23:05:25.0540 4292 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
23:05:25.0540 4292 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
23:05:25.0555 4292 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
23:05:25.0555 4292 C:\Windows\SysWOW64\gameux.dll - ok
23:05:25.0555 4292 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
23:05:25.0555 4292 C:\Windows\System32\gameux.dll - ok
23:05:25.0555 4292 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
23:05:25.0555 4292 C:\Windows\SysWOW64\wer.dll - ok
23:05:25.0571 4292 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll
23:05:25.0571 4292 C:\Windows\SysWOW64\authui.dll - ok
23:05:25.0571 4292 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
23:05:25.0571 4292 C:\Windows\SysWOW64\cryptui.dll - ok
23:05:25.0571 4292 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
23:05:25.0571 4292 C:\Windows\System32\DeviceCenter.dll - ok
23:05:25.0586 4292 [ 9DEA654E4D9820958D6B4D1EBAF2F31E ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
23:05:25.0586 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe - ok
23:05:25.0586 4292 [ D1AB72DB2BEDD2F255D35DA3DA0D4B16 ] C:\Windows\SysWOW64\wscript.exe
23:05:25.0586 4292 C:\Windows\SysWOW64\wscript.exe - ok
23:05:25.0586 4292 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
23:05:25.0586 4292 C:\Windows\SysWOW64\thumbcache.dll - ok
23:05:25.0602 4292 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
23:05:25.0602 4292 C:\Windows\System32\thumbcache.dll - ok
23:05:25.0602 4292 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
23:05:25.0602 4292 C:\Windows\SysWOW64\msiltcfg.dll - ok
23:05:25.0602 4292 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
23:05:25.0602 4292 C:\Windows\System32\msiltcfg.dll - ok
23:05:25.0618 4292 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
23:05:25.0618 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
23:05:25.0618 4292 [ 4071D132E66ACDA3776F1FEAD19E6E01 ] C:\Windows\SysWOW64\vbscript.dll
23:05:25.0618 4292 C:\Windows\SysWOW64\vbscript.dll - ok
23:05:25.0633 4292 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\SysWOW64\UIAnimation.dll
23:05:25.0633 4292 C:\Windows\SysWOW64\UIAnimation.dll - ok
23:05:25.0633 4292 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
23:05:25.0633 4292 C:\Windows\System32\UIAnimation.dll - ok
23:05:25.0633 4292 [ 6E6602DE23AB3776007702FC9540E8E9 ] C:\Windows\System32\vbscript.dll
23:05:25.0633 4292 C:\Windows\System32\vbscript.dll - ok
23:05:25.0649 4292 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
23:05:25.0649 4292 C:\Windows\SysWOW64\networkexplorer.dll - ok
23:05:25.0649 4292 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll
23:05:25.0649 4292 C:\Windows\SysWOW64\msisip.dll - ok
23:05:25.0649 4292 [ EF4248D28C2940AE6D46470AC2479A4F ] C:\Windows\System32\msisip.dll
23:05:25.0649 4292 C:\Windows\System32\msisip.dll - ok
23:05:25.0664 4292 [ E8F6851E4600CD3674422487EE240941 ] C:\Windows\SysWOW64\wshext.dll
23:05:25.0664 4292 C:\Windows\SysWOW64\wshext.dll - ok
23:05:25.0664 4292 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
23:05:25.0664 4292 C:\Windows\System32\networkexplorer.dll - ok
23:05:25.0664 4292 [ 6E74D0AE00231D87CD213CD7BDC27E37 ] C:\Windows\System32\wshext.dll
23:05:25.0664 4292 C:\Windows\System32\wshext.dll - ok
23:05:25.0680 4292 [ 2D542FEEEE1644365BCE3327E91A5798 ] C:\Windows\SysWOW64\scrobj.dll
23:05:25.0680 4292 C:\Windows\SysWOW64\scrobj.dll - ok
23:05:25.0680 4292 [ 40FB1B4B1C00F98A8D5FB2744BACDA75 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\Sync.dll
23:05:25.0680 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\Sync.dll - ok
23:05:25.0680 4292 [ 67CE7A83CF4AA78A05EA26D4443CE5F3 ] C:\Windows\System32\scrobj.dll
23:05:25.0680 4292 C:\Windows\System32\scrobj.dll - ok
23:05:25.0696 4292 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
23:05:25.0696 4292 C:\Windows\SysWOW64\wdmaud.drv - ok
23:05:25.0696 4292 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
23:05:25.0696 4292 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
23:05:25.0696 4292 [ BB414F319A5893DBC2415467A8C84F54 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\goep_single.dll
23:05:25.0696 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\goep_single.dll - ok
23:05:25.0711 4292 [ 754A0C324ECA95AE4F708D01EF27060E ] C:\Windows\System32\wbem\wbemdisp.dll
23:05:25.0711 4292 C:\Windows\System32\wbem\wbemdisp.dll - ok
23:05:25.0711 4292 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
23:05:25.0711 4292 C:\Windows\SysWOW64\ksuser.dll - ok
23:05:25.0711 4292 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
23:05:25.0711 4292 C:\Windows\SysWOW64\bthprops.cpl - ok
23:05:25.0727 4292 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
23:05:25.0727 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
23:05:25.0727 4292 [ 43040C4872D5304FC5064BC899BB4824 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\OutLookLib.dll
23:05:25.0727 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\OutLookLib.dll - ok
23:05:25.0727 4292 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
23:05:25.0727 4292 C:\Windows\SysWOW64\avrt.dll - ok
23:05:25.0742 4292 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
23:05:25.0742 4292 C:\Windows\SysWOW64\msacm32.drv - ok
23:05:25.0742 4292 [ 1F1F60D2D5D29A8C342182EBB88E3B43 ] C:\Windows\SysWOW64\wbem\stdprov.dll
23:05:25.0742 4292 C:\Windows\SysWOW64\wbem\stdprov.dll - ok
23:05:25.0742 4292 [ EE8154A3BD590F6C8BE99ED479476AA6 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\L2capLib.dll
23:05:25.0742 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\L2capLib.dll - ok
23:05:25.0758 4292 [ B88E5340A5A50B53310B00DA455FB4FA ] C:\Windows\System32\wbem\stdprov.dll
23:05:25.0758 4292 C:\Windows\System32\wbem\stdprov.dll - ok
23:05:25.0758 4292 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
23:05:25.0758 4292 C:\Windows\SysWOW64\midimap.dll - ok
23:05:25.0758 4292 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\SysWOW64\wbem\esscli.dll
23:05:25.0758 4292 C:\Windows\SysWOW64\wbem\esscli.dll - ok
23:05:25.0774 4292 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
23:05:25.0774 4292 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
23:05:25.0774 4292 [ D40265BA6C0E9BA140D959B2E722F4DE ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BTBIP.dll
23:05:25.0774 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BTBIP.dll - ok
23:05:25.0789 4292 [ C6FA91F031589194E4B8962144F7477B ] C:\Program Files (x86)\Atheros\Bluetooth Suite\RfcommLib.dll
23:05:25.0789 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\RfcommLib.dll - ok
23:05:25.0789 4292 [ F1288E4CE82EE9F3A00E164BDFA54130 ] C:\Windows\System32\hccutils.dll
23:05:25.0789 4292 C:\Windows\System32\hccutils.dll - ok
23:05:25.0789 4292 [ E184566DC48A1DFE1385BDD695AC94C9 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BPP.dll
23:05:25.0789 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BPP.dll - ok
23:05:25.0805 4292 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
23:05:25.0805 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
23:05:25.0805 4292 [ B7E073E3150FCF200A3B79C3401670B4 ] C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE
23:05:25.0805 4292 C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE - ok
23:05:25.0805 4292 [ 4EF23173A4A8696498CC3ECD5224D95B ] C:\Windows\System32\igfxrfin.lrc
23:05:25.0805 4292 C:\Windows\System32\igfxrfin.lrc - ok
23:05:25.0820 4292 [ 90EB93E8F55F1E945D80E48FC3FFAA64 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\goep_bpp.dll
23:05:25.0820 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\goep_bpp.dll - ok
23:05:25.0820 4292 [ 07ABB08CB77830C8141B8C2B563E5839 ] C:\Windows\SysWOW64\fi-FI\msctf.dll.mui
23:05:25.0820 4292 C:\Windows\SysWOW64\fi-FI\msctf.dll.mui - ok
23:05:25.0820 4292 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
23:05:25.0820 4292 C:\Windows\System32\IccLibDll_x64.dll - ok
23:05:25.0836 4292 [ 2BCB4E625B003F46FD6269540971B2A6 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\Handsfree.dll
23:05:25.0836 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\Handsfree.dll - ok
23:05:25.0836 4292 [ DD599A4E9F018EDD646A3060B99092CB ] C:\Windows\System32\igfxress.dll
23:05:25.0836 4292 C:\Windows\System32\igfxress.dll - ok
23:05:25.0836 4292 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
23:05:25.0836 4292 C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe - ok
23:05:25.0852 4292 [ BCB6F264380196DDD353044EF31DEB32 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtObexFt.dll
23:05:25.0852 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BtObexFt.dll - ok
23:05:25.0852 4292 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
23:05:25.0852 4292 C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe - ok
23:05:25.0867 4292 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll
23:05:25.0867 4292 C:\Windows\SysWOW64\oleaccrc.dll - ok
23:05:25.0867 4292 [ 7048B323E17D2D72862491BF9DB8FB23 ] C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe
23:05:25.0867 4292 C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe - ok
23:05:25.0867 4292 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
23:05:25.0867 4292 C:\Windows\SysWOW64\wsock32.dll - ok
23:05:25.0883 4292 [ A4D07BCCCDF8211D4027E37A43E20163 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ee5c9facac5c7dbf9c4b1e160f76daae\System.Data.ni.dll
23:05:25.0883 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ee5c9facac5c7dbf9c4b1e160f76daae\System.Data.ni.dll - ok
23:05:25.0883 4292 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
23:05:25.0883 4292 C:\Windows\AppPatch\AcLayers.dll - ok
23:05:25.0883 4292 [ 79A3B950988F8D2B81906D0C0473158B ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
23:05:25.0883 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - ok
23:05:25.0898 4292 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
23:05:25.0898 4292 C:\Windows\System32\wsock32.dll - ok
23:05:25.0898 4292 [ 5AEBF6FA9805C9101220AA4FB4FA17E7 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
23:05:25.0898 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - ok
23:05:25.0898 4292 [ 11BDA32FAF4F7419674D918F772BCFA8 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtFileStore.dll
23:05:25.0898 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BtFileStore.dll - ok
23:05:25.0914 4292 [ 7EE22E13DEC8A6D18F4643C1EA34B0F0 ] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
23:05:25.0914 4292 C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe - ok
23:05:25.0914 4292 [ 40915E086AA86880D4391335E52B2770 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BTOBEXOP.dll
23:05:25.0914 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BTOBEXOP.dll - ok
23:05:25.0914 4292 [ 19E2D1C19C782E5BB8D8B0D7E0A70E00 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtFileStoreOpp.dll
23:05:25.0930 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BtFileStoreOpp.dll - ok
23:05:25.0930 4292 [ EE0F2731134ADAAD189912346309ADC8 ] C:\Program Files (x86)\ASUS\AsusVibe\AsusVibe2.0.exe
23:05:25.0930 4292 C:\Program Files (x86)\ASUS\AsusVibe\AsusVibe2.0.exe - ok
23:05:25.0930 4292 [ 9937B7B65B9036AA671F01ED240A55F6 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\goep.dll
23:05:25.0930 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\goep.dll - ok
23:05:25.0945 4292 [ FD22B00049F775E952371E9C3DAC631B ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
23:05:25.0945 4292 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ok
23:05:25.0945 4292 [ 6FAE6F9DA151E81A4D9D2C1E26DD5B19 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\ShellContextExt.dll
23:05:25.0945 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\ShellContextExt.dll - ok
23:05:25.0945 4292 [ FDDC4D6EC3B2BD3B5A04C22881305621 ] C:\Windows\SysWOW64\SFCOM.dll
23:05:25.0945 4292 C:\Windows\SysWOW64\SFCOM.dll - ok
23:05:25.0961 4292 [ 98D53BB2DB8E11762D30C3CF41FA140B ] C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
23:05:25.0961 4292 C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
23:05:25.0961 4292 [ 55C4F3ECB21CADBE4F637F163F32878E ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
23:05:25.0961 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe - ok
23:05:25.0961 4292 [ 06B4C8D5D9708A7494AC7C02CD54650E ] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
23:05:25.0961 4292 C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll - ok
23:05:25.0976 4292 [ 388CE212A119271EEA68F42712F3F64F ] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
23:05:25.0976 4292 C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL - ok
23:05:25.0976 4292 [ E7C665D4AFAAB45A9086D02FFC87A4B4 ] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
23:05:25.0976 4292 C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll - ok
23:05:25.0976 4292 [ F32077DF74EFD435A1DCDF415E189DF1 ] C:\Windows\SysWOW64\mfc100u.dll
23:05:25.0976 4292 C:\Windows\SysWOW64\mfc100u.dll - ok
23:05:25.0992 4292 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll
23:05:25.0992 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok
23:05:25.0992 4292 [ A63445AE437CDFE13570B8AEAE3514C3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll
23:05:25.0992 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll - ok
23:05:26.0008 4292 [ F908FE45F8FE9E0D4CBE65F9FF5DF6DA ] C:\Windows\SysWOW64\mfc100enu.dll
23:05:26.0008 4292 C:\Windows\SysWOW64\mfc100enu.dll - ok
23:05:26.0008 4292 [ 625D390D5CBA512166571019E5EFECFB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\98059f32b988a3e2d869e9b3bf56db17\System.Management.ni.dll
23:05:26.0008 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\98059f32b988a3e2d869e9b3bf56db17\System.Management.ni.dll - ok
23:05:26.0008 4292 [ 29BA3CF2D7133586F67D087C5E494E7D ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll
23:05:26.0008 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll - ok
23:05:26.0023 4292 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
23:05:26.0023 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
23:05:26.0023 4292 [ 35CAB7CF3754C41AEB69DCE1D5ACA5A4 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
23:05:26.0023 4292 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
23:05:26.0023 4292 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
23:05:26.0023 4292 C:\Windows\SysWOW64\svchost.exe - ok
23:05:26.0039 4292 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
23:05:26.0039 4292 C:\Windows\System32\riched20.dll - ok
23:05:26.0039 4292 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
23:05:26.0039 4292 C:\Windows\System32\wersvc.dll - ok
23:05:26.0054 4292 [ 5294F1E52525EF010BE226B33FA0A54E ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtCommonRes.dll
23:05:26.0054 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BtCommonRes.dll - ok
23:05:26.0054 4292 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
23:05:26.0054 4292 C:\Windows\SysWOW64\wlanapi.dll - ok
23:05:26.0054 4292 [ BF61C836D7B7777D9DCC9CCFDD51C632 ] C:\Program Files\Elantech\ETDFavorite.dll
23:05:26.0054 4292 C:\Program Files\Elantech\ETDFavorite.dll - ok
23:05:26.0070 4292 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
23:05:26.0070 4292 C:\Windows\SysWOW64\wlanutil.dll - ok
23:05:26.0070 4292 [ D59CD44D6884EF8A99165D4EAEFD7E81 ] C:\Program Files (x86)\ASUS\AsusVibe\GetMulStr.dll
23:05:26.0070 4292 C:\Program Files (x86)\ASUS\AsusVibe\GetMulStr.dll - ok
23:05:26.0070 4292 [ F37C25D20C143AB9A6DC55DAA68860C8 ] C:\Program Files (x86)\ASUS\AsusVibe\GetAsusInfomation.dll
23:05:26.0070 4292 C:\Program Files (x86)\ASUS\AsusVibe\GetAsusInfomation.dll - ok
23:05:26.0086 4292 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
23:05:26.0086 4292 C:\Windows\System32\browcli.dll - ok
23:05:26.0086 4292 [ 9C54547ED89268B19B56DE6A4EAE8DD4 ] C:\Program Files\Elantech\ETDApix.dll
23:05:26.0086 4292 C:\Program Files\Elantech\ETDApix.dll - ok
23:05:26.0086 4292 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
23:05:26.0086 4292 C:\Windows\SysWOW64\schedcli.dll - ok
23:05:26.0101 4292 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
23:05:26.0101 4292 C:\Windows\System32\schedcli.dll - ok
23:05:26.0101 4292 [ B087EEA25747C87942DC37E426DD37C3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
23:05:26.0101 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll - ok
23:05:26.0101 4292 [ 40B28FBD1E4DEF0910E2AC3EAE4D43CF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll
23:05:26.0101 4292 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll - ok
23:05:26.0117 4292 [ 4C8F265167272218BC6CA426A35B6670 ] C:\Program Files\Elantech\ETDCmds.dll
23:05:26.0117 4292 C:\Program Files\Elantech\ETDCmds.dll - ok
23:05:26.0117 4292 [ 7A0289B48F7F96C6DF65CC3CA8E5B700 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll
23:05:26.0117 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll - ok
23:05:26.0117 4292 [ 972DCC74D4CDCB64086E7CFACBDB74CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
23:05:26.0117 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
23:05:26.0132 4292 [ F54D83E31EA5CA6CA6C30FEC7387EFDC ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll
23:05:26.0132 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll - ok
23:05:26.0132 4292 [ 458C9A3E593605136718EE74B46FB0FB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll
23:05:26.0132 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll - ok
23:05:26.0132 4292 [ 26B02AC4AC63504C2074A002F33AF76E ] C:\Program Files (x86)\ASUS\AsusVibe\GetSkin.dll
23:05:26.0132 4292 C:\Program Files (x86)\ASUS\AsusVibe\GetSkin.dll - ok
23:05:26.0148 4292 [ DCAAB58260F4EC2E29C3E714A269F150 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll
23:05:26.0148 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll - ok
23:05:26.0148 4292 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
23:05:26.0148 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
23:05:26.0164 4292 [ 0285194A134B44BA48F6129FFD6026A0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll
23:05:26.0164 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
23:05:26.0164 4292 [ 120BF3219210748556F90B39855A59D7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll
23:05:26.0164 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll - ok
23:05:26.0164 4292 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
23:05:26.0164 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
23:05:26.0179 4292 [ 967131647AFDC7B8CC072F74D0D4B281 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll
23:05:26.0179 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll - ok
23:05:26.0179 4292 [ A3C6D5CCCCFC5DE82517608A20DE919E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll
23:05:26.0179 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll - ok
23:05:26.0179 4292 [ B089F45B32537E6E07BB9BF72EFEE678 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\1035\cscompui.dll
23:05:26.0179 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\1035\cscompui.dll - ok
23:05:26.0195 4292 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
23:05:26.0195 4292 C:\Windows\SysWOW64\security.dll - ok
23:05:26.0195 4292 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
23:05:26.0195 4292 C:\Windows\System32\security.dll - ok
23:05:26.0195 4292 [ 131902B08B1528E68E4A3DC7F85645B8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll
23:05:26.0195 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll - ok
23:05:26.0210 4292 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
23:05:26.0210 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
23:05:26.0210 4292 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll
23:05:26.0210 4292 C:\Windows\SysWOW64\schannel.dll - ok
23:05:26.0210 4292 [ E7D6F0AFFB7833396B6EE75E2C06F5BB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll
23:05:26.0210 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll - ok
23:05:26.0226 4292 [ 373CA64063413D6E57A98B301ABA5172 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll
23:05:26.0226 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll - ok
23:05:26.0226 4292 [ 5259D6B68ABB8253792458FE94D9D006 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
23:05:26.0226 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll - ok
23:05:26.0242 4292 [ 5B3FA17E1CD6FBBDF41AC34DAEECC256 ] C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
23:05:26.0242 4292 C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok
23:05:26.0242 4292 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
23:05:26.0242 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
23:05:26.0242 4292 [ 8AFDF673724F41683EC8723B081E550F ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll
23:05:26.0242 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll - ok
23:05:26.0257 4292 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe
23:05:26.0257 4292 C:\Windows\SysWOW64\SearchIndexer.exe - ok
23:05:26.0257 4292 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll
23:05:26.0257 4292 C:\Windows\SysWOW64\stobject.dll - ok
23:05:26.0257 4292 [ B89CB7F3F1A1E2807E708F5435DEB13D ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\log4net.dll
23:05:26.0257 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\log4net.dll - ok
23:05:26.0273 4292 [ BCEE9B8CED1DDC83F9A8334075372D4C ] C:\Program Files\Elantech\ETDCtrlHelper.exe
23:05:26.0273 4292 C:\Program Files\Elantech\ETDCtrlHelper.exe - ok
23:05:26.0273 4292 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
23:05:26.0273 4292 C:\Windows\System32\stobject.dll - ok
23:05:26.0273 4292 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
23:05:26.0273 4292 C:\Windows\SysWOW64\batmeter.dll - ok
23:05:26.0288 4292 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
23:05:26.0288 4292 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
23:05:26.0288 4292 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
23:05:26.0288 4292 C:\Windows\System32\batmeter.dll - ok
23:05:26.0288 4292 [ 89CC6A9F8FB804303817FFF01F93DAA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll
23:05:26.0288 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll - ok
23:05:26.0304 4292 [ 95BA11D12E661058560577BE37A2F6A9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll
23:05:26.0304 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll - ok
23:05:26.0304 4292 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
23:05:26.0304 4292 C:\Windows\SysWOW64\tquery.dll - ok
23:05:26.0304 4292 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll
23:05:26.0304 4292 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok
23:05:26.0320 4292 [ FEEFC81746B09B6B0DA7DF91CC7DEDE7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll
23:05:26.0320 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll - ok
23:05:26.0320 4292 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe
23:05:26.0320 4292 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
23:05:26.0335 4292 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
23:05:26.0335 4292 C:\Windows\SysWOW64\es.dll - ok
23:05:26.0335 4292 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
23:05:26.0335 4292 C:\Windows\System32\consent.exe - ok
23:05:26.0335 4292 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
23:05:26.0335 4292 C:\Windows\SysWOW64\mssprxy.dll - ok
23:05:26.0335 4292 [ DC1C451ABC7CECE60DC9AA677143133F ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\Interop.SIMPLEAESLib.dll
23:05:26.0335 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\Interop.SIMPLEAESLib.dll - ok
23:05:26.0351 4292 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
23:05:26.0351 4292 C:\Windows\SysWOW64\rundll32.exe - ok
23:05:26.0351 4292 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll
23:05:26.0351 4292 C:\Windows\SysWOW64\wmsgapi.dll - ok
23:05:26.0366 4292 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
23:05:26.0366 4292 C:\Windows\SysWOW64\msidle.dll - ok
23:05:26.0366 4292 [ 2D3EB97E1B7D010C490AF22B673AB1F1 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\Interop.SimpleAES64Lib.dll
23:05:26.0366 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\Interop.SimpleAES64Lib.dll - ok
23:05:26.0366 4292 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\SysWOW64\MsCtfMonitor.dll
23:05:26.0366 4292 C:\Windows\SysWOW64\MsCtfMonitor.dll - ok
23:05:26.0382 4292 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
23:05:26.0382 4292 C:\Windows\System32\DXP.dll - ok
23:05:26.0382 4292 [ 2E7029E262A0E0425EB9D893A24BE031 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\SimpleAES64.dll
23:05:26.0382 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\SimpleAES64.dll - ok
23:05:26.0382 4292 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
23:05:26.0382 4292 C:\Windows\System32\rundll32.exe - ok
23:05:26.0398 4292 [ EB16D072841C420A6CAEC03B74EECC65 ] C:\Windows\System32\fi-FI\consent.exe.mui
23:05:26.0398 4292 C:\Windows\System32\fi-FI\consent.exe.mui - ok
23:05:26.0398 4292 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll
23:05:26.0398 4292 C:\Windows\SysWOW64\mssrch.dll - ok
23:05:26.0398 4292 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
23:05:26.0398 4292 C:\Windows\SysWOW64\prnfldr.dll - ok
23:05:26.0413 4292 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\SysWOW64\dxtrans.dll
23:05:26.0413 4292 C:\Windows\SysWOW64\dxtrans.dll - ok
23:05:26.0413 4292 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
23:05:26.0413 4292 C:\Windows\System32\prnfldr.dll - ok
23:05:26.0413 4292 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll
23:05:26.0413 4292 C:\Windows\System32\dxtrans.dll - ok
23:05:26.0429 4292 [ 23077996053764833E2692582DB03CB1 ] C:\Windows\SysWOW64\fi-FI\SearchIndexer.exe.mui
23:05:26.0429 4292 C:\Windows\SysWOW64\fi-FI\SearchIndexer.exe.mui - ok
23:05:26.0429 4292 [ 68563AC389F92EE79F1C714288BA1DCE ] C:\Windows\SysWOW64\imgutil.dll
23:05:26.0429 4292 C:\Windows\SysWOW64\imgutil.dll - ok
23:05:26.0429 4292 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
23:05:26.0429 4292 C:\Windows\SysWOW64\Syncreg.dll - ok
23:05:26.0444 4292 [ FD2031A7D5BBB95DC8A763D20B352A46 ] C:\Windows\System32\imgutil.dll
23:05:26.0444 4292 C:\Windows\System32\imgutil.dll - ok
23:05:26.0444 4292 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll
23:05:26.0444 4292 C:\Windows\SysWOW64\ddrawex.dll - ok
23:05:26.0444 4292 [ 383877B5EBFCA74323CCB1053E84AC8B ] C:\Windows\SysWOW64\KBDFI.DLL
23:05:26.0444 4292 C:\Windows\SysWOW64\KBDFI.DLL - ok
23:05:26.0460 4292 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
23:05:26.0460 4292 C:\Windows\System32\Syncreg.dll - ok
23:05:26.0460 4292 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
23:05:26.0460 4292 C:\Windows\ehome\ehSSO.dll - ok
23:05:26.0460 4292 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
23:05:26.0460 4292 C:\Windows\System32\ddrawex.dll - ok
23:05:26.0476 4292 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll
23:05:26.0476 4292 C:\Windows\SysWOW64\ActionCenter.dll - ok
23:05:26.0476 4292 [ 04A8B2F67825380BC0C7C46D56776133 ] C:\Windows\SysWOW64\pngfilt.dll
23:05:26.0476 4292 C:\Windows\SysWOW64\pngfilt.dll - ok
23:05:26.0476 4292 [ 2F31597DA72FE328E1F7FEBF8548759C ] C:\Windows\System32\pngfilt.dll
23:05:26.0476 4292 C:\Windows\System32\pngfilt.dll - ok
23:05:26.0491 4292 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
23:05:26.0491 4292 C:\Windows\SysWOW64\dllhost.exe - ok
23:05:26.0491 4292 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
23:05:26.0491 4292 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
23:05:26.0491 4292 [ A9C7F08C3DFD976746502CB598C8864F ] C:\Windows\SysWOW64\fi-FI\tquery.dll.mui
23:05:26.0491 4292 C:\Windows\SysWOW64\fi-FI\tquery.dll.mui - ok
23:05:26.0507 4292 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
23:05:26.0507 4292 C:\Windows\System32\ActionCenter.dll - ok
23:05:26.0507 4292 [ B1D00F879817E58D51452ECA7EEF0B04 ] C:\Windows\SysWOW64\en-US\ESENT.dll.mui
23:05:26.0507 4292 C:\Windows\SysWOW64\en-US\ESENT.dll.mui - ok
23:05:26.0507 4292 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll
23:05:26.0507 4292 C:\Windows\SysWOW64\IDStore.dll - ok
23:05:26.0522 4292 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
23:05:26.0522 4292 C:\Windows\SysWOW64\netshell.dll - ok
23:05:26.0522 4292 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll
23:05:26.0522 4292 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
23:05:26.0522 4292 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
23:05:26.0538 4292 C:\Windows\System32\WPDShServiceObj.dll - ok
23:05:26.0538 4292 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
23:05:26.0538 4292 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
23:05:26.0538 4292 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
23:05:26.0538 4292 C:\Windows\System32\PortableDeviceTypes.dll - ok
23:05:26.0554 4292 [ 830B66240B5FAFC7E813A3FDCD7DF3E2 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\FileTransfer.dll
23:05:26.0554 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\FileTransfer.dll - ok
23:05:26.0554 4292 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
23:05:26.0554 4292 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
23:05:26.0554 4292 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
23:05:26.0554 4292 C:\Windows\SysWOW64\vssapi.dll - ok
23:05:26.0569 4292 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
23:05:26.0569 4292 C:\Windows\SysWOW64\AltTab.dll - ok
23:05:26.0569 4292 [ 703CA9A02124E0D377AECD0A0514D3D2 ] C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8a1a02152edb659b\ATL80.dll
23:05:26.0569 4292 C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8a1a02152edb659b\ATL80.dll - ok
23:05:26.0569 4292 [ 2B1B531A1F513FDA992F94577544F3AC ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fi_b77a5c561934e089\System.Windows.Forms.resources.dll
23:05:26.0569 4292 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fi_b77a5c561934e089\System.Windows.Forms.resources.dll - ok
23:05:26.0585 4292 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
23:05:26.0585 4292 C:\Windows\SysWOW64\vsstrace.dll - ok
23:05:26.0585 4292 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
23:05:26.0585 4292 C:\Windows\System32\AltTab.dll - ok
23:05:26.0585 4292 [ C2F51897E8BB86000E30575E25256878 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll
23:05:26.0585 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll - ok
23:05:26.0600 4292 [ 9291FD078D42F5B0DCD3CA8F19DDE276 ] C:\Windows\SysWOW64\fi-FI\vsstrace.dll.mui
23:05:26.0600 4292 C:\Windows\SysWOW64\fi-FI\vsstrace.dll.mui - ok
23:05:26.0600 4292 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll
23:05:26.0600 4292 C:\Windows\SysWOW64\pnidui.dll - ok
23:05:26.0600 4292 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe
23:05:26.0600 4292 C:\Windows\SysWOW64\SearchFilterHost.exe - ok
23:05:26.0616 4292 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
23:05:26.0616 4292 C:\Windows\System32\pnidui.dll - ok
23:05:26.0616 4292 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
23:05:26.0616 4292 C:\Windows\SysWOW64\QUTIL.DLL - ok
23:05:26.0616 4292 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
23:05:26.0616 4292 C:\Windows\System32\QUTIL.DLL - ok
23:05:26.0632 4292 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
23:05:26.0632 4292 C:\Windows\System32\FXSST.dll - ok
23:05:26.0632 4292 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
23:05:26.0632 4292 C:\Windows\System32\tquery.dll - ok
23:05:26.0632 4292 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
23:05:26.0632 4292 C:\Windows\SysWOW64\FXSAPI.dll - ok
23:05:26.0647 4292 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
23:05:26.0647 4292 C:\Windows\System32\FXSAPI.dll - ok
23:05:26.0647 4292 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
23:05:26.0647 4292 C:\Windows\System32\mssrch.dll - ok
23:05:26.0647 4292 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
23:05:26.0647 4292 C:\Windows\System32\msidle.dll - ok
23:05:26.0663 4292 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll
23:05:26.0663 4292 C:\Windows\SysWOW64\srchadmin.dll - ok
23:05:26.0663 4292 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
23:05:26.0663 4292 C:\Windows\System32\mssprxy.dll - ok
23:05:26.0663 4292 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
23:05:26.0663 4292 C:\Windows\System32\srchadmin.dll - ok
23:05:26.0678 4292 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
23:05:26.0678 4292 C:\Windows\System32\en-US\tquery.dll.mui - ok
23:05:26.0678 4292 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
23:05:26.0678 4292 C:\Windows\SysWOW64\FXSRESM.dll - ok
23:05:26.0678 4292 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
23:05:26.0678 4292 C:\Windows\System32\FXSRESM.dll - ok
23:05:26.0694 4292 [ A2E7C59B0FEC3535EE84954978EA35A6 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthCopyHook.dll
23:05:26.0694 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\AthCopyHook.dll - ok
23:05:26.0694 4292 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll
23:05:26.0694 4292 C:\Windows\SysWOW64\SyncCenter.dll - ok
23:05:26.0694 4292 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
23:05:26.0694 4292 C:\Windows\System32\SyncCenter.dll - ok
23:05:26.0710 4292 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll
23:05:26.0710 4292 C:\Windows\SysWOW64\ncsi.dll - ok
23:05:26.0710 4292 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
23:05:26.0710 4292 C:\Windows\System32\SearchProtocolHost.exe - ok
23:05:26.0710 4292 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\SysWOW64\webcheck.dll
23:05:26.0710 4292 C:\Windows\SysWOW64\webcheck.dll - ok
23:05:26.0725 4292 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll
23:05:26.0725 4292 C:\Windows\SysWOW64\msshooks.dll - ok
23:05:26.0725 4292 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
23:05:26.0725 4292 C:\Windows\System32\webcheck.dll - ok
23:05:26.0725 4292 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
23:05:26.0725 4292 C:\Windows\System32\msshooks.dll - ok
23:05:26.0741 4292 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
23:05:26.0741 4292 C:\Windows\System32\SearchFilterHost.exe - ok
23:05:26.0741 4292 [ BFB8225B54B9DFB2B4A556546C47F59D ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll
23:05:26.0741 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll - ok
23:05:26.0756 4292 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll
23:05:26.0756 4292 C:\Windows\SysWOW64\mssph.dll - ok
23:05:26.0756 4292 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
23:05:26.0756 4292 C:\Windows\System32\mssph.dll - ok
23:05:26.0756 4292 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
23:05:26.0756 4292 C:\Windows\System32\ieframe.dll - ok
23:05:26.0772 4292 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
23:05:26.0772 4292 C:\Windows\SysWOW64\mapi32.dll - ok
23:05:26.0772 4292 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
23:05:26.0772 4292 C:\Windows\SysWOW64\mlang.dll - ok
23:05:26.0772 4292 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
23:05:26.0772 4292 C:\Windows\System32\mapi32.dll - ok
23:05:26.0788 4292 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
23:05:26.0788 4292 C:\Windows\System32\mlang.dll - ok
23:05:26.0788 4292 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
23:05:26.0788 4292 C:\Windows\SysWOW64\authz.dll - ok
23:05:26.0788 4292 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
23:05:26.0788 4292 C:\Windows\SysWOW64\npmproxy.dll - ok
23:05:26.0803 4292 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
23:05:26.0803 4292 C:\Windows\SysWOW64\imapi2.dll - ok
23:05:26.0803 4292 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
23:05:26.0803 4292 C:\Windows\System32\imapi2.dll - ok
23:05:26.0803 4292 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
23:05:26.0803 4292 C:\Windows\SysWOW64\rasdlg.dll - ok
23:05:26.0819 4292 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
23:05:26.0819 4292 C:\Windows\System32\rasdlg.dll - ok
23:05:26.0819 4292 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
23:05:26.0819 4292 C:\Windows\SysWOW64\mprapi.dll - ok
23:05:26.0819 4292 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll
23:05:26.0819 4292 C:\Windows\SysWOW64\dot3api.dll - ok
23:05:26.0834 4292 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
23:05:26.0834 4292 C:\Windows\System32\dot3api.dll - ok
23:05:26.0834 4292 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll
23:05:26.0834 4292 C:\Windows\SysWOW64\wlanhlp.dll - ok
23:05:26.0834 4292 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
23:05:26.0834 4292 C:\Windows\System32\wlanhlp.dll - ok
23:05:26.0850 4292 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
23:05:26.0850 4292 C:\Windows\System32\wlanapi.dll - ok
23:05:26.0850 4292 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
23:05:26.0850 4292 C:\Windows\SysWOW64\hnetcfg.dll - ok
23:05:26.0850 4292 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll
23:05:26.0850 4292 C:\Windows\SysWOW64\WWanAPI.dll - ok
23:05:26.0866 4292 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
23:05:26.0866 4292 C:\Windows\System32\WWanAPI.dll - ok
23:05:26.0866 4292 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll
23:05:26.0866 4292 C:\Windows\SysWOW64\wwapi.dll - ok
23:05:26.0866 4292 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
23:05:26.0866 4292 C:\Windows\System32\wwapi.dll - ok
23:05:26.0881 4292 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
23:05:26.0881 4292 C:\Windows\SysWOW64\QAGENT.DLL - ok
23:05:26.0881 4292 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
23:05:26.0881 4292 C:\Windows\System32\QAGENT.DLL - ok
23:05:26.0881 4292 ============================================================
23:05:26.0881 4292 Scan finished
23:05:26.0881 4292 ============================================================
23:05:26.0897 2684 Detected object count: 0
23:05:26.0897 2684 Actual detected object count: 0
23:05:53.0152 1840 Deinitialize success
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-28 23:06:43
-----------------------------
23:06:43.732 OS Version: Windows x64 6.1.7601 Service Pack 1
23:06:43.732 Number of processors: 4 586 0x2A07
23:06:43.732 ComputerName: DONALD-PC UserName: Donald
23:06:45.152 Initialize success
23:08:00.081 AVAST engine defs: 12122800
23:09:17.683 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:09:17.683 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
23:09:17.714 Disk 0 MBR read successfully
23:09:17.714 Disk 0 MBR scan
23:09:17.730 Disk 0 Windows 7 default MBR code
23:09:17.745 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22003 MB offset 63
23:09:17.761 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 454935 MB offset 45062328
23:09:17.776 Disk 0 scanning C:\Windows\system32\drivers
23:09:35.404 Service scanning
23:10:00.380 Modules scanning
23:10:00.396 Disk 0 trace - called modules:
23:10:00.427 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
23:10:00.427 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800698e060]
23:10:00.427 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004abde40]
23:10:00.442 5 ACPI.sys[fffff88000f337a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004ac1050]
23:10:02.158 AVAST engine scan C:\Windows
23:10:08.071 AVAST engine scan C:\Windows\system32
23:14:01.073 AVAST engine scan C:\Windows\system32\drivers
23:14:15.830 AVAST engine scan C:\Users\Donald
23:14:37.296 AVAST engine scan C:\ProgramData
23:15:15.657 Scan finished successfully
23:17:48.599 Disk 0 MBR has been saved successfully to "C:\Users\Donald\Desktop\MBR.dat"
23:17:48.599 The log file has been saved successfully to "C:\Users\Donald\Desktop\aswMBR.txt"
-
23:05:21.0624 4292 C:\Windows\System32\devrtl.dll - ok
23:05:21.0624 4292 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
23:05:21.0624 4292 C:\Windows\System32\SPInf.dll - ok
23:05:21.0640 4292 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
23:05:21.0640 4292 C:\Windows\System32\gpapi.dll - ok
23:05:21.0640 4292 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
23:05:21.0640 4292 C:\Windows\System32\pcwum.dll - ok
23:05:21.0640 4292 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
23:05:21.0640 4292 C:\Windows\System32\umpo.dll - ok
23:05:21.0655 4292 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
23:05:21.0655 4292 C:\Windows\System32\userenv.dll - ok
23:05:21.0655 4292 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
23:05:21.0655 4292 C:\Windows\System32\powrprof.dll - ok
23:05:21.0655 4292 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
23:05:21.0655 4292 C:\Windows\System32\drivers\luafv.sys - ok
23:05:21.0671 4292 [ BFE9598EBC3934CF8D876A303849C896 ] C:\Windows\System32\drivers\avgntflt.sys
23:05:21.0671 4292 C:\Windows\System32\drivers\avgntflt.sys - ok
23:05:21.0671 4292 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys
23:05:21.0671 4292 C:\Windows\System32\drivers\mbam.sys - ok
23:05:21.0671 4292 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
23:05:21.0671 4292 C:\Windows\System32\drivers\WUDFPf.sys - ok
23:05:21.0686 4292 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] C:\Windows\System32\nvvsvc.exe
23:05:21.0686 4292 C:\Windows\System32\nvvsvc.exe - ok
23:05:21.0686 4292 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
23:05:21.0686 4292 C:\Windows\System32\wtsapi32.dll - ok
23:05:21.0686 4292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
23:05:21.0686 4292 C:\Windows\System32\rpcss.dll - ok
23:05:21.0702 4292 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
23:05:21.0702 4292 C:\Windows\System32\RpcEpMap.dll - ok
23:05:21.0702 4292 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
23:05:21.0702 4292 C:\Windows\System32\wshqos.dll - ok
23:05:21.0702 4292 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
23:05:21.0702 4292 C:\Windows\System32\WSHTCPIP.DLL - ok
23:05:21.0718 4292 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
23:05:21.0718 4292 C:\Windows\System32\FirewallAPI.dll - ok
23:05:21.0718 4292 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
23:05:21.0718 4292 C:\Windows\System32\LogonUI.exe - ok
23:05:21.0718 4292 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
23:05:21.0718 4292 C:\Windows\System32\version.dll - ok
23:05:21.0733 4292 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
23:05:21.0733 4292 C:\Windows\System32\wevtsvc.dll - ok
23:05:21.0733 4292 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
23:05:21.0733 4292 C:\Windows\System32\authui.dll - ok
23:05:21.0733 4292 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
23:05:21.0733 4292 C:\Windows\System32\cryptui.dll - ok
23:05:21.0749 4292 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
23:05:21.0749 4292 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
23:05:21.0749 4292 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
23:05:21.0749 4292 C:\Windows\System32\audiosrv.dll - ok
23:05:21.0749 4292 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
23:05:21.0749 4292 C:\Windows\System32\profsvc.dll - ok
23:05:21.0764 4292 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
23:05:21.0764 4292 C:\Windows\System32\avrt.dll - ok
23:05:21.0764 4292 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
23:05:21.0764 4292 C:\Windows\System32\mmcss.dll - ok
23:05:21.0764 4292 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
23:05:21.0764 4292 C:\Windows\System32\MMDevAPI.dll - ok
23:05:21.0780 4292 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
23:05:21.0780 4292 C:\Windows\System32\propsys.dll - ok
23:05:21.0780 4292 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
23:05:21.0780 4292 C:\Windows\System32\adtschema.dll - ok
23:05:21.0796 4292 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
23:05:21.0796 4292 C:\Windows\System32\audiodg.exe - ok
23:05:21.0796 4292 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
23:05:21.0796 4292 C:\Windows\System32\wlansvc.dll - ok
23:05:21.0796 4292 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
23:05:21.0796 4292 C:\Windows\System32\ntmarta.dll - ok
23:05:21.0811 4292 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
23:05:21.0811 4292 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
23:05:21.0811 4292 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
23:05:21.0811 4292 C:\Windows\System32\atl.dll - ok
23:05:21.0811 4292 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
23:05:21.0811 4292 C:\Windows\System32\drivers\fltMgr.sys - ok
23:05:21.0827 4292 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
23:05:21.0827 4292 C:\Windows\System32\gpsvc.dll - ok
23:05:21.0827 4292 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
23:05:21.0827 4292 C:\Windows\System32\PSHED.DLL - ok
23:05:21.0827 4292 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
23:05:21.0827 4292 C:\Windows\System32\samlib.dll - ok
23:05:21.0827 4292 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
23:05:21.0827 4292 C:\Windows\System32\shacct.dll - ok
23:05:21.0842 4292 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
23:05:21.0842 4292 C:\Windows\System32\themeservice.dll - ok
23:05:21.0842 4292 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
23:05:21.0842 4292 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
23:05:21.0842 4292 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
23:05:21.0842 4292 C:\Windows\System32\dsrole.dll - ok
23:05:21.0858 4292 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
23:05:21.0858 4292 C:\Windows\System32\es.dll - ok
23:05:21.0858 4292 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
23:05:21.0858 4292 C:\Windows\System32\nlaapi.dll - ok
23:05:21.0858 4292 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
23:05:21.0858 4292 C:\Windows\System32\slc.dll - ok
23:05:21.0874 4292 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
23:05:21.0874 4292 C:\Windows\System32\uxtheme.dll - ok
23:05:21.0874 4292 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
23:05:21.0874 4292 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
23:05:21.0889 4292 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
23:05:21.0889 4292 C:\Windows\System32\comres.dll - ok
23:05:21.0889 4292 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
23:05:21.0889 4292 C:\Windows\System32\Sens.dll - ok
23:05:21.0889 4292 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
23:05:21.0889 4292 C:\Windows\System32\uxsms.dll - ok
23:05:21.0889 4292 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
23:05:21.0905 4292 C:\Windows\System32\WUDFPlatform.dll - ok
23:05:21.0905 4292 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
23:05:21.0905 4292 C:\Windows\System32\WUDFSvc.dll - ok
23:05:21.0905 4292 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
23:05:21.0905 4292 C:\Windows\System32\drivers\lltdio.sys - ok
23:05:21.0920 4292 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
23:05:21.0920 4292 C:\Windows\System32\drivers\nwifi.sys - ok
23:05:21.0920 4292 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
23:05:21.0920 4292 C:\Windows\System32\drivers\ndisuio.sys - ok
23:05:21.0920 4292 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
23:05:21.0920 4292 C:\Windows\System32\drivers\rspndr.sys - ok
23:05:21.0936 4292 [ B355581A9DA34C92E2DBAFA410D2F829 ] C:\Windows\System32\drivers\TurboB.sys
23:05:21.0936 4292 C:\Windows\System32\drivers\TurboB.sys - ok
23:05:21.0936 4292 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
23:05:21.0936 4292 C:\Windows\System32\dui70.dll - ok
23:05:21.0936 4292 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
23:05:21.0936 4292 C:\Windows\System32\duser.dll - ok
23:05:21.0952 4292 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
23:05:21.0952 4292 C:\Windows\System32\wdmaud.drv - ok
23:05:21.0952 4292 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
23:05:21.0952 4292 C:\Windows\System32\winmm.dll - ok
23:05:21.0952 4292 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
23:05:21.0952 4292 C:\Windows\System32\ksuser.dll - ok
23:05:21.0967 4292 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
23:05:21.0967 4292 C:\Windows\System32\SndVolSSO.dll - ok
23:05:21.0967 4292 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
23:05:21.0967 4292 C:\Windows\System32\hid.dll - ok
23:05:21.0967 4292 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
23:05:21.0967 4292 C:\Windows\System32\IPHLPAPI.DLL - ok
23:05:21.0983 4292 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
23:05:21.0983 4292 C:\Windows\System32\lmhsvc.dll - ok
23:05:21.0983 4292 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
23:05:21.0983 4292 C:\Windows\System32\nsisvc.dll - ok
23:05:21.0983 4292 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
23:05:21.0983 4292 C:\Windows\System32\winnsi.dll - ok
23:05:21.0998 4292 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
23:05:21.0998 4292 C:\Windows\System32\dhcpcore.dll - ok
23:05:21.0998 4292 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
23:05:21.0998 4292 C:\Windows\System32\nrpsrv.dll - ok
23:05:21.0998 4292 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
23:05:21.0998 4292 C:\Windows\System32\dhcpcore6.dll - ok
23:05:22.0014 4292 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
23:05:22.0014 4292 C:\Windows\System32\dnsrslvr.dll - ok
23:05:22.0014 4292 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
23:05:22.0014 4292 C:\Windows\System32\dwmapi.dll - ok
23:05:22.0014 4292 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
23:05:22.0014 4292 C:\Windows\System32\eapphost.dll - ok
23:05:22.0030 4292 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
23:05:22.0030 4292 C:\Windows\System32\eapsvc.dll - ok
23:05:22.0030 4292 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
23:05:22.0030 4292 C:\Windows\System32\FWPUCLNT.DLL - ok
23:05:22.0030 4292 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
23:05:22.0030 4292 C:\Windows\System32\keyiso.dll - ok
23:05:22.0045 4292 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
23:05:22.0045 4292 C:\Windows\System32\xmllite.dll - ok
23:05:22.0045 4292 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
23:05:22.0045 4292 C:\Windows\System32\AudioSes.dll - ok
23:05:22.0045 4292 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
23:05:22.0045 4292 C:\Windows\System32\dnsext.dll - ok
23:05:22.0061 4292 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
23:05:22.0061 4292 C:\Windows\System32\msacm32.dll - ok
23:05:22.0061 4292 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
23:05:22.0061 4292 C:\Windows\System32\msacm32.drv - ok
23:05:22.0061 4292 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
23:05:22.0061 4292 C:\Windows\System32\dhcpcsvc.dll - ok
23:05:22.0076 4292 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
23:05:22.0076 4292 C:\Windows\System32\dhcpcsvc6.dll - ok
23:05:22.0076 4292 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
23:05:22.0076 4292 C:\Windows\System32\midimap.dll - ok
23:05:22.0076 4292 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
23:05:22.0076 4292 C:\Windows\System32\umb.dll - ok
23:05:22.0092 4292 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
23:05:22.0092 4292 C:\Windows\System32\wlanmsm.dll - ok
23:05:22.0092 4292 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
23:05:22.0092 4292 C:\Windows\System32\AudioEng.dll - ok
23:05:22.0092 4292 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
23:05:22.0092 4292 C:\Windows\System32\wlansec.dll - ok
23:05:22.0108 4292 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
23:05:22.0108 4292 C:\Windows\System32\WindowsCodecs.dll - ok
23:05:22.0108 4292 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
23:05:22.0108 4292 C:\Windows\System32\AUDIOKSE.dll - ok
23:05:22.0108 4292 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
23:05:22.0108 4292 C:\Windows\System32\onex.dll - ok
23:05:22.0123 4292 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
23:05:22.0123 4292 C:\Windows\System32\eappcfg.dll - ok
23:05:22.0123 4292 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
23:05:22.0123 4292 C:\Windows\System32\eappprxy.dll - ok
23:05:22.0123 4292 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
23:05:22.0123 4292 C:\Windows\System32\l2gpstore.dll - ok
23:05:22.0139 4292 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
23:05:22.0139 4292 C:\Windows\System32\WinSCard.dll - ok
23:05:22.0139 4292 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
23:05:22.0139 4292 C:\Windows\System32\wlanutil.dll - ok
23:05:22.0139 4292 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
23:05:22.0139 4292 C:\Windows\System32\wlgpclnt.dll - ok
23:05:22.0154 4292 [ AB7219DEBE7FFAAB3D7B30923DA9C014 ] C:\Windows\System32\RtkAPO64.dll
23:05:22.0154 4292 C:\Windows\System32\RtkAPO64.dll - ok
23:05:22.0154 4292 [ 0DD5E2549322A029BEAFCD99A7465F8B ] C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll
23:05:22.0154 4292 C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll - ok
23:05:22.0154 4292 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
23:05:22.0154 4292 C:\Windows\System32\winbrand.dll - ok
23:05:22.0170 4292 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
23:05:22.0170 4292 C:\Windows\System32\msxml6.dll - ok
23:05:22.0170 4292 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
23:05:22.0170 4292 C:\Windows\System32\netapi32.dll - ok
23:05:22.0170 4292 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
23:05:22.0170 4292 C:\Windows\System32\netutils.dll - ok
23:05:22.0186 4292 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
23:05:22.0186 4292 C:\Windows\System32\samcli.dll - ok
23:05:22.0186 4292 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
23:05:22.0186 4292 C:\Windows\System32\VaultCredProvider.dll - ok
23:05:22.0186 4292 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
23:05:22.0186 4292 C:\Windows\System32\wkscli.dll - ok
23:05:22.0201 4292 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
23:05:22.0201 4292 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
23:05:22.0201 4292 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
23:05:22.0201 4292 C:\Windows\System32\BioCredProv.dll - ok
23:05:22.0201 4292 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
23:05:22.0201 4292 C:\Windows\System32\winbio.dll - ok
23:05:22.0217 4292 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
23:05:22.0217 4292 C:\Windows\System32\credui.dll - ok
23:05:22.0217 4292 [ 079CBA3C5C9AB11B2B4E6BD729A860F2 ] C:\Windows\System32\FBAgent.exe
23:05:22.0217 4292 C:\Windows\System32\FBAgent.exe - ok
23:05:22.0217 4292 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
23:05:22.0217 4292 C:\Windows\System32\msi.dll - ok
23:05:22.0232 4292 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
23:05:22.0232 4292 C:\Windows\System32\netcfgx.dll - ok
23:05:22.0232 4292 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
23:05:22.0232 4292 C:\Windows\System32\vaultcli.dll - ok
23:05:22.0232 4292 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
23:05:22.0232 4292 C:\Windows\System32\certCredProvider.dll - ok
23:05:22.0248 4292 [ D1DF74B41B2B0D76B832972D07CCACD6 ] C:\Windows\System32\SFAPO64.dll
23:05:22.0248 4292 C:\Windows\System32\SFAPO64.dll - ok
23:05:22.0248 4292 [ 24827B761D21FCEC4114EEC1320483F9 ] C:\Windows\System32\SFCOM64.dll
23:05:22.0248 4292 C:\Windows\System32\SFCOM64.dll - ok
23:05:22.0248 4292 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
23:05:22.0248 4292 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
23:05:22.0264 4292 [ AFF64AE0550FFD82DB4B6D0D913FB652 ] C:\Windows\System32\SFNHK64.dll
23:05:22.0264 4292 C:\Windows\System32\SFNHK64.dll - ok
23:05:22.0264 4292 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
23:05:22.0264 4292 C:\Windows\System32\WMALFXGFXDSP.dll - ok
23:05:22.0264 4292 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
23:05:22.0264 4292 C:\Windows\System32\rasplap.dll - ok
23:05:22.0279 4292 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
23:05:22.0279 4292 C:\Windows\System32\rasapi32.dll - ok
23:05:22.0279 4292 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
23:05:22.0279 4292 C:\Windows\System32\rasman.dll - ok
23:05:22.0279 4292 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
23:05:22.0279 4292 C:\Windows\System32\mfplat.dll - ok
23:05:22.0295 4292 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
23:05:22.0295 4292 C:\Windows\System32\rtutils.dll - ok
23:05:22.0295 4292 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
23:05:22.0295 4292 C:\Windows\System32\UXInit.dll - ok
23:05:22.0295 4292 [ DF3E3167B03804F32AD274C33F77B308 ] C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
23:05:22.0295 4292 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe - ok
23:05:22.0310 4292 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
23:05:22.0310 4292 C:\Windows\System32\oleacc.dll - ok
23:05:22.0310 4292 [ 4CE5C4F80620D6DBBB054003EAD71F95 ] C:\Windows\System32\nvsvc64.dll
23:05:22.0310 4292 C:\Windows\System32\nvsvc64.dll - ok
23:05:22.0310 4292 [ 11205381BBBF98F0CA1C672056808B8F ] C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll
23:05:22.0310 4292 C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll - ok
23:05:22.0326 4292 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
23:05:22.0326 4292 C:\Windows\System32\UIAutomationCore.dll - ok
23:05:22.0326 4292 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
23:05:22.0326 4292 C:\Windows\System32\msimg32.dll - ok
23:05:22.0342 4292 [ DC893FAB5E18E383DC7147F37C8C0CA2 ] C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
23:05:22.0342 4292 C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - ok
23:05:22.0342 4292 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
23:05:22.0342 4292 C:\Windows\SysWOW64\ntdll.dll - ok
23:05:22.0342 4292 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
23:05:22.0342 4292 C:\Windows\System32\imageres.dll - ok
23:05:22.0357 4292 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
23:05:22.0357 4292 C:\Windows\System32\wow64.dll - ok
23:05:22.0357 4292 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
23:05:22.0357 4292 C:\Windows\System32\wow64cpu.dll - ok
23:05:22.0357 4292 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
23:05:22.0357 4292 C:\Windows\System32\wow64win.dll - ok
23:05:22.0357 4292 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
23:05:22.0357 4292 C:\Windows\SysWOW64\kernel32.dll - ok
23:05:22.0373 4292 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
23:05:22.0373 4292 C:\Windows\SysWOW64\KernelBase.dll - ok
23:05:22.0373 4292 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
23:05:22.0373 4292 C:\Windows\SysWOW64\user32.dll - ok
23:05:22.0373 4292 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
23:05:22.0373 4292 C:\Windows\SysWOW64\gdi32.dll - ok
23:05:22.0388 4292 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
23:05:22.0388 4292 C:\Windows\SysWOW64\lpk.dll - ok
23:05:22.0388 4292 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
23:05:22.0388 4292 C:\Windows\SysWOW64\usp10.dll - ok
23:05:22.0388 4292 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
23:05:22.0388 4292 C:\Windows\System32\pdh.dll - ok
23:05:22.0404 4292 [ 18E5C2F937F9DEB8C282DF66A3761925 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
23:05:22.0404 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe - ok
23:05:22.0404 4292 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
23:05:22.0404 4292 C:\Windows\SysWOW64\wtsapi32.dll - ok
23:05:22.0404 4292 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
23:05:22.0404 4292 C:\Windows\SysWOW64\msvcrt.dll - ok
23:05:22.0420 4292 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
23:05:22.0420 4292 C:\Windows\SysWOW64\advapi32.dll - ok
23:05:22.0420 4292 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
23:05:22.0420 4292 C:\Windows\SysWOW64\rpcrt4.dll - ok
23:05:22.0420 4292 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
23:05:22.0420 4292 C:\Windows\SysWOW64\userenv.dll - ok
23:05:22.0435 4292 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
23:05:22.0435 4292 C:\Windows\SysWOW64\comdlg32.dll - ok
23:05:22.0435 4292 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
23:05:22.0435 4292 C:\Windows\SysWOW64\cryptbase.dll - ok
23:05:22.0451 4292 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
23:05:22.0451 4292 C:\Windows\SysWOW64\msimg32.dll - ok
23:05:22.0451 4292 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
23:05:22.0451 4292 C:\Windows\SysWOW64\profapi.dll - ok
23:05:22.0451 4292 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
23:05:22.0451 4292 C:\Windows\SysWOW64\sechost.dll - ok
23:05:22.0466 4292 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
23:05:22.0466 4292 C:\Windows\SysWOW64\sspicli.dll - ok
23:05:22.0466 4292 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
23:05:22.0466 4292 C:\Windows\SysWOW64\imm32.dll - ok
23:05:22.0466 4292 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
23:05:22.0466 4292 C:\Windows\SysWOW64\msctf.dll - ok
23:05:22.0482 4292 [ C205B0FF13FEBFB34312444DBCECE379 ] C:\Windows\SysWOW64\nvinit.dll
23:05:22.0482 4292 C:\Windows\SysWOW64\nvinit.dll - ok
23:05:22.0482 4292 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
23:05:22.0482 4292 C:\Windows\SysWOW64\shlwapi.dll - ok
23:05:22.0482 4292 [ 4C016FD76ED5C05E84CA8CAB77993961 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:05:22.0482 4292 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - ok
23:05:22.0498 4292 [ 7910158929571214A959D5A6D16DD9C0 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:05:22.0498 4292 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - ok
23:05:22.0498 4292 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
23:05:22.0498 4292 C:\Windows\SysWOW64\winsta.dll - ok
23:05:22.0498 4292 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
23:05:22.0498 4292 C:\Windows\System32\shsvcs.dll - ok
23:05:22.0513 4292 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
23:05:22.0513 4292 C:\Windows\System32\schedsvc.dll - ok
23:05:22.0513 4292 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
23:05:22.0513 4292 C:\Windows\System32\ktmw32.dll - ok
23:05:22.0513 4292 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
23:05:22.0513 4292 C:\Windows\System32\fveapi.dll - ok
23:05:22.0529 4292 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
23:05:22.0529 4292 C:\Windows\System32\fvecerts.dll - ok
23:05:22.0529 4292 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
23:05:22.0529 4292 C:\Windows\System32\tbs.dll - ok
23:05:22.0529 4292 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
23:05:22.0529 4292 C:\Windows\System32\taskcomp.dll - ok
23:05:22.0544 4292 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
23:05:22.0544 4292 C:\Windows\System32\wiarpc.dll - ok
23:05:22.0544 4292 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
23:05:22.0544 4292 C:\Windows\System32\drivers\http.sys - ok
23:05:22.0544 4292 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
23:05:22.0544 4292 C:\Windows\System32\spoolsv.exe - ok
23:05:22.0560 4292 [ D89562A6AE8E07A457452E5B5560EB43 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:05:22.0560 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe - ok
23:05:22.0560 4292 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\SysWOW64\msvcp100.dll
23:05:22.0560 4292 C:\Windows\SysWOW64\msvcp100.dll - ok
23:05:22.0560 4292 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll
23:05:22.0560 4292 C:\Windows\SysWOW64\msvcr100.dll - ok
23:05:22.0576 4292 [ 6EC65C9134D01878EA83F68D0152F58C ] C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll
23:05:22.0576 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll - ok
23:05:22.0576 4292 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
23:05:22.0576 4292 C:\Windows\SysWOW64\shell32.dll - ok
23:05:22.0576 4292 [ 9E7B939404E46D25B7BCCE9E54B9B8D8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll
23:05:22.0576 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll - ok
23:05:22.0591 4292 [ 39B8DC5494F1BC4EB6DA7135A223C3F9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll
23:05:22.0591 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll - ok
23:05:22.0591 4292 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
23:05:22.0591 4292 C:\Windows\System32\BFE.DLL - ok
23:05:22.0607 4292 [ 8E532E1D3E9B7F511B3B87756576EAC2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll
23:05:22.0607 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll - ok
23:05:22.0607 4292 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
23:05:22.0607 4292 C:\Windows\SysWOW64\mpr.dll - ok
23:05:22.0607 4292 [ 82C97C0835EDA73693639DEE5FF73551 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll
23:05:22.0607 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll - ok
23:05:22.0622 4292 [ 4D5264F9650D87D566490DD4204FC2F1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll
23:05:22.0622 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll - ok
23:05:22.0622 4292 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
23:05:22.0622 4292 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
23:05:22.0622 4292 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
23:05:22.0622 4292 C:\Windows\SysWOW64\nsi.dll - ok
23:05:22.0638 4292 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
23:05:22.0638 4292 C:\Windows\SysWOW64\rasapi32.dll - ok
23:05:22.0638 4292 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
23:05:22.0638 4292 C:\Windows\SysWOW64\version.dll - ok
23:05:22.0638 4292 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
23:05:22.0638 4292 C:\Windows\SysWOW64\winnsi.dll - ok
23:05:22.0654 4292 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
23:05:22.0654 4292 C:\Windows\SysWOW64\rasman.dll - ok
23:05:22.0654 4292 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
23:05:22.0654 4292 C:\Windows\SysWOW64\ws2_32.dll - ok
23:05:22.0654 4292 [ ECE0DE598297D3814E9891FC49D5BD59 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll
23:05:22.0654 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll - ok
23:05:22.0669 4292 [ C725A69DB7E462FB0F2E84E3B7E83C4C ] C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll
23:05:22.0669 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll - ok
23:05:22.0669 4292 [ D920BBCBBECFF1081871E84826ADA2C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
23:05:22.0669 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll - ok
23:05:22.0669 4292 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
23:05:22.0669 4292 C:\Windows\System32\drivers\bowser.sys - ok
23:05:22.0685 4292 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
23:05:22.0685 4292 C:\Windows\System32\drivers\mpsdrv.sys - ok
23:05:22.0685 4292 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
23:05:22.0685 4292 C:\Windows\System32\MPSSVC.dll - ok
23:05:22.0685 4292 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
23:05:22.0685 4292 C:\Windows\System32\drivers\mrxsmb.sys - ok
23:05:22.0700 4292 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
23:05:22.0700 4292 C:\Windows\System32\drivers\mrxsmb10.sys - ok
23:05:22.0700 4292 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
23:05:22.0700 4292 C:\Windows\System32\drivers\mrxsmb20.sys - ok
23:05:22.0700 4292 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
23:05:22.0700 4292 C:\Windows\SysWOW64\cfgmgr32.dll - ok
23:05:22.0716 4292 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
23:05:22.0716 4292 C:\Windows\System32\wkssvc.dll - ok
23:05:22.0716 4292 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
23:05:22.0716 4292 C:\Windows\SysWOW64\rtutils.dll - ok
23:05:22.0716 4292 [ E953EB70B3C4F0BA108C35D45420B86B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:05:22.0716 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe - ok
23:05:22.0732 4292 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
23:05:22.0732 4292 C:\Windows\System32\wfapigp.dll - ok
23:05:22.0732 4292 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
23:05:22.0732 4292 C:\Windows\System32\mscms.dll - ok
23:05:22.0732 4292 [ 749FF240DEDAFAFF94288E0307104DF3 ] C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe
23:05:22.0732 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe - ok
23:05:22.0747 4292 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
23:05:22.0747 4292 C:\Windows\System32\bthprops.cpl - ok
23:05:22.0747 4292 [ F04DF4C91F03A7DAAB3CC4B061F5F8A5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll
23:05:22.0747 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll - ok
23:05:22.0747 4292 [ AF2292ABEB5466D48EF8BFA7992A50AE ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll
23:05:22.0747 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll - ok
23:05:22.0763 4292 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
23:05:22.0763 4292 C:\Windows\SysWOW64\ole32.dll - ok
23:05:22.0763 4292 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
23:05:22.0763 4292 C:\Windows\System32\pcasvc.dll - ok
23:05:22.0763 4292 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
23:05:22.0763 4292 C:\Windows\System32\snmptrap.exe - ok
23:05:22.0778 4292 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
23:05:22.0778 4292 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
23:05:22.0778 4292 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
23:05:22.0778 4292 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
23:05:22.0794 4292 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
23:05:22.0794 4292 C:\Windows\System32\provsvc.dll - ok
23:05:22.0794 4292 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
23:05:22.0794 4292 C:\Windows\System32\sstpsvc.dll - ok
23:05:22.0794 4292 [ 40965B72A0A33DDB8423B85F93E4C136 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
23:05:22.0794 4292 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
23:05:22.0810 4292 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
23:05:22.0810 4292 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
23:05:22.0810 4292 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
23:05:22.0810 4292 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
23:05:22.0825 4292 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
23:05:22.0825 4292 C:\Windows\System32\winspool.drv - ok
23:05:22.0825 4292 [ C946428303FDBD85D6F17C9F104938D7 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
23:05:22.0825 4292 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
23:05:22.0825 4292 [ EA42F79A76F4795E0930FB1E9FFFA5CF ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8444db7d32915e4c\mfc80u.dll
23:05:22.0825 4292 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8444db7d32915e4c\mfc80u.dll - ok
23:05:22.0841 4292 [ 47B8B745BFE0A0CB70120C8D08E2492F ] C:\Windows\System32\nvumdshimx.dll
23:05:22.0841 4292 C:\Windows\System32\nvumdshimx.dll - ok
23:05:22.0841 4292 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
23:05:22.0841 4292 C:\Windows\System32\cryptsvc.dll - ok
23:05:22.0841 4292 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:05:22.0841 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
23:05:22.0856 4292 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
23:05:22.0856 4292 C:\Windows\System32\dps.dll - ok
23:05:22.0856 4292 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
23:05:22.0856 4292 C:\Windows\System32\taskschd.dll - ok
23:05:22.0856 4292 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
23:05:22.0856 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
23:05:22.0872 4292 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
23:05:22.0872 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
23:05:22.0872 4292 [ E6E9DC01812ABA16DBAE5EFA4EF63E57 ] C:\Windows\System32\nvapi64.dll
23:05:22.0872 4292 C:\Windows\System32\nvapi64.dll - ok
23:05:22.0872 4292 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
23:05:22.0872 4292 C:\Windows\System32\cryptnet.dll - ok
23:05:22.0888 4292 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
23:05:22.0888 4292 C:\Windows\System32\vssapi.dll - ok
23:05:22.0888 4292 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
23:05:22.0888 4292 C:\Windows\System32\vsstrace.dll - ok
23:05:22.0888 4292 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
23:05:22.0888 4292 C:\Windows\SysWOW64\crypt32.dll - ok
23:05:22.0903 4292 [ C765A8406048E3094501ED8F17BFA4D6 ] C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll
23:05:22.0903 4292 C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll - ok
23:05:22.0903 4292 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
23:05:22.0903 4292 C:\Windows\SysWOW64\msasn1.dll - ok
23:05:22.0903 4292 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:05:22.0903 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
23:05:22.0919 4292 [ 3B3DE5C189F896A7961A12BA74851BCB ] C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll
23:05:22.0919 4292 C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll - ok
23:05:22.0919 4292 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
23:05:22.0919 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
23:05:22.0919 4292 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
23:05:22.0919 4292 C:\Windows\SysWOW64\psapi.dll - ok
23:05:22.0934 4292 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
23:05:22.0934 4292 C:\Windows\SysWOW64\wintrust.dll - ok
23:05:22.0934 4292 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
23:05:22.0934 4292 C:\Windows\System32\drivers\PEAuth.sys - ok
23:05:22.0934 4292 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
23:05:22.0934 4292 C:\Windows\System32\ncsi.dll - ok
23:05:22.0950 4292 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
23:05:22.0950 4292 C:\Windows\System32\nlasvc.dll - ok
23:05:22.0950 4292 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
23:05:22.0950 4292 C:\Windows\System32\netman.dll - ok
23:05:22.0950 4292 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
23:05:22.0950 4292 C:\Windows\System32\aepic.dll - ok
23:05:22.0966 4292 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
23:05:22.0966 4292 C:\Windows\System32\sfc.dll - ok
23:05:22.0966 4292 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
23:05:22.0966 4292 C:\Windows\System32\sfc_os.dll - ok
23:05:22.0966 4292 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
23:05:22.0966 4292 C:\Windows\System32\winhttp.dll - ok
23:05:22.0981 4292 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
23:05:22.0981 4292 C:\Windows\System32\drivers\secdrv.sys - ok
23:05:22.0981 4292 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
23:05:22.0981 4292 C:\Windows\System32\drivers\srvnet.sys - ok
23:05:22.0981 4292 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
23:05:22.0981 4292 C:\Windows\System32\httpapi.dll - ok
23:05:22.0997 4292 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
23:05:22.0997 4292 C:\Windows\System32\sysmain.dll - ok
23:05:22.0997 4292 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
23:05:22.0997 4292 C:\Windows\System32\webio.dll - ok
23:05:22.0997 4292 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
23:05:22.0997 4292 C:\Windows\System32\seclogon.dll - ok
23:05:23.0012 4292 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
23:05:23.0012 4292 C:\Windows\System32\drivers\tcpipreg.sys - ok
23:05:23.0012 4292 [ D7CA52F89A7F4520610FF3682F0E42EE ] C:\Windows\System32\nvsvcr.dll
23:05:23.0012 4292 C:\Windows\System32\nvsvcr.dll - ok
23:05:23.0012 4292 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
23:05:23.0012 4292 C:\Windows\System32\tapisrv.dll - ok
23:05:23.0028 4292 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
23:05:23.0028 4292 C:\Windows\System32\ssdpapi.dll - ok
23:05:23.0028 4292 [ 6564E84B1522C12EA1C3A181ED03276F ] C:\Program Files\Intel\TurboBoost\TurboBoost.exe
23:05:23.0028 4292 C:\Program Files\Intel\TurboBoost\TurboBoost.exe - ok
23:05:23.0028 4292 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
23:05:23.0028 4292 C:\Windows\System32\trkwks.dll - ok
23:05:23.0044 4292 [ 45E475FA46D8F04A682EB5EED5476E08 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_9aefdaaa829eb818\ATL90.dll
23:05:23.0044 4292 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_9aefdaaa829eb818\ATL90.dll - ok
23:05:23.0044 4292 [ BE165318E0052A91F7EA36F515B5F2B1 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll
23:05:23.0044 4292 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok
23:05:23.0059 4292 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
23:05:23.0059 4292 C:\Windows\System32\aeevts.dll - ok
23:05:23.0059 4292 [ 0D7BE936A44E6B70F822D272A5CEBC22 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
23:05:23.0059 4292 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
23:05:23.0059 4292 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:05:23.0059 4292 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
23:05:23.0075 4292 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
23:05:23.0075 4292 C:\Windows\System32\wbem\WMIsvc.dll - ok
23:05:23.0075 4292 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
23:05:23.0075 4292 C:\Windows\System32\wbemcomn.dll - ok
23:05:23.0075 4292 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
23:05:23.0075 4292 C:\Windows\System32\wbem\WinMgmtR.dll - ok
23:05:23.0090 4292 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
23:05:23.0090 4292 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
23:05:23.0090 4292 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
23:05:23.0090 4292 C:\Windows\System32\wbem\fastprox.dll - ok
23:05:23.0090 4292 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
23:05:23.0090 4292 C:\Windows\SysWOW64\netapi32.dll - ok
23:05:23.0106 4292 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
23:05:23.0106 4292 C:\Windows\SysWOW64\netutils.dll - ok
23:05:23.0106 4292 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
23:05:23.0106 4292 C:\Windows\SysWOW64\oleaut32.dll - ok
23:05:23.0106 4292 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
23:05:23.0106 4292 C:\Windows\SysWOW64\srvcli.dll - ok
23:05:23.0122 4292 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
23:05:23.0122 4292 C:\Windows\SysWOW64\logoncli.dll - ok
23:05:23.0122 4292 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
23:05:23.0122 4292 C:\Windows\SysWOW64\wkscli.dll - ok
23:05:23.0122 4292 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
23:05:23.0122 4292 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
23:05:23.0137 4292 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
23:05:23.0137 4292 C:\Windows\System32\SensApi.dll - ok
23:05:23.0137 4292 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll
23:05:23.0137 4292 C:\Windows\SysWOW64\activeds.dll - ok
23:05:23.0137 4292 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
23:05:23.0137 4292 C:\Windows\SysWOW64\browcli.dll - ok
23:05:23.0153 4292 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
23:05:23.0153 4292 C:\Windows\System32\wer.dll - ok
23:05:23.0153 4292 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
23:05:23.0153 4292 C:\Windows\SysWOW64\adsldpc.dll - ok
23:05:23.0153 4292 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
23:05:23.0153 4292 C:\Windows\SysWOW64\atl.dll - ok
23:05:23.0168 4292 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
23:05:23.0168 4292 C:\Windows\SysWOW64\Wldap32.dll - ok
23:05:23.0168 4292 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
23:05:23.0168 4292 C:\Windows\System32\iphlpsvc.dll - ok
23:05:23.0168 4292 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
23:05:23.0168 4292 C:\Windows\System32\drivers\srv2.sys - ok
23:05:23.0184 4292 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
23:05:23.0184 4292 C:\Windows\System32\sqmapi.dll - ok
23:05:23.0184 4292 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
23:05:23.0184 4292 C:\Windows\System32\ntdsapi.dll - ok
23:05:23.0184 4292 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
23:05:23.0184 4292 C:\Windows\System32\wbem\wbemprox.dll - ok
23:05:23.0200 4292 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
23:05:23.0200 4292 C:\Windows\System32\drivers\srv.sys - ok
23:05:23.0200 4292 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
23:05:23.0200 4292 C:\Windows\System32\wdscore.dll - ok
23:05:23.0200 4292 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
23:05:23.0200 4292 C:\Windows\System32\rasmans.dll - ok
23:05:23.0215 4292 [ 20A3E587A21A285CBBE060BC3ABEDFA1 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
23:05:23.0215 4292 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
23:05:23.0215 4292 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
23:05:23.0215 4292 C:\Windows\System32\msxml3.dll - ok
23:05:23.0215 4292 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
23:05:23.0215 4292 C:\Windows\System32\rastapi.dll - ok
23:05:23.0231 4292 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
23:05:23.0231 4292 C:\Windows\System32\tapi32.dll - ok
23:05:23.0231 4292 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
23:05:23.0231 4292 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
23:05:23.0231 4292 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
23:05:23.0231 4292 C:\Windows\System32\browser.dll - ok
23:05:23.0246 4292 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
23:05:23.0246 4292 C:\Windows\System32\srvsvc.dll - ok
23:05:23.0246 4292 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
23:05:23.0246 4292 C:\Windows\System32\nci.dll - ok
23:05:23.0246 4292 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
23:05:23.0246 4292 C:\Windows\System32\netmsg.dll - ok
23:05:23.0262 4292 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
23:05:23.0262 4292 C:\Windows\System32\hnetcfg.dll - ok
23:05:23.0262 4292 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
23:05:23.0262 4292 C:\Windows\System32\sscore.dll - ok
23:05:23.0262 4292 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
23:05:23.0262 4292 C:\Windows\System32\netprofm.dll - ok
23:05:23.0278 4292 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
23:05:23.0278 4292 C:\Windows\System32\unimdm.tsp - ok
23:05:23.0278 4292 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
23:05:23.0278 4292 C:\Windows\System32\clusapi.dll - ok
23:05:23.0278 4292 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
23:05:23.0278 4292 C:\Windows\System32\resutils.dll - ok
23:05:23.0293 4292 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
23:05:23.0293 4292 C:\Windows\System32\wbem\wbemcore.dll - ok
23:05:23.0293 4292 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
23:05:23.0293 4292 C:\Windows\System32\uniplat.dll - ok
23:05:23.0293 4292 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
23:05:23.0293 4292 C:\Windows\System32\wbem\esscli.dll - ok
23:05:23.0309 4292 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
23:05:23.0309 4292 C:\Windows\System32\kmddsp.tsp - ok
23:05:23.0309 4292 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
23:05:23.0309 4292 C:\Windows\System32\ndptsp.tsp - ok
23:05:23.0309 4292 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
23:05:23.0309 4292 C:\Windows\System32\wbem\wbemsvc.dll - ok
23:05:23.0324 4292 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
23:05:23.0324 4292 C:\Windows\System32\wbem\repdrvfs.dll - ok
23:05:23.0324 4292 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
23:05:23.0324 4292 C:\Windows\System32\wbem\wmiutils.dll - ok
23:05:23.0324 4292 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
23:05:23.0324 4292 C:\Windows\System32\hidphone.tsp - ok
23:05:23.0340 4292 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
23:05:23.0340 4292 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
23:05:23.0340 4292 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
23:05:23.0340 4292 C:\Windows\System32\rasadhlp.dll - ok
23:05:23.0356 4292 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
23:05:23.0356 4292 C:\Windows\System32\rasppp.dll - ok
23:05:23.0356 4292 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
23:05:23.0356 4292 C:\Windows\System32\vpnike.dll - ok
23:05:23.0356 4292 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
23:05:23.0356 4292 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
23:05:23.0371 4292 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
23:05:23.0371 4292 C:\Windows\System32\ncobjapi.dll - ok
23:05:23.0371 4292 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
23:05:23.0371 4292 C:\Windows\System32\raschap.dll - ok
23:05:23.0371 4292 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
23:05:23.0371 4292 C:\Windows\System32\wbem\wbemess.dll - ok
23:05:23.0387 4292 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
23:05:23.0387 4292 C:\Windows\System32\ipnathlp.dll - ok
23:05:23.0387 4292 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
23:05:23.0387 4292 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
23:05:23.0387 4292 [ 49E836F597F13803D6AD27C1ADA56198 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll
23:05:23.0387 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll - ok
23:05:23.0402 4292 [ DC5F2903158E3B1F0DFE0EEBB4501997 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll
23:05:23.0402 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll - ok
23:05:23.0402 4292 [ AE886E90CE0DE063DAA747B351F41C91 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll
23:05:23.0402 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll - ok
23:05:23.0402 4292 [ 8F9F50F3810672AC36503B72A0B1808A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll
23:05:23.0402 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll - ok
23:05:23.0418 4292 [ 4382BE35AEED19E6F7797347333EE988 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll
23:05:23.0418 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll - ok
23:05:23.0418 4292 [ 4922409BDB159C5E5CA0F8F3703B059A ] C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll
23:05:23.0418 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll - ok
23:05:23.0418 4292 [ 29D717B151303045830E72B53FEFE73E ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll
23:05:23.0418 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll - ok
23:05:23.0434 4292 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
23:05:23.0434 4292 C:\Windows\SysWOW64\cryptsp.dll - ok
23:05:23.0434 4292 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
23:05:23.0434 4292 C:\Windows\SysWOW64\winspool.drv - ok
23:05:23.0434 4292 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
23:05:23.0434 4292 C:\Windows\SysWOW64\rsaenh.dll - ok
23:05:23.0449 4292 [ 5654A65F73DCD5B3CC0C84E3F3C58043 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll
23:05:23.0449 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll - ok
23:05:23.0449 4292 [ 02F4111F129B9910EF1AA4F33F62FD2A ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll
23:05:23.0449 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll - ok
23:05:23.0449 4292 [ 6B9117167660873D3CEDC719EE914105 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll
23:05:23.0449 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll - ok
23:05:23.0465 4292 [ D8189B7966DFB524558294FEFF0BEA70 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll
23:05:23.0465 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll - ok
23:05:23.0465 4292 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
23:05:23.0465 4292 C:\Windows\SysWOW64\fltLib.dll - ok
23:05:23.0465 4292 [ E35E8E2C639089FB28D6A60195BDFEA7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll
23:05:23.0465 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll - ok
23:05:23.0480 4292 [ E75A782A8C218D03A0AF54325132BC70 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll
23:05:23.0480 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll - ok
23:05:23.0480 4292 [ 9CAEE2820D405F643C2768AD4E9CBFFE ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll
23:05:23.0480 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll - ok
23:05:23.0496 4292 [ 64605B72B605DEDE66D38E3D7094E73B ] C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll
23:05:23.0496 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll - ok
23:05:23.0496 4292 [ DFA5E18FE9BF059ABA5F4E9B4B2B67F8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll
23:05:23.0496 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll - ok
23:05:23.0496 4292 [ 9C27C528D7A95443F64EBC7528531267 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll
23:05:23.0496 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll - ok
23:05:23.0512 4292 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
23:05:23.0512 4292 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
23:05:23.0512 4292 [ 8D4CC7ED1EF309487345757C7A9B2C9F ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll
23:05:23.0512 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll - ok
23:05:23.0512 4292 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
23:05:23.0512 4292 C:\Windows\SysWOW64\ntmarta.dll - ok
23:05:23.0527 4292 [ BC2A18841494B3756894627FF279C65E ] C:\Windows\System32\nvcpl.dll
23:05:23.0527 4292 C:\Windows\System32\nvcpl.dll - ok
23:05:23.0527 4292 [ B5A97B6D5DF9F965C854B3EDA0755AB2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll
23:05:23.0527 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll - ok
23:05:23.0527 4292 [ 87343253C37E1E5099429CAE483992E2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll
23:05:23.0527 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll - ok
23:05:23.0543 4292 [ 900ACDAD5D357BB26A571DCA1FD6AD36 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll
23:05:23.0543 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll - ok
23:05:23.0543 4292 [ 7B77884505F44BA1C75E9FAC217187C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll
23:05:23.0543 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll - ok
23:05:23.0558 4292 [ 434049E557861645FA160F3035025F51 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll
23:05:23.0558 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll - ok
23:05:23.0558 4292 [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll
23:05:23.0558 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll - ok
23:05:23.0558 4292 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
23:05:23.0558 4292 C:\Windows\SysWOW64\samcli.dll - ok
23:05:23.0574 4292 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
23:05:23.0574 4292 C:\Windows\SysWOW64\uxtheme.dll - ok
23:05:23.0574 4292 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
23:05:23.0574 4292 C:\Windows\SysWOW64\clbcatq.dll - ok
23:05:23.0574 4292 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
23:05:23.0574 4292 C:\Windows\SysWOW64\quartz.dll - ok
23:05:23.0590 4292 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
23:05:23.0590 4292 C:\Windows\SysWOW64\winmm.dll - ok
23:05:23.0590 4292 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
23:05:23.0590 4292 C:\Windows\SysWOW64\dwmapi.dll - ok
23:05:23.0590 4292 [ CC5BF60E9D3F181C0B62AC91AD8634B8 ] C:\Windows\SysWOW64\qcap.dll
23:05:23.0590 4292 C:\Windows\SysWOW64\qcap.dll - ok
23:05:23.0605 4292 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
23:05:23.0605 4292 C:\Windows\SysWOW64\msvfw32.dll - ok
23:05:23.0605 4292 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
23:05:23.0605 4292 C:\Windows\System32\mprapi.dll - ok
23:05:23.0605 4292 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
23:05:23.0605 4292 C:\Windows\System32\netshell.dll - ok
23:05:23.0621 4292 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
23:05:23.0621 4292 C:\Windows\System32\ndiscapCfg.dll - ok
23:05:23.0621 4292 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
23:05:23.0621 4292 C:\Windows\System32\rascfg.dll - ok
23:05:23.0621 4292 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
23:05:23.0621 4292 C:\Windows\System32\mprmsg.dll - ok
23:05:23.0636 4292 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
23:05:23.0636 4292 C:\Windows\System32\tcpipcfg.dll - ok
23:05:23.0636 4292 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
23:05:23.0636 4292 C:\Windows\System32\wshbth.dll - ok
23:05:23.0636 4292 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
23:05:23.0636 4292 C:\Windows\System32\dllhost.exe - ok
23:05:23.0652 4292 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
23:05:23.0652 4292 C:\Windows\System32\IDStore.dll - ok
23:05:23.0652 4292 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
23:05:23.0652 4292 C:\Windows\System32\taskhost.exe - ok
23:05:23.0652 4292 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
23:05:23.0652 4292 C:\Windows\System32\mpr.dll - ok
23:05:23.0668 4292 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
23:05:23.0668 4292 C:\Windows\SysWOW64\apphelp.dll - ok
23:05:23.0668 4292 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
23:05:23.0668 4292 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
23:05:23.0668 4292 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
23:05:23.0668 4292 C:\Windows\System32\userinit.exe - ok
23:05:23.0683 4292 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
23:05:23.0683 4292 C:\Windows\System32\dwm.exe - ok
23:05:23.0683 4292 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
23:05:23.0683 4292 C:\Windows\System32\dwmredir.dll - ok
23:05:23.0683 4292 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
23:05:23.0683 4292 C:\Windows\System32\dwmcore.dll - ok
23:05:23.0699 4292 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
23:05:23.0699 4292 C:\Windows\System32\MsCtfMonitor.dll - ok
23:05:23.0699 4292 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
23:05:23.0699 4292 C:\Windows\System32\msutb.dll - ok
23:05:23.0699 4292 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
23:05:23.0699 4292 C:\Windows\System32\HotStartUserAgent.dll - ok
23:05:23.0714 4292 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
23:05:23.0714 4292 C:\Windows\System32\PlaySndSrv.dll - ok
23:05:23.0714 4292 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
23:05:23.0714 4292 C:\Windows\explorer.exe - ok
23:05:23.0714 4292 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
23:05:23.0714 4292 C:\Windows\System32\ExplorerFrame.dll - ok
23:05:23.0730 4292 [ 6FCAFCB0820C9BC0EE363F26A9A9D8F3 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
23:05:23.0730 4292 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll - ok
23:05:23.0730 4292 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
23:05:23.0730 4292 C:\Windows\System32\EhStorShell.dll - ok
23:05:23.0730 4292 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
23:05:23.0730 4292 C:\Windows\System32\ntshrui.dll - ok
23:05:23.0746 4292 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
23:05:23.0746 4292 C:\Windows\System32\cscapi.dll - ok
23:05:23.0746 4292 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
23:05:23.0746 4292 C:\Windows\System32\IconCodecService.dll - ok
23:05:23.0746 4292 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
23:05:23.0746 4292 C:\Windows\System32\alg.exe - ok
23:05:23.0761 4292 [ D1CEEA2B47CB998321C579651CE3E4F8 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:05:23.0761 4292 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe - ok
23:05:23.0761 4292 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:05:23.0761 4292 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
23:05:23.0777 4292 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
23:05:23.0777 4292 C:\Windows\System32\linkinfo.dll - ok
23:05:23.0777 4292 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
23:05:23.0777 4292 C:\Windows\ehome\ehrecvr.exe - ok
23:05:23.0777 4292 [ 8886E0697B0A93C521F99099EF643450 ] C:\Windows\System32\wscript.exe
23:05:23.0777 4292 C:\Windows\System32\wscript.exe - ok
23:05:23.0792 4292 [ 095122AA583F3DDEA7D752FB6379EE36 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll
23:05:23.0792 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll - ok
23:05:23.0792 4292 [ 495B01F44E917CCDF79005CC0EC56F5A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
23:05:23.0792 4292 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
23:05:23.0792 4292 [ 396ABDD67BBB3FC3028DFBCA849A721F ] C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe
23:05:23.0792 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe - ok
23:05:23.0808 4292 [ 5F607DEEF42E454B60606FFCEBB1657D ] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe
23:05:23.0808 4292 C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe - ok
23:05:23.0808 4292 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
23:05:23.0808 4292 C:\Windows\ehome\ehsched.exe - ok
23:05:23.0808 4292 [ 131216B7B74DEC3CF30689AA0C2D89C1 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
23:05:23.0808 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe - ok
23:05:23.0824 4292 [ 734DCB85D9B01D597D683C1A44B5EBE5 ] C:\Program Files\Elantech\ETDCtrl.exe
23:05:23.0824 4292 C:\Program Files\Elantech\ETDCtrl.exe - ok
23:05:23.0824 4292 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
23:05:23.0824 4292 C:\Windows\SysWOW64\setupapi.dll - ok
23:05:23.0824 4292 [ 483BAA4246B80BDE1EA562C618BBA4A1 ] C:\Windows\System32\igfxtray.exe
23:05:23.0824 4292 C:\Windows\System32\igfxtray.exe - ok
23:05:23.0839 4292 [ 08E09429070908FFEB301A64000A24C8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll
23:05:23.0839 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll - ok
23:05:23.0839 4292 [ 7250E1044C3F3A2B217BA8CF2CE801FA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll
23:05:23.0839 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll - ok
23:05:23.0855 4292 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
23:05:23.0855 4292 C:\Windows\System32\FXSSVC.exe - ok
23:05:23.0855 4292 [ 40CAEC9DBC892ED1915704CC54CB382E ] C:\Windows\System32\hkcmd.exe
23:05:23.0855 4292 C:\Windows\System32\hkcmd.exe - ok
23:05:23.0855 4292 [ 0E0053787038601A655F2DF8FCF72623 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
23:05:23.0855 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe - ok
23:05:23.0870 4292 [ 7DE03B605C794491D53A920EC86AF58C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll
23:05:23.0870 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll - ok
23:05:23.0870 4292 [ 01749C961A521D3B9F78741B87BE0461 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll
23:05:23.0870 4292 C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll - ok
23:05:23.0870 4292 [ C88B01661694F2013F8DF1BD66B8B39E ] C:\Windows\System32\igfxpers.exe
23:05:23.0870 4292 C:\Windows\System32\igfxpers.exe - ok
23:05:23.0886 4292 [ A042FB145907E867A19D5CAC06A9EFB1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:05:23.0886 4292 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
23:05:23.0886 4292 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
23:05:23.0886 4292 C:\Windows\System32\appinfo.dll - ok
23:05:23.0886 4292 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
23:05:23.0886 4292 C:\Windows\System32\wdi.dll - ok
23:05:23.0902 4292 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
23:05:23.0902 4292 C:\Windows\System32\bthserv.dll - ok
23:05:23.0902 4292 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
23:05:23.0902 4292 C:\Windows\System32\hidserv.dll - ok
23:05:23.0902 4292 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
23:05:23.0902 4292 C:\Windows\System32\shfolder.dll - ok
23:05:23.0917 4292 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
23:05:23.0917 4292 C:\Windows\System32\diagperf.dll - ok
23:05:23.0917 4292 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
23:05:23.0917 4292 C:\Windows\System32\IPSECSVC.DLL - ok
23:05:23.0917 4292 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
23:05:23.0917 4292 C:\Windows\System32\wpdbusenum.dll - ok
23:05:23.0933 4292 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
23:05:23.0933 4292 C:\Windows\System32\perftrack.dll - ok
23:05:23.0933 4292 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
23:05:23.0933 4292 C:\Windows\System32\PortableDeviceApi.dll - ok
23:05:23.0933 4292 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
23:05:23.0933 4292 C:\Windows\System32\FwRemoteSvr.dll - ok
23:05:23.0948 4292 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
23:05:23.0948 4292 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
23:05:23.0948 4292 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
23:05:23.0948 4292 C:\Windows\System32\Apphlpdm.dll - ok
23:05:23.0948 4292 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
23:05:23.0948 4292 C:\Windows\System32\pnpts.dll - ok
23:05:23.0964 4292 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
23:05:23.0964 4292 C:\Windows\System32\runonce.exe - ok
23:05:23.0964 4292 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
23:05:23.0964 4292 C:\Windows\System32\wdiasqmmodule.dll - ok
23:05:23.0964 4292 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
23:05:23.0964 4292 C:\Windows\System32\radardt.dll - ok
23:05:23.0980 4292 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
23:05:23.0980 4292 C:\Windows\System32\npmproxy.dll - ok
23:05:23.0980 4292 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
23:05:23.0980 4292 C:\Windows\SysWOW64\devobj.dll - ok
23:05:23.0980 4292 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe
23:05:23.0980 4292 C:\Windows\SysWOW64\taskeng.exe - ok
23:05:23.0995 4292 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
23:05:23.0995 4292 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
23:05:23.0995 4292 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
23:05:23.0995 4292 C:\Windows\SysWOW64\runonce.exe - ok
23:05:23.0995 4292 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll
23:05:23.0995 4292 C:\Windows\SysWOW64\mprmsg.dll - ok
23:05:24.0011 4292 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
23:05:24.0011 4292 C:\Windows\System32\taskeng.exe - ok
23:05:24.0011 4292 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
23:05:24.0011 4292 C:\Windows\SysWOW64\d3d10_1.dll - ok
23:05:24.0011 4292 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
23:05:24.0011 4292 C:\Windows\System32\d3d10_1.dll - ok
-
Computer status: After running last time windows started complaining that the internet security settings are not safe. I reset security settings. Also when signing in with normal user rights windows complained that no real-time scanner is active even though avira claims to be up and running.
23:03:40.0808 3988 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:03:40.0855 3988 ============================================================
23:03:40.0855 3988 Current date / time: 2012/12/28 23:03:40.0855
23:03:40.0855 3988 SystemInfo:
23:03:40.0855 3988
23:03:40.0855 3988 OS Version: 6.1.7601 ServicePack: 1.0
23:03:40.0855 3988 Product type: Workstation
23:03:40.0855 3988 ComputerName: DONALD-PC
23:03:40.0855 3988 UserName: Donald
23:03:40.0855 3988 Windows directory: C:\Windows
23:03:40.0855 3988 System windows directory: C:\Windows
23:03:40.0855 3988 Running under WOW64
23:03:40.0855 3988 Processor architecture: Intel x64
23:03:40.0855 3988 Number of processors: 4
23:03:40.0855 3988 Page size: 0x1000
23:03:40.0855 3988 Boot type: Normal boot
23:03:40.0855 3988 ============================================================
23:03:41.0822 3988 BG loaded
23:03:44.0147 3988 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:03:44.0147 3988 ============================================================
23:03:44.0147 3988 \Device\Harddisk0\DR0:
23:03:44.0147 3988 MBR partitions:
23:03:44.0147 3988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2AF98B8, BlocksNum 0x3788BF78
23:03:44.0147 3988 ============================================================
23:03:44.0209 3988 C: <-> \Device\Harddisk0\DR0\Partition1
23:03:44.0209 3988 ============================================================
23:03:44.0209 3988 Initialize success
23:03:44.0209 3988 ============================================================
23:04:25.0370 4292 ============================================================
23:04:25.0370 4292 Scan started
23:04:25.0370 4292 Mode: Manual; SigCheck; TDLFS;
23:04:25.0370 4292 ============================================================
23:04:25.0557 4292 ================ Scan system memory ========================
23:04:25.0557 4292 System memory - ok
23:04:25.0557 4292 ================ Scan services =============================
23:04:26.0135 4292 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:04:26.0337 4292 1394ohci - ok
23:04:26.0384 4292 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:04:26.0462 4292 ACPI - ok
23:04:26.0509 4292 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:04:26.0696 4292 AcpiPmi - ok
23:04:26.0759 4292 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:04:26.0852 4292 adp94xx - ok
23:04:26.0868 4292 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:04:26.0930 4292 adpahci - ok
23:04:26.0930 4292 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:04:26.0961 4292 adpu320 - ok
23:04:27.0024 4292 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:04:27.0258 4292 AeLookupSvc - ok
23:04:27.0320 4292 [ 079CBA3C5C9AB11B2B4E6BD729A860F2 ] AFBAgent C:\Windows\system32\FBAgent.exe
23:04:27.0414 4292 AFBAgent - ok
23:04:27.0539 4292 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:04:27.0632 4292 AFD - ok
23:04:27.0710 4292 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:04:27.0757 4292 agp440 - ok
23:04:27.0773 4292 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:04:27.0851 4292 ALG - ok
23:04:27.0944 4292 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:04:27.0975 4292 aliide - ok
23:04:28.0038 4292 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:04:28.0069 4292 amdide - ok
23:04:28.0131 4292 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:04:28.0209 4292 AmdK8 - ok
23:04:28.0209 4292 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:04:28.0272 4292 AmdPPM - ok
23:04:28.0319 4292 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:04:28.0365 4292 amdsata - ok
23:04:28.0381 4292 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:04:28.0412 4292 amdsbs - ok
23:04:28.0428 4292 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:04:28.0459 4292 amdxata - ok
23:04:28.0662 4292 [ D89562A6AE8E07A457452E5B5560EB43 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:04:28.0709 4292 AntiVirSchedulerService - ok
23:04:28.0771 4292 [ E953EB70B3C4F0BA108C35D45420B86B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:04:28.0787 4292 AntiVirService - ok
23:04:28.0849 4292 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:04:29.0114 4292 AppID - ok
23:04:29.0130 4292 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:04:29.0255 4292 AppIDSvc - ok
23:04:29.0301 4292 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:04:29.0411 4292 Appinfo - ok
23:04:29.0426 4292 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:04:29.0457 4292 arc - ok
23:04:29.0457 4292 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:04:29.0489 4292 arcsas - ok
23:04:29.0520 4292 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
23:04:29.0551 4292 ASLDRService - ok
23:04:29.0567 4292 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:04:29.0598 4292 ASMMAP64 - ok
23:04:29.0598 4292 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:04:29.0707 4292 AsyncMac - ok
23:04:29.0754 4292 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:04:29.0785 4292 atapi - ok
23:04:29.0832 4292 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
23:04:29.0863 4292 AthBTPort - ok
23:04:29.0957 4292 [ 749FF240DEDAFAFF94288E0307104DF3 ] AtherosSvc C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
23:04:29.0988 4292 AtherosSvc - ok
23:04:30.0081 4292 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
23:04:30.0222 4292 athr - ok
23:04:30.0237 4292 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:04:30.0269 4292 ATKGFNEXSrv - ok
23:04:30.0284 4292 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
23:04:30.0300 4292 ATKWMIACPIIO - ok
23:04:30.0347 4292 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:04:30.0456 4292 AudioEndpointBuilder - ok
23:04:30.0487 4292 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:04:30.0534 4292 AudioSrv - ok
23:04:30.0549 4292 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:04:30.0581 4292 avgntflt - ok
23:04:30.0627 4292 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:04:30.0674 4292 avipbb - ok
23:04:30.0690 4292 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:04:30.0721 4292 avkmgr - ok
23:04:30.0768 4292 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:04:30.0908 4292 AxInstSV - ok
23:04:30.0971 4292 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:04:31.0049 4292 b06bdrv - ok
23:04:31.0095 4292 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:04:31.0173 4292 b57nd60a - ok
23:04:31.0220 4292 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:04:31.0329 4292 BDESVC - ok
23:04:31.0329 4292 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:04:31.0454 4292 Beep - ok
23:04:31.0532 4292 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:04:31.0657 4292 BFE - ok
23:04:31.0829 4292 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
23:04:32.0016 4292 BITS - ok
23:04:32.0063 4292 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:04:32.0141 4292 blbdrive - ok
23:04:32.0172 4292 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:04:32.0265 4292 bowser - ok
23:04:32.0297 4292 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:04:32.0499 4292 BrFiltLo - ok
23:04:32.0515 4292 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:04:32.0546 4292 BrFiltUp - ok
23:04:32.0640 4292 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
23:04:32.0765 4292 BridgeMP - ok
23:04:32.0827 4292 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:04:32.0889 4292 Browser - ok
23:04:32.0921 4292 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:04:32.0983 4292 Brserid - ok
23:04:33.0030 4292 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:04:33.0139 4292 BrSerWdm - ok
23:04:33.0170 4292 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:04:33.0248 4292 BrUsbMdm - ok
23:04:33.0264 4292 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:04:33.0311 4292 BrUsbSer - ok
23:04:33.0373 4292 [ 227C8F308DE4AF4808E587465CEAB838 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
23:04:33.0420 4292 BTATH_A2DP - ok
23:04:33.0467 4292 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
23:04:33.0513 4292 BTATH_BUS - ok
23:04:33.0560 4292 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
23:04:33.0591 4292 BTATH_HCRP - ok
23:04:33.0638 4292 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
23:04:33.0669 4292 BTATH_LWFLT - ok
23:04:33.0716 4292 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
23:04:33.0747 4292 BTATH_RCP - ok
23:04:33.0794 4292 [ 486720DA2B3BB13D1080C83140C18B56 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
23:04:33.0810 4292 BtFilter - ok
23:04:33.0872 4292 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:04:34.0013 4292 BthEnum - ok
23:04:34.0028 4292 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:04:34.0122 4292 BTHMODEM - ok
23:04:34.0137 4292 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:04:34.0184 4292 BthPan - ok
23:04:34.0231 4292 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:04:34.0340 4292 BTHPORT - ok
23:04:34.0434 4292 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:04:34.0574 4292 bthserv - ok
23:04:34.0605 4292 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:04:34.0715 4292 BTHUSB - ok
23:04:34.0761 4292 catchme - ok
23:04:34.0777 4292 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:04:34.0902 4292 cdfs - ok
23:04:34.0995 4292 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
23:04:35.0073 4292 cdrom - ok
23:04:35.0151 4292 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:04:35.0261 4292 CertPropSvc - ok
23:04:35.0292 4292 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:04:35.0339 4292 circlass - ok
23:04:35.0401 4292 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:04:35.0463 4292 CLFS - ok
23:04:35.0822 4292 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:04:35.0869 4292 clr_optimization_v2.0.50727_32 - ok
23:04:36.0103 4292 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:04:36.0181 4292 clr_optimization_v2.0.50727_64 - ok
23:04:36.0633 4292 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:04:36.0727 4292 clr_optimization_v4.0.30319_32 - ok
23:04:36.0961 4292 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:04:36.0992 4292 clr_optimization_v4.0.30319_64 - ok
23:04:37.0023 4292 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:04:37.0055 4292 CmBatt - ok
23:04:37.0055 4292 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:04:37.0101 4292 cmdide - ok
23:04:37.0133 4292 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
23:04:37.0211 4292 CNG - ok
23:04:37.0242 4292 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:04:37.0289 4292 Compbatt - ok
23:04:37.0351 4292 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:04:37.0398 4292 CompositeBus - ok
23:04:37.0413 4292 COMSysApp - ok
23:04:38.0895 4292 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
23:04:38.0958 4292 cphs - ok
23:04:38.0989 4292 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:04:39.0020 4292 crcdisk - ok
23:04:39.0129 4292 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:04:39.0285 4292 CryptSvc - ok
23:04:39.0379 4292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:04:39.0488 4292 DcomLaunch - ok
23:04:39.0582 4292 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:04:39.0800 4292 defragsvc - ok
23:04:39.0878 4292 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:04:40.0019 4292 DfsC - ok
23:04:40.0097 4292 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:04:40.0221 4292 Dhcp - ok
23:04:40.0315 4292 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:04:40.0440 4292 discache - ok
23:04:40.0518 4292 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:04:40.0549 4292 Disk - ok
23:04:40.0627 4292 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:04:40.0767 4292 Dnscache - ok
23:04:40.0814 4292 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:04:40.0892 4292 dot3svc - ok
23:04:40.0923 4292 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:04:41.0017 4292 DPS - ok
23:04:41.0064 4292 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:04:41.0111 4292 drmkaud - ok
23:04:41.0157 4292 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:04:41.0204 4292 DXGKrnl - ok
23:04:41.0251 4292 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:04:41.0345 4292 EapHost - ok
23:04:41.0485 4292 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:04:41.0688 4292 ebdrv - ok
23:04:41.0750 4292 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:04:41.0813 4292 EFS - ok
23:04:42.0015 4292 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:04:42.0109 4292 ehRecvr - ok
23:04:42.0156 4292 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:04:42.0265 4292 ehSched - ok
23:04:42.0343 4292 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:04:42.0405 4292 elxstor - ok
23:04:42.0452 4292 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:04:42.0499 4292 ErrDev - ok
23:04:42.0530 4292 [ 5B042AA9CEBDAB5B61E747DDCEBFF51B ] ETD C:\Windows\system32\DRIVERS\ETD.sys
23:04:42.0561 4292 ETD - ok
23:04:42.0608 4292 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:04:42.0702 4292 EventSystem - ok
23:04:42.0780 4292 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:04:42.0873 4292 exfat - ok
23:04:42.0905 4292 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:04:42.0998 4292 fastfat - ok
23:04:43.0045 4292 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:04:43.0139 4292 Fax - ok
23:04:43.0170 4292 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:04:43.0295 4292 fdc - ok
23:04:43.0341 4292 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:04:43.0451 4292 fdPHost - ok
23:04:43.0451 4292 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:04:43.0529 4292 FDResPub - ok
23:04:43.0529 4292 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:04:43.0560 4292 FileInfo - ok
23:04:43.0560 4292 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:04:43.0622 4292 Filetrace - ok
23:04:43.0653 4292 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:04:43.0669 4292 flpydisk - ok
23:04:43.0716 4292 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:04:43.0747 4292 FltMgr - ok
23:04:43.0794 4292 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
23:04:43.0872 4292 FontCache - ok
23:04:43.0934 4292 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:04:43.0950 4292 FontCache3.0.0.0 - ok
23:04:43.0950 4292 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:04:43.0981 4292 FsDepends - ok
23:04:44.0028 4292 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:04:44.0043 4292 fssfltr - ok
23:04:44.0199 4292 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:04:44.0246 4292 fsssvc - ok
23:04:44.0293 4292 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:04:44.0309 4292 Fs_Rec - ok
23:04:44.0449 4292 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:04:44.0543 4292 fvevol - ok
23:04:44.0605 4292 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:04:44.0652 4292 gagp30kx - ok
23:04:44.0777 4292 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:04:44.0917 4292 gpsvc - ok
23:04:45.0026 4292 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:04:45.0057 4292 gupdate - ok
23:04:45.0073 4292 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:04:45.0089 4292 gupdatem - ok
23:04:45.0167 4292 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:04:45.0182 4292 gusvc - ok
23:04:45.0213 4292 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:04:45.0291 4292 hcw85cir - ok
23:04:45.0354 4292 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:04:45.0479 4292 HdAudAddService - ok
23:04:45.0603 4292 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:04:45.0666 4292 HDAudBus - ok
23:04:45.0681 4292 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:04:45.0759 4292 HidBatt - ok
23:04:45.0775 4292 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:04:45.0822 4292 HidBth - ok
23:04:45.0837 4292 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:04:45.0915 4292 HidIr - ok
23:04:45.0978 4292 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
23:04:46.0071 4292 hidserv - ok
23:04:46.0118 4292 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:04:46.0165 4292 HidUsb - ok
23:04:46.0851 4292 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:04:46.0992 4292 hkmsvc - ok
23:04:47.0070 4292 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:04:47.0257 4292 HomeGroupListener - ok
23:04:47.0335 4292 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:04:47.0397 4292 HomeGroupProvider - ok
23:04:47.0460 4292 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:04:47.0475 4292 HpSAMD - ok
23:04:47.0663 4292 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:04:47.0756 4292 HTTP - ok
23:04:47.0819 4292 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:04:47.0897 4292 hwpolicy - ok
23:04:48.0006 4292 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:04:48.0084 4292 i8042prt - ok
23:04:48.0193 4292 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:04:48.0224 4292 iaStor - ok
23:04:48.0333 4292 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:04:48.0396 4292 iaStorV - ok
23:04:48.0645 4292 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:04:48.0692 4292 idsvc - ok
23:04:49.0940 4292 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:04:50.0096 4292 igfx - ok
23:04:50.0283 4292 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:04:50.0330 4292 iirsp - ok
23:04:50.0408 4292 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:04:50.0502 4292 IKEEXT - ok
23:04:51.0313 4292 [ 3E3926F4FA7C9162C5C3EC6BF1E4F349 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:04:51.0407 4292 IntcAzAudAddService - ok
23:04:51.0469 4292 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
23:04:51.0516 4292 IntcDAud - ok
23:04:51.0563 4292 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:04:51.0594 4292 intelide - ok
23:04:51.0672 4292 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:04:51.0719 4292 intelppm - ok
23:04:51.0765 4292 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:04:51.0828 4292 IPBusEnum - ok
23:04:51.0890 4292 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:04:51.0999 4292 IpFilterDriver - ok
23:04:52.0077 4292 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:04:52.0202 4292 iphlpsvc - ok
23:04:52.0249 4292 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:04:52.0296 4292 IPMIDRV - ok
23:04:52.0327 4292 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:04:52.0421 4292 IPNAT - ok
23:04:52.0452 4292 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:04:52.0608 4292 IRENUM - ok
23:04:52.0655 4292 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:04:52.0686 4292 isapnp - ok
23:04:52.0764 4292 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:04:52.0826 4292 iScsiPrt - ok
23:04:52.0857 4292 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:04:52.0889 4292 kbdclass - ok
23:04:52.0951 4292 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:04:53.0076 4292 kbdhid - ok
23:04:53.0123 4292 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
23:04:53.0138 4292 kbfiltr - ok
23:04:53.0154 4292 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:04:53.0185 4292 KeyIso - ok
23:04:53.0216 4292 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:04:53.0247 4292 KSecDD - ok
23:04:53.0325 4292 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:04:53.0372 4292 KSecPkg - ok
23:04:53.0403 4292 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:04:53.0497 4292 ksthunk - ok
23:04:53.0591 4292 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:04:53.0715 4292 KtmRm - ok
23:04:53.0793 4292 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
23:04:53.0903 4292 LanmanServer - ok
23:04:53.0949 4292 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:04:54.0074 4292 LanmanWorkstation - ok
23:04:54.0121 4292 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:04:54.0215 4292 lltdio - ok
23:04:54.0277 4292 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:04:54.0371 4292 lltdsvc - ok
23:04:54.0371 4292 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:04:54.0433 4292 lmhosts - ok
23:04:54.0464 4292 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:04:54.0511 4292 LSI_FC - ok
23:04:54.0527 4292 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:04:54.0542 4292 LSI_SAS - ok
23:04:54.0542 4292 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:04:54.0573 4292 LSI_SAS2 - ok
23:04:54.0573 4292 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:04:54.0605 4292 LSI_SCSI - ok
23:04:54.0651 4292 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:04:54.0729 4292 luafv - ok
23:04:54.0761 4292 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:04:54.0776 4292 MBAMProtector - ok
23:04:54.0948 4292 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:04:54.0979 4292 MBAMScheduler - ok
23:04:55.0026 4292 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:04:55.0057 4292 MBAMService - ok
23:04:55.0104 4292 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:04:55.0166 4292 Mcx2Svc - ok
23:04:55.0182 4292 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:04:55.0197 4292 megasas - ok
23:04:55.0291 4292 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:04:55.0338 4292 MegaSR - ok
23:04:55.0385 4292 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:04:55.0400 4292 MEIx64 - ok
23:04:55.0463 4292 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:04:55.0572 4292 MMCSS - ok
23:04:55.0650 4292 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:04:55.0743 4292 Modem - ok
23:04:55.0790 4292 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:04:55.0837 4292 monitor - ok
23:04:55.0884 4292 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
23:04:55.0915 4292 mouclass - ok
23:04:55.0915 4292 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:04:55.0962 4292 mouhid - ok
23:04:56.0009 4292 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:04:56.0055 4292 mountmgr - ok
23:04:56.0102 4292 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:04:56.0133 4292 mpio - ok
23:04:56.0149 4292 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:04:56.0243 4292 mpsdrv - ok
23:04:56.0289 4292 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:04:56.0383 4292 MpsSvc - ok
23:04:56.0414 4292 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:04:56.0477 4292 MRxDAV - ok
23:04:56.0508 4292 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:04:56.0570 4292 mrxsmb - ok
23:04:56.0586 4292 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:04:56.0695 4292 mrxsmb10 - ok
23:04:56.0742 4292 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:04:56.0773 4292 mrxsmb20 - ok
23:04:56.0804 4292 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:04:56.0835 4292 msahci - ok
23:04:56.0867 4292 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:04:56.0898 4292 msdsm - ok
23:04:56.0913 4292 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:04:56.0976 4292 MSDTC - ok
23:04:56.0991 4292 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:04:57.0038 4292 Msfs - ok
23:04:57.0054 4292 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:04:57.0132 4292 mshidkmdf - ok
23:04:57.0147 4292 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:04:57.0163 4292 msisadrv - ok
23:04:57.0210 4292 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:04:57.0288 4292 MSiSCSI - ok
23:04:57.0288 4292 msiserver - ok
23:04:57.0303 4292 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:04:57.0381 4292 MSKSSRV - ok
23:04:57.0381 4292 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:04:57.0444 4292 MSPCLOCK - ok
23:04:57.0459 4292 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:04:57.0537 4292 MSPQM - ok
23:04:57.0647 4292 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:04:57.0709 4292 MsRPC - ok
23:04:57.0771 4292 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:04:57.0787 4292 mssmbios - ok
23:04:57.0803 4292 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:04:57.0896 4292 MSTEE - ok
23:04:57.0912 4292 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:04:57.0974 4292 MTConfig - ok
23:04:58.0005 4292 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:04:58.0037 4292 Mup - ok
23:04:58.0099 4292 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:04:58.0177 4292 napagent - ok
23:04:58.0208 4292 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:04:58.0255 4292 NativeWifiP - ok
23:04:58.0302 4292 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:04:58.0364 4292 NDIS - ok
23:04:58.0395 4292 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:04:58.0489 4292 NdisCap - ok
23:04:58.0520 4292 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:04:58.0583 4292 NdisTapi - ok
23:04:58.0661 4292 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:04:58.0754 4292 Ndisuio - ok
23:04:58.0770 4292 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:04:58.0863 4292 NdisWan - ok
23:04:58.0879 4292 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:04:58.0957 4292 NDProxy - ok
23:04:58.0957 4292 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:04:59.0035 4292 NetBIOS - ok
23:04:59.0066 4292 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:04:59.0129 4292 NetBT - ok
23:04:59.0144 4292 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:04:59.0160 4292 Netlogon - ok
23:04:59.0222 4292 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:04:59.0331 4292 Netman - ok
23:04:59.0347 4292 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:04:59.0409 4292 netprofm - ok
23:04:59.0441 4292 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:04:59.0472 4292 NetTcpPortSharing - ok
23:04:59.0487 4292 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:04:59.0534 4292 nfrd960 - ok
23:04:59.0565 4292 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:04:59.0612 4292 NlaSvc - ok
23:04:59.0612 4292 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:04:59.0675 4292 Npfs - ok
23:04:59.0690 4292 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:04:59.0753 4292 nsi - ok
23:04:59.0753 4292 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:04:59.0831 4292 nsiproxy - ok
23:04:59.0909 4292 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:05:00.0065 4292 Ntfs - ok
23:05:00.0065 4292 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:05:00.0143 4292 Null - ok
23:05:00.0533 4292 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:05:00.0860 4292 nvlddmkm - ok
23:05:00.0891 4292 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
23:05:00.0923 4292 nvpciflt - ok
23:05:00.0938 4292 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:05:00.0954 4292 nvraid - ok
23:05:01.0001 4292 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:05:01.0032 4292 nvstor - ok
23:05:01.0079 4292 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
23:05:01.0141 4292 NVSvc - ok
23:05:01.0219 4292 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:05:01.0281 4292 nvUpdatusService - ok
23:05:01.0313 4292 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:05:01.0344 4292 nv_agp - ok
23:05:01.0375 4292 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:05:01.0406 4292 ohci1394 - ok
23:05:01.0453 4292 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:05:01.0547 4292 p2pimsvc - ok
23:05:01.0593 4292 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:05:01.0687 4292 p2psvc - ok
23:05:01.0687 4292 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:05:01.0734 4292 Parport - ok
23:05:01.0765 4292 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:05:01.0796 4292 partmgr - ok
23:05:01.0859 4292 Partner Service - ok
23:05:01.0874 4292 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:05:01.0937 4292 PcaSvc - ok
23:05:01.0952 4292 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:05:01.0983 4292 pci - ok
23:05:01.0999 4292 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:05:02.0030 4292 pciide - ok
23:05:02.0046 4292 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:05:02.0077 4292 pcmcia - ok
23:05:02.0077 4292 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:05:02.0108 4292 pcw - ok
23:05:02.0108 4292 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:05:02.0202 4292 PEAUTH - ok
23:05:02.0233 4292 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:05:02.0264 4292 PerfHost - ok
23:05:02.0358 4292 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:05:02.0514 4292 pla - ok
23:05:02.0576 4292 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:05:02.0685 4292 PlugPlay - ok
23:05:02.0717 4292 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:05:02.0748 4292 PNRPAutoReg - ok
23:05:02.0779 4292 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:05:02.0810 4292 PNRPsvc - ok
23:05:02.0841 4292 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:05:02.0935 4292 PolicyAgent - ok
23:05:02.0982 4292 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:05:03.0075 4292 Power - ok
23:05:03.0091 4292 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:05:03.0169 4292 PptpMiniport - ok
23:05:03.0185 4292 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:05:03.0216 4292 Processor - ok
23:05:03.0278 4292 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:05:03.0356 4292 ProfSvc - ok
23:05:03.0356 4292 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:05:03.0387 4292 ProtectedStorage - ok
23:05:03.0434 4292 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:05:03.0528 4292 Psched - ok
23:05:03.0575 4292 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:05:03.0731 4292 ql2300 - ok
23:05:03.0731 4292 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:05:03.0762 4292 ql40xx - ok
23:05:03.0777 4292 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:05:03.0824 4292 QWAVE - ok
23:05:03.0840 4292 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:05:03.0871 4292 QWAVEdrv - ok
23:05:03.0887 4292 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:05:03.0949 4292 RasAcd - ok
23:05:03.0980 4292 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:05:04.0074 4292 RasAgileVpn - ok
23:05:04.0089 4292 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:05:04.0167 4292 RasAuto - ok
23:05:04.0199 4292 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:05:04.0261 4292 Rasl2tp - ok
23:05:04.0308 4292 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:05:04.0401 4292 RasMan - ok
23:05:04.0417 4292 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:05:04.0495 4292 RasPppoe - ok
23:05:04.0495 4292 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:05:04.0573 4292 RasSstp - ok
23:05:04.0620 4292 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:05:04.0713 4292 rdbss - ok
23:05:04.0745 4292 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:05:04.0963 4292 rdpbus - ok
23:05:04.0979 4292 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:05:05.0072 4292 RDPCDD - ok
23:05:05.0088 4292 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:05:05.0166 4292 RDPENCDD - ok
23:05:05.0197 4292 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:05:05.0244 4292 RDPREFMP - ok
23:05:05.0384 4292 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:05:05.0447 4292 RdpVideoMiniport - ok
23:05:05.0493 4292 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:05:05.0587 4292 RDPWD - ok
23:05:05.0634 4292 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:05:05.0665 4292 rdyboost - ok
23:05:05.0696 4292 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:05:05.0774 4292 RemoteAccess - ok
23:05:05.0821 4292 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:05:05.0946 4292 RemoteRegistry - ok
23:05:05.0961 4292 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:05:06.0008 4292 RFCOMM - ok
23:05:06.0024 4292 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:05:06.0117 4292 RpcEptMapper - ok
23:05:06.0149 4292 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:05:06.0195 4292 RpcLocator - ok
23:05:06.0242 4292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:05:06.0320 4292 RpcSs - ok
23:05:06.0336 4292 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:05:06.0414 4292 rspndr - ok
23:05:06.0461 4292 [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys
23:05:06.0507 4292 RSUSBVSTOR - ok
23:05:06.0570 4292 [ 20A466B9EA2BD828C0EC723F99B8CFE7 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:05:06.0601 4292 RTL8167 - ok
23:05:06.0632 4292 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:05:06.0648 4292 SamSs - ok
23:05:06.0679 4292 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:05:06.0710 4292 sbp2port - ok
23:05:06.0726 4292 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:05:06.0804 4292 SCardSvr - ok
23:05:06.0835 4292 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:05:06.0897 4292 scfilter - ok
23:05:06.0944 4292 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:05:07.0038 4292 Schedule - ok
23:05:07.0069 4292 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:05:07.0147 4292 SCPolicySvc - ok
23:05:07.0178 4292 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:05:07.0225 4292 SDRSVC - ok
23:05:07.0241 4292 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:05:07.0287 4292 secdrv - ok
23:05:07.0319 4292 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:05:07.0381 4292 seclogon - ok
23:05:07.0412 4292 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
23:05:07.0506 4292 SENS - ok
23:05:07.0521 4292 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:05:07.0584 4292 SensrSvc - ok
23:05:07.0584 4292 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:05:07.0631 4292 Serenum - ok
23:05:07.0662 4292 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:05:07.0693 4292 Serial - ok
23:05:07.0724 4292 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:05:07.0771 4292 sermouse - ok
23:05:07.0818 4292 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:05:07.0911 4292 SessionEnv - ok
23:05:07.0943 4292 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:05:08.0005 4292 sffdisk - ok
23:05:08.0021 4292 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:05:08.0067 4292 sffp_mmc - ok
23:05:08.0083 4292 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:05:08.0145 4292 sffp_sd - ok
23:05:08.0145 4292 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:05:08.0192 4292 sfloppy - ok
23:05:08.0239 4292 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:05:08.0348 4292 SharedAccess - ok
23:05:08.0379 4292 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:05:08.0489 4292 ShellHWDetection - ok
23:05:08.0504 4292 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
23:05:08.0551 4292 SiSGbeLH - ok
23:05:08.0567 4292 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:05:08.0598 4292 SiSRaid2 - ok
23:05:08.0613 4292 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:05:08.0645 4292 SiSRaid4 - ok
23:05:08.0660 4292 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:05:08.0754 4292 Smb - ok
23:05:08.0801 4292 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:05:08.0816 4292 SNMPTRAP - ok
23:05:08.0816 4292 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:05:08.0847 4292 spldr - ok
23:05:08.0894 4292 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:05:08.0972 4292 Spooler - ok
23:05:09.0097 4292 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:05:09.0222 4292 sppsvc - ok
23:05:09.0237 4292 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:05:09.0300 4292 sppuinotify - ok
23:05:09.0393 4292 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:05:09.0503 4292 srv - ok
23:05:09.0549 4292 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:05:09.0612 4292 srv2 - ok
23:05:09.0627 4292 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:05:09.0690 4292 srvnet - ok
23:05:09.0737 4292 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:05:09.0830 4292 SSDPSRV - ok
23:05:09.0830 4292 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:05:09.0908 4292 SstpSvc - ok
23:05:09.0939 4292 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:05:09.0955 4292 stexstor - ok
23:05:10.0095 4292 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:05:10.0173 4292 stisvc - ok
23:05:10.0220 4292 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:05:10.0251 4292 swenum - ok
23:05:10.0361 4292 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:05:10.0454 4292 swprv - ok
23:05:10.0704 4292 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:05:10.0782 4292 SysMain - ok
23:05:10.0813 4292 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:05:10.0860 4292 TabletInputService - ok
23:05:10.0907 4292 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:05:11.0016 4292 TapiSrv - ok
23:05:11.0047 4292 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:05:11.0141 4292 TBS - ok
23:05:11.0312 4292 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:05:11.0437 4292 Tcpip - ok
23:05:11.0484 4292 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:05:11.0546 4292 TCPIP6 - ok
23:05:11.0577 4292 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:05:11.0624 4292 tcpipreg - ok
23:05:11.0687 4292 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:05:11.0749 4292 TDPIPE - ok
23:05:11.0811 4292 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:05:11.0843 4292 TDTCP - ok
23:05:11.0905 4292 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:05:12.0030 4292 tdx - ok
23:05:12.0108 4292 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:05:12.0139 4292 TermDD - ok
23:05:12.0201 4292 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:05:12.0451 4292 TermService - ok
23:05:12.0482 4292 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:05:12.0545 4292 Themes - ok
23:05:12.0560 4292 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:05:12.0638 4292 THREADORDER - ok
23:05:12.0669 4292 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:05:12.0732 4292 TrkWks - ok
23:05:12.0794 4292 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:05:12.0872 4292 TrustedInstaller - ok
23:05:12.0903 4292 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:05:12.0966 4292 tssecsrv - ok
23:05:13.0013 4292 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:05:13.0091 4292 TsUsbFlt - ok
23:05:13.0137 4292 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:05:13.0247 4292 tunnel - ok
23:05:13.0278 4292 [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
23:05:13.0309 4292 TurboB - ok
23:05:13.0356 4292 [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
23:05:13.0371 4292 TurboBoost - ok
23:05:13.0403 4292 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:05:13.0434 4292 uagp35 - ok
23:05:13.0465 4292 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:05:13.0574 4292 udfs - ok
23:05:13.0621 4292 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:05:13.0652 4292 UI0Detect - ok
23:05:13.0683 4292 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:05:13.0699 4292 uliagpkx - ok
23:05:13.0730 4292 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
23:05:13.0746 4292 umbus - ok
23:05:13.0761 4292 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:05:13.0808 4292 UmPass - ok
23:05:13.0824 4292 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:05:13.0902 4292 upnphost - ok
23:05:13.0933 4292 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:05:13.0995 4292 usbccgp - ok
23:05:14.0027 4292 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:05:14.0089 4292 usbcir - ok
23:05:14.0105 4292 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:05:14.0151 4292 usbehci - ok
23:05:14.0183 4292 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:05:14.0229 4292 usbhub - ok
23:05:14.0261 4292 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:05:14.0307 4292 usbohci - ok
23:05:14.0323 4292 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:05:14.0354 4292 usbprint - ok
23:05:14.0370 4292 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
23:05:14.0417 4292 USBSTOR - ok
23:05:14.0417 4292 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:05:14.0463 4292 usbuhci - ok
23:05:14.0510 4292 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:05:14.0557 4292 usbvideo - ok
23:05:14.0588 4292 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:05:14.0651 4292 UxSms - ok
23:05:14.0666 4292 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:05:14.0682 4292 VaultSvc - ok
23:05:14.0713 4292 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:05:14.0729 4292 vdrvroot - ok
23:05:14.0775 4292 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:05:14.0853 4292 vds - ok
23:05:14.0869 4292 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:05:14.0900 4292 vga - ok
23:05:14.0916 4292 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:05:14.0963 4292 VgaSave - ok
23:05:15.0009 4292 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:05:15.0056 4292 vhdmp - ok
23:05:15.0087 4292 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:05:15.0119 4292 viaide - ok
23:05:15.0119 4292 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:05:15.0150 4292 volmgr - ok
23:05:15.0197 4292 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:05:15.0259 4292 volmgrx - ok
23:05:15.0275 4292 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:05:15.0306 4292 volsnap - ok
23:05:15.0337 4292 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:05:15.0384 4292 vsmraid - ok
23:05:15.0446 4292 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:05:15.0555 4292 VSS - ok
23:05:15.0571 4292 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:05:15.0649 4292 vwifibus - ok
23:05:15.0649 4292 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:05:15.0696 4292 vwififlt - ok
23:05:15.0774 4292 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:05:15.0867 4292 W32Time - ok
23:05:15.0867 4292 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:05:15.0899 4292 WacomPen - ok
23:05:15.0914 4292 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:05:16.0008 4292 WANARP - ok
23:05:16.0008 4292 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:05:16.0070 4292 Wanarpv6 - ok
23:05:16.0179 4292 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:05:16.0257 4292 WatAdminSvc - ok
23:05:16.0320 4292 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:05:16.0398 4292 wbengine - ok
23:05:16.0445 4292 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:05:16.0507 4292 WbioSrvc - ok
23:05:16.0554 4292 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:05:16.0663 4292 wcncsvc - ok
23:05:16.0694 4292 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:05:16.0757 4292 WcsPlugInService - ok
23:05:16.0757 4292 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:05:16.0788 4292 Wd - ok
23:05:16.0835 4292 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:05:16.0913 4292 Wdf01000 - ok
23:05:16.0928 4292 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:05:17.0069 4292 WdiServiceHost - ok
23:05:17.0069 4292 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:05:17.0115 4292 WdiSystemHost - ok
23:05:17.0162 4292 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:05:17.0256 4292 WebClient - ok
23:05:17.0271 4292 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:05:17.0349 4292 Wecsvc - ok
23:05:17.0381 4292 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:05:17.0459 4292 wercplsupport - ok
23:05:17.0459 4292 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:05:17.0521 4292 WerSvc - ok
23:05:17.0552 4292 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:05:17.0599 4292 WfpLwf - ok
23:05:17.0646 4292 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
23:05:17.0693 4292 WimFltr - ok
23:05:17.0693 4292 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:05:17.0724 4292 WIMMount - ok
23:05:17.0755 4292 WinDefend - ok
23:05:17.0771 4292 WinHttpAutoProxySvc - ok
23:05:17.0942 4292 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:05:18.0036 4292 Winmgmt - ok
23:05:18.0114 4292 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:05:18.0317 4292 WinRM - ok
23:05:18.0379 4292 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:05:18.0441 4292 Wlansvc - ok
23:05:18.0504 4292 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:05:18.0519 4292 wlcrasvc - ok
23:05:18.0660 4292 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:05:18.0722 4292 wlidsvc - ok
23:05:18.0785 4292 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:05:18.0831 4292 WmiAcpi - ok
23:05:18.0863 4292 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:05:18.0925 4292 wmiApSrv - ok
23:05:18.0956 4292 WMPNetworkSvc - ok
23:05:18.0972 4292 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:05:19.0019 4292 WPCSvc - ok
23:05:19.0050 4292 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:05:19.0112 4292 WPDBusEnum - ok
23:05:19.0128 4292 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:05:19.0221 4292 ws2ifsl - ok
23:05:19.0237 4292 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
23:05:19.0284 4292 wscsvc - ok
23:05:19.0284 4292 WSearch - ok
23:05:19.0377 4292 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:05:19.0455 4292 wuauserv - ok
23:05:19.0502 4292 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:05:19.0549 4292 WudfPf - ok
23:05:19.0565 4292 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:05:19.0611 4292 WUDFRd - ok
23:05:19.0643 4292 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:05:19.0689 4292 wudfsvc - ok
23:05:19.0705 4292 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:05:19.0767 4292 WwanSvc - ok
23:05:19.0783 4292 ================ Scan global ===============================
23:05:19.0814 4292 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:05:19.0861 4292 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
23:05:19.0908 4292 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
23:05:19.0939 4292 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:05:19.0986 4292 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:05:20.0017 4292 [Global] - ok
23:05:20.0017 4292 ================ Scan MBR ==================================
23:05:20.0033 4292 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:05:20.0501 4292 \Device\Harddisk0\DR0 - ok
23:05:20.0501 4292 ================ Scan VBR ==================================
23:05:20.0501 4292 [ F0E0BC3C64404C324EFCA0BCC21DCEA0 ] \Device\Harddisk0\DR0\Partition1
23:05:20.0501 4292 \Device\Harddisk0\DR0\Partition1 - ok
23:05:20.0516 4292 ================ Scan active images ========================
23:05:20.0516 4292 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
23:05:20.0516 4292 C:\Windows\System32\drivers\crashdmp.sys - ok
23:05:20.0516 4292 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
23:05:20.0516 4292 C:\Windows\System32\drivers\dumpfve.sys - ok
23:05:20.0532 4292 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] C:\Windows\System32\drivers\iaStor.sys
23:05:20.0532 4292 C:\Windows\System32\drivers\iaStor.sys - ok
23:05:20.0547 4292 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
23:05:20.0547 4292 C:\Windows\System32\drivers\beep.sys - ok
23:05:20.0547 4292 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
23:05:20.0547 4292 C:\Windows\System32\drivers\cdrom.sys - ok
23:05:20.0563 4292 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
23:05:20.0563 4292 C:\Windows\System32\drivers\null.sys - ok
23:05:20.0563 4292 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
23:05:20.0563 4292 C:\Windows\System32\drivers\RDPCDD.sys - ok
23:05:20.0579 4292 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
23:05:20.0579 4292 C:\Windows\System32\drivers\RDPENCDD.sys - ok
23:05:20.0594 4292 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
23:05:20.0594 4292 C:\Windows\System32\drivers\RDPREFMP.sys - ok
23:05:20.0594 4292 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
23:05:20.0594 4292 C:\Windows\System32\drivers\vga.sys - ok
23:05:20.0610 4292 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
23:05:20.0610 4292 C:\Windows\System32\drivers\videoprt.sys - ok
23:05:20.0610 4292 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
23:05:20.0610 4292 C:\Windows\System32\drivers\watchdog.sys - ok
23:05:20.0625 4292 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
23:05:20.0625 4292 C:\Windows\System32\drivers\msfs.sys - ok
23:05:20.0641 4292 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
23:05:20.0641 4292 C:\Windows\System32\drivers\npfs.sys - ok
23:05:20.0641 4292 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
23:05:20.0641 4292 C:\Windows\System32\drivers\tdi.sys - ok
23:05:20.0657 4292 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
23:05:20.0657 4292 C:\Windows\System32\drivers\tdx.sys - ok
23:05:20.0657 4292 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
23:05:20.0657 4292 C:\Windows\System32\drivers\afd.sys - ok
23:05:20.0672 4292 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
23:05:20.0672 4292 C:\Windows\System32\drivers\netbt.sys - ok
23:05:20.0672 4292 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
23:05:20.0672 4292 C:\Windows\System32\drivers\wfplwf.sys - ok
23:05:20.0688 4292 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
23:05:20.0688 4292 C:\Windows\System32\drivers\ws2ifsl.sys - ok
23:05:20.0703 4292 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
23:05:20.0703 4292 C:\Windows\System32\drivers\pacer.sys - ok
23:05:20.0703 4292 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
23:05:20.0703 4292 C:\Windows\System32\drivers\netbios.sys - ok
23:05:20.0719 4292 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
23:05:20.0719 4292 C:\Windows\System32\drivers\vwififlt.sys - ok
23:05:20.0719 4292 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
23:05:20.0719 4292 C:\Windows\System32\drivers\wanarp.sys - ok
23:05:20.0719 4292 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
23:05:20.0719 4292 C:\Windows\System32\drivers\termdd.sys - ok
23:05:20.0735 4292 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
23:05:20.0735 4292 C:\Windows\System32\drivers\nsiproxy.sys - ok
23:05:20.0735 4292 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
23:05:20.0735 4292 C:\Windows\System32\drivers\rdbss.sys - ok
23:05:20.0735 4292 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
23:05:20.0735 4292 C:\Windows\System32\drivers\discache.sys - ok
23:05:20.0750 4292 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
23:05:20.0750 4292 C:\Windows\System32\drivers\mssmbios.sys - ok
23:05:20.0750 4292 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
23:05:20.0750 4292 C:\Windows\System32\drivers\blbdrive.sys - ok
23:05:20.0750 4292 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
23:05:20.0750 4292 C:\Windows\System32\drivers\dfsc.sys - ok
23:05:20.0766 4292 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] C:\Windows\System32\drivers\avipbb.sys
23:05:20.0766 4292 C:\Windows\System32\drivers\avipbb.sys - ok
23:05:20.0766 4292 [ CD0E732347BF09717E0BDDC0C66699AB ] C:\Windows\System32\drivers\avkmgr.sys
23:05:20.0766 4292 C:\Windows\System32\drivers\avkmgr.sys - ok
23:05:20.0781 4292 [ 1F7238A37389ED92E9D8EEE975CABD54 ] C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
23:05:20.0781 4292 C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - ok
23:05:20.0781 4292 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
23:05:20.0781 4292 C:\Windows\System32\drivers\tunnel.sys - ok
23:05:20.0781 4292 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
23:05:20.0781 4292 C:\Windows\System32\ntdll.dll - ok
23:05:20.0797 4292 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
23:05:20.0797 4292 C:\Windows\System32\smss.exe - ok
23:05:20.0797 4292 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
23:05:20.0797 4292 C:\Windows\System32\autochk.exe - ok
23:05:20.0797 4292 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] C:\Windows\System32\drivers\nvlddmkm.sys
23:05:20.0797 4292 C:\Windows\System32\drivers\nvlddmkm.sys - ok
23:05:20.0813 4292 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
23:05:20.0813 4292 C:\Windows\System32\drivers\dxgkrnl.sys - ok
23:05:20.0813 4292 [ F1BDD59D0334ABB1C66978322016080A ] C:\Windows\System32\drivers\nvBridge.kmd
23:05:20.0813 4292 C:\Windows\System32\drivers\nvBridge.kmd - ok
23:05:20.0813 4292 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
23:05:20.0813 4292 C:\Windows\System32\drivers\dxgmms1.sys - ok
23:05:20.0828 4292 [ A1CF07D24EDCDC6870535471654D957C ] C:\Windows\System32\drivers\igdkmd64.sys
23:05:20.0828 4292 C:\Windows\System32\drivers\igdkmd64.sys - ok
23:05:20.0828 4292 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
23:05:20.0828 4292 C:\Windows\System32\drivers\HECIx64.sys - ok
23:05:20.0828 4292 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
23:05:20.0828 4292 C:\Windows\System32\drivers\usbehci.sys - ok
23:05:20.0844 4292 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
23:05:20.0844 4292 C:\Windows\System32\drivers\usbport.sys - ok
23:05:20.0844 4292 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
23:05:20.0844 4292 C:\Windows\System32\drivers\hdaudbus.sys - ok
23:05:20.0844 4292 [ B4174564AD5834A1680610572477878C ] C:\Windows\System32\drivers\athrx.sys
23:05:20.0844 4292 C:\Windows\System32\drivers\athrx.sys - ok
23:05:20.0859 4292 [ 20A466B9EA2BD828C0EC723F99B8CFE7 ] C:\Windows\System32\drivers\Rt64win7.sys
23:05:20.0859 4292 C:\Windows\System32\drivers\Rt64win7.sys - ok
23:05:20.0859 4292 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
23:05:20.0859 4292 C:\Windows\System32\drivers\vwifibus.sys - ok
23:05:20.0859 4292 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
23:05:20.0859 4292 C:\Windows\System32\drivers\i8042prt.sys - ok
23:05:20.0875 4292 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
23:05:20.0875 4292 C:\Windows\System32\drivers\kbdclass.sys - ok
23:05:20.0875 4292 [ E63EF8C3271D014F14E2469CE75FECB4 ] C:\Windows\System32\drivers\kbfiltr.sys
23:05:20.0875 4292 C:\Windows\System32\drivers\kbfiltr.sys - ok
23:05:20.0891 4292 [ 5B042AA9CEBDAB5B61E747DDCEBFF51B ] C:\Windows\System32\drivers\ETD.sys
23:05:20.0891 4292 C:\Windows\System32\drivers\ETD.sys - ok
23:05:20.0891 4292 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
23:05:20.0891 4292 C:\Windows\System32\drivers\mouclass.sys - ok
23:05:20.0891 4292 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
23:05:20.0891 4292 C:\Windows\System32\drivers\CmBatt.sys - ok
23:05:20.0906 4292 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
23:05:20.0906 4292 C:\Windows\System32\drivers\intelppm.sys - ok
23:05:20.0906 4292 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
23:05:20.0906 4292 C:\Windows\System32\drivers\wmiacpi.sys - ok
23:05:20.0906 4292 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
23:05:20.0906 4292 C:\Windows\System32\drivers\CompositeBus.sys - ok
23:05:20.0922 4292 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
23:05:20.0922 4292 C:\Windows\System32\drivers\agilevpn.sys - ok
23:05:20.0922 4292 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
23:05:20.0922 4292 C:\Windows\System32\drivers\rasl2tp.sys - ok
23:05:20.0922 4292 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
23:05:20.0922 4292 C:\Windows\System32\drivers\ndistapi.sys - ok
23:05:20.0937 4292 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
23:05:20.0937 4292 C:\Windows\System32\drivers\ndiswan.sys - ok
23:05:20.0937 4292 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
23:05:20.0937 4292 C:\Windows\System32\drivers\raspppoe.sys - ok
23:05:20.0937 4292 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
23:05:20.0937 4292 C:\Windows\System32\drivers\raspptp.sys - ok
23:05:20.0953 4292 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
23:05:20.0953 4292 C:\Windows\System32\drivers\rassstp.sys - ok
23:05:20.0953 4292 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
23:05:20.0953 4292 C:\Windows\System32\drivers\ks.sys - ok
23:05:20.0953 4292 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
23:05:20.0953 4292 C:\Windows\System32\drivers\swenum.sys - ok
23:05:20.0969 4292 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] C:\Windows\System32\drivers\btath_bus.sys
23:05:20.0969 4292 C:\Windows\System32\drivers\btath_bus.sys - ok
23:05:20.0969 4292 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
23:05:20.0969 4292 C:\Windows\System32\drivers\umbus.sys - ok
23:05:20.0969 4292 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
23:05:20.0969 4292 C:\Windows\System32\drivers\usbhub.sys - ok
23:05:20.0984 4292 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
23:05:20.0984 4292 C:\Windows\System32\psapi.dll - ok
23:05:20.0984 4292 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
23:05:20.0984 4292 C:\Windows\System32\rpcrt4.dll - ok
23:05:20.0984 4292 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
23:05:20.0984 4292 C:\Windows\System32\drivers\ndproxy.sys - ok
23:05:21.0000 4292 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
23:05:21.0000 4292 C:\Windows\System32\drivers\drmk.sys - ok
23:05:21.0000 4292 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
23:05:21.0000 4292 C:\Windows\System32\drivers\portcls.sys - ok
23:05:21.0000 4292 [ 3E3926F4FA7C9162C5C3EC6BF1E4F349 ] C:\Windows\System32\drivers\RTKVHD64.sys
23:05:21.0015 4292 C:\Windows\System32\drivers\RTKVHD64.sys - ok
23:05:21.0015 4292 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
23:05:21.0015 4292 C:\Windows\System32\drivers\ksthunk.sys - ok
23:05:21.0015 4292 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
23:05:21.0015 4292 C:\Windows\System32\drivers\IntcDAud.sys - ok
23:05:21.0031 4292 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
23:05:21.0031 4292 C:\Windows\System32\clbcatq.dll - ok
23:05:21.0031 4292 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
23:05:21.0031 4292 C:\Windows\System32\msvcrt.dll - ok
23:05:21.0031 4292 [ 486720DA2B3BB13D1080C83140C18B56 ] C:\Windows\System32\drivers\btfilter.sys
23:05:21.0031 4292 C:\Windows\System32\drivers\btfilter.sys - ok
23:05:21.0031 4292 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
23:05:21.0031 4292 C:\Windows\System32\drivers\bthport.sys - ok
23:05:21.0047 4292 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
23:05:21.0047 4292 C:\Windows\System32\drivers\BTHUSB.SYS - ok
23:05:21.0047 4292 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
23:05:21.0047 4292 C:\Windows\System32\drivers\usbd.sys - ok
23:05:21.0047 4292 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
23:05:21.0047 4292 C:\Windows\System32\drivers\usbccgp.sys - ok
23:05:21.0062 4292 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
23:05:21.0062 4292 C:\Windows\System32\drivers\usbvideo.sys - ok
23:05:21.0062 4292 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
23:05:21.0062 4292 C:\Windows\System32\imagehlp.dll - ok
23:05:21.0062 4292 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
23:05:21.0062 4292 C:\Windows\System32\wininet.dll - ok
23:05:21.0078 4292 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
23:05:21.0078 4292 C:\Windows\System32\nsi.dll - ok
23:05:21.0078 4292 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
23:05:21.0078 4292 C:\Windows\System32\urlmon.dll - ok
23:05:21.0078 4292 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
23:05:21.0093 4292 C:\Windows\System32\gdi32.dll - ok
23:05:21.0093 4292 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
23:05:21.0093 4292 C:\Windows\System32\sechost.dll - ok
23:05:21.0093 4292 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
23:05:21.0093 4292 C:\Windows\System32\shlwapi.dll - ok
23:05:21.0093 4292 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
23:05:21.0109 4292 C:\Windows\System32\Wldap32.dll - ok
23:05:21.0109 4292 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
23:05:21.0109 4292 C:\Windows\System32\difxapi.dll - ok
23:05:21.0109 4292 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
23:05:21.0109 4292 C:\Windows\System32\normaliz.dll - ok
23:05:21.0125 4292 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
23:05:21.0125 4292 C:\Windows\System32\kernel32.dll - ok
23:05:21.0125 4292 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
23:05:21.0125 4292 C:\Windows\System32\usp10.dll - ok
23:05:21.0125 4292 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
23:05:21.0125 4292 C:\Windows\System32\lpk.dll - ok
23:05:21.0125 4292 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
23:05:21.0140 4292 C:\Windows\System32\shell32.dll - ok
23:05:21.0140 4292 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
23:05:21.0140 4292 C:\Windows\System32\ws2_32.dll - ok
23:05:21.0140 4292 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
23:05:21.0140 4292 C:\Windows\System32\drivers\rfcomm.sys - ok
23:05:21.0156 4292 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
23:05:21.0156 4292 C:\Windows\System32\drivers\bthenum.sys - ok
23:05:21.0156 4292 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
23:05:21.0156 4292 C:\Windows\System32\drivers\bthpan.sys - ok
23:05:21.0156 4292 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] C:\Windows\System32\drivers\btath_rcp.sys
23:05:21.0156 4292 C:\Windows\System32\drivers\btath_rcp.sys - ok
23:05:21.0171 4292 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
23:05:21.0171 4292 C:\Windows\System32\drivers\hidclass.sys - ok
23:05:21.0171 4292 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
23:05:21.0171 4292 C:\Windows\System32\drivers\hidparse.sys - ok
23:05:21.0171 4292 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
23:05:21.0171 4292 C:\Windows\System32\oleaut32.dll - ok
23:05:21.0187 4292 [ 227C8F308DE4AF4808E587465CEAB838 ] C:\Windows\System32\drivers\btath_a2dp.sys
23:05:21.0187 4292 C:\Windows\System32\drivers\btath_a2dp.sys - ok
23:05:21.0187 4292 [ C864FF85EE16D61C2BDD5EF76824625F ] C:\Windows\System32\drivers\btath_hcrp.sys
23:05:21.0187 4292 C:\Windows\System32\drivers\btath_hcrp.sys - ok
23:05:21.0187 4292 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
23:05:21.0187 4292 C:\Windows\System32\iertutil.dll - ok
23:05:21.0203 4292 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
23:05:21.0203 4292 C:\Windows\System32\msctf.dll - ok
23:05:21.0203 4292 [ CBE61B4494165F458BD87E37181EE934 ] C:\Windows\System32\drivers\btath_flt.sys
23:05:21.0203 4292 C:\Windows\System32\drivers\btath_flt.sys - ok
23:05:21.0203 4292 [ 0DEA505EFB5D771826D177EF8B8A208F ] C:\Windows\System32\drivers\btath_lwflt.sys
23:05:21.0203 4292 C:\Windows\System32\drivers\btath_lwflt.sys - ok
23:05:21.0218 4292 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
23:05:21.0218 4292 C:\Windows\System32\advapi32.dll - ok
23:05:21.0218 4292 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
23:05:21.0218 4292 C:\Windows\System32\imm32.dll - ok
23:05:21.0218 4292 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
23:05:21.0218 4292 C:\Windows\System32\user32.dll - ok
23:05:21.0234 4292 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
23:05:21.0234 4292 C:\Windows\System32\ole32.dll - ok
23:05:21.0234 4292 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
23:05:21.0234 4292 C:\Windows\System32\setupapi.dll - ok
23:05:21.0234 4292 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
23:05:21.0234 4292 C:\Windows\System32\comdlg32.dll - ok
23:05:21.0249 4292 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
23:05:21.0249 4292 C:\Windows\System32\crypt32.dll - ok
23:05:21.0249 4292 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
23:05:21.0249 4292 C:\Windows\System32\cfgmgr32.dll - ok
23:05:21.0249 4292 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
23:05:21.0249 4292 C:\Windows\System32\comctl32.dll - ok
23:05:21.0265 4292 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
23:05:21.0265 4292 C:\Windows\System32\devobj.dll - ok
23:05:21.0265 4292 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
23:05:21.0265 4292 C:\Windows\System32\KernelBase.dll - ok
23:05:21.0265 4292 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
23:05:21.0265 4292 C:\Windows\System32\wintrust.dll - ok
23:05:21.0281 4292 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
23:05:21.0281 4292 C:\Windows\System32\msasn1.dll - ok
23:05:21.0281 4292 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
23:05:21.0281 4292 C:\Windows\SysWOW64\normaliz.dll - ok
23:05:21.0281 4292 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
23:05:21.0281 4292 C:\Windows\System32\drivers\dxapi.sys - ok
23:05:21.0296 4292 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
23:05:21.0296 4292 C:\Windows\System32\win32k.sys - ok
23:05:21.0296 4292 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
23:05:21.0296 4292 C:\Windows\System32\basesrv.dll - ok
23:05:21.0296 4292 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
23:05:21.0296 4292 C:\Windows\System32\csrsrv.dll - ok
23:05:21.0312 4292 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
23:05:21.0312 4292 C:\Windows\System32\csrss.exe - ok
23:05:21.0312 4292 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
23:05:21.0312 4292 C:\Windows\System32\winsrv.dll - ok
23:05:21.0312 4292 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
23:05:21.0312 4292 C:\Windows\System32\drivers\monitor.sys - ok
23:05:21.0328 4292 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
23:05:21.0328 4292 C:\Windows\System32\profapi.dll - ok
23:05:21.0328 4292 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
23:05:21.0328 4292 C:\Windows\System32\sxssrv.dll - ok
23:05:21.0328 4292 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
23:05:21.0328 4292 C:\Windows\System32\tsddd.dll - ok
23:05:21.0343 4292 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
23:05:21.0343 4292 C:\Windows\System32\wininit.exe - ok
23:05:21.0343 4292 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
23:05:21.0343 4292 C:\Windows\System32\cdd.dll - ok
23:05:21.0343 4292 [ EED44628940EF70EF854FDA315D913B7 ] C:\Windows\System32\KBDFI.DLL
23:05:21.0343 4292 C:\Windows\System32\KBDFI.DLL - ok
23:05:21.0359 4292 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
23:05:21.0359 4292 C:\Windows\System32\RpcRtRemote.dll - ok
23:05:21.0359 4292 [ 5A96AFD05FBEC196D9FC531D8238F2FD ] C:\Windows\System32\KBDFI1.DLL
23:05:21.0359 4292 C:\Windows\System32\KBDFI1.DLL - ok
23:05:21.0359 4292 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
23:05:21.0359 4292 C:\Windows\System32\KBDUS.DLL - ok
23:05:21.0374 4292 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
23:05:21.0374 4292 C:\Windows\System32\sxs.dll - ok
23:05:21.0374 4292 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
23:05:21.0374 4292 C:\Windows\System32\WlS0WndH.dll - ok
23:05:21.0374 4292 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
23:05:21.0374 4292 C:\Windows\System32\cryptbase.dll - ok
23:05:21.0390 4292 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
23:05:21.0390 4292 C:\Windows\System32\winlogon.exe - ok
23:05:21.0390 4292 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
23:05:21.0390 4292 C:\Windows\System32\winsta.dll - ok
23:05:21.0390 4292 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
23:05:21.0390 4292 C:\Windows\System32\apphelp.dll - ok
23:05:21.0406 4292 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
23:05:21.0406 4292 C:\Windows\System32\lsasrv.dll - ok
23:05:21.0406 4292 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
23:05:21.0406 4292 C:\Windows\System32\lsass.exe - ok
23:05:21.0406 4292 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
23:05:21.0406 4292 C:\Windows\System32\lsm.exe - ok
23:05:21.0421 4292 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
23:05:21.0421 4292 C:\Windows\System32\scext.dll - ok
23:05:21.0421 4292 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
23:05:21.0421 4292 C:\Windows\System32\secur32.dll - ok
23:05:21.0421 4292 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
23:05:21.0421 4292 C:\Windows\System32\services.exe - ok
23:05:21.0437 4292 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
23:05:21.0437 4292 C:\Windows\System32\sspicli.dll - ok
23:05:21.0437 4292 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
23:05:21.0437 4292 C:\Windows\System32\sspisrv.dll - ok
23:05:21.0437 4292 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
23:05:21.0437 4292 C:\Windows\System32\sysntfy.dll - ok
23:05:21.0452 4292 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
23:05:21.0452 4292 C:\Windows\System32\wmsgapi.dll - ok
23:05:21.0452 4292 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
23:05:21.0452 4292 C:\Windows\System32\scesrv.dll - ok
23:05:21.0452 4292 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
23:05:21.0452 4292 C:\Windows\System32\samsrv.dll - ok
23:05:21.0468 4292 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
23:05:21.0468 4292 C:\Windows\System32\srvcli.dll - ok
23:05:21.0468 4292 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
23:05:21.0468 4292 C:\Windows\System32\cryptdll.dll - ok
23:05:21.0468 4292 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
23:05:21.0468 4292 C:\Windows\System32\wevtapi.dll - ok
23:05:21.0484 4292 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
23:05:21.0484 4292 C:\Windows\System32\authz.dll - ok
23:05:21.0484 4292 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
23:05:21.0484 4292 C:\Windows\System32\cngaudit.dll - ok
23:05:21.0484 4292 [ 9B3718651DDE8A75FC4E8D6542A250D8 ] C:\Windows\System32\ncrypt.dll
23:05:21.0484 4292 C:\Windows\System32\ncrypt.dll - ok
23:05:21.0499 4292 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
23:05:21.0499 4292 C:\Windows\System32\bcrypt.dll - ok
23:05:21.0499 4292 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
23:05:21.0499 4292 C:\Windows\System32\msprivs.dll - ok
23:05:21.0499 4292 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
23:05:21.0499 4292 C:\Windows\System32\netjoin.dll - ok
23:05:21.0515 4292 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
23:05:21.0515 4292 C:\Windows\System32\kerberos.dll - ok
23:05:21.0515 4292 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
23:05:21.0515 4292 C:\Windows\System32\negoexts.dll - ok
23:05:21.0515 4292 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
23:05:21.0515 4292 C:\Windows\System32\cryptsp.dll - ok
23:05:21.0530 4292 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
23:05:21.0530 4292 C:\Windows\System32\mswsock.dll - ok
23:05:21.0530 4292 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
23:05:21.0530 4292 C:\Windows\System32\msv1_0.dll - ok
23:05:21.0530 4292 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
23:05:21.0530 4292 C:\Windows\System32\wship6.dll - ok
23:05:21.0546 4292 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
23:05:21.0546 4292 C:\Windows\System32\netlogon.dll - ok
23:05:21.0546 4292 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
23:05:21.0546 4292 C:\Windows\System32\dnsapi.dll - ok
23:05:21.0546 4292 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
23:05:21.0546 4292 C:\Windows\System32\logoncli.dll - ok
23:05:21.0562 4292 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
23:05:21.0562 4292 C:\Windows\System32\schannel.dll - ok
23:05:21.0562 4292 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
23:05:21.0562 4292 C:\Windows\System32\wdigest.dll - ok
23:05:21.0562 4292 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
23:05:21.0562 4292 C:\Windows\System32\pku2u.dll - ok
23:05:21.0577 4292 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
23:05:21.0577 4292 C:\Windows\System32\rsaenh.dll - ok
23:05:21.0577 4292 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
23:05:21.0577 4292 C:\Windows\System32\TSpkg.dll - ok
23:05:21.0577 4292 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
23:05:21.0577 4292 C:\Windows\System32\LIVESSP.DLL - ok
23:05:21.0593 4292 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
23:05:21.0593 4292 C:\Windows\System32\bcryptprimitives.dll - ok
23:05:21.0593 4292 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
23:05:21.0593 4292 C:\Windows\System32\efslsaext.dll - ok
23:05:21.0593 4292 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
23:05:21.0593 4292 C:\Windows\System32\credssp.dll - ok
23:05:21.0608 4292 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
23:05:21.0608 4292 C:\Windows\System32\scecli.dll - ok
23:05:21.0608 4292 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
23:05:21.0608 4292 C:\Windows\System32\ubpm.dll - ok
23:05:21.0608 4292 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
23:05:21.0608 4292 C:\Windows\System32\svchost.exe - ok
23:05:21.0624 4292 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
23:05:21.0624 4292 C:\Windows\System32\umpnpmgr.dll - ok
23:05:21.0624 4292 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
-
Combofix worked completed the scan and removals in ten minutes or so. It went otherwise normally, but at the beginning avira antivir pop up informed that it had blocked a program that tried to access registry, even though I disabled the realtime functionality of avira.
The computer seems to work fine, though the problems that I had were rather infrequent(the ip blocks, rare momentary browser freezes) to begin and the trial version of mbam has now expired, so I can't really tell if they're gone.
ComboFix 12-12-28.02 - Donald 28.12.2012 20:48:42.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4008.2625 [GMT 2:00]
Sijainti: c:\users\Donald\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Uusi palautuspiste luotu
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\AsFac.log
c:\windows\msvcr71.dll
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-11-28 to 2012-12-28 )))))))))))))))))
.
.
2012-12-28 18:55 . 2012-12-28 18:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-28 18:55 . 2012-12-28 18:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-27 18:30 . 2012-12-27 18:30 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-22 12:43 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 12:43 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 12:43 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 12:43 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-15 11:22 . 2012-12-28 10:46 -------- d-----w- C:\files
2012-12-14 12:50 . 2012-12-28 10:12 -------- d-----w- C:\downloads
2012-12-14 12:38 . 2012-12-14 12:39 -------- d-----w- c:\users\normi
2012-12-14 01:21 . 2012-12-14 01:21 -------- d-----w- c:\programdata\Malwarebytes
2012-12-14 01:21 . 2012-12-14 01:21 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-14 01:21 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-14 00:48 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-12-14 00:47 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-12-13 23:50 . 2012-12-13 23:50 -------- d-----w- c:\windows\system32\SPReview
2012-12-13 23:50 . 2012-12-13 23:50 -------- d-----w- c:\windows\system32\EventProviders
2012-12-13 23:37 . 2010-11-20 13:33 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-12-13 23:36 . 2010-11-20 13:27 35840 ----a-w- c:\windows\system32\msdmo.dll
2012-12-13 23:34 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-12-13 23:34 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-12-13 23:34 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-12-13 22:54 . 2012-12-13 22:54 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-12-13 22:40 . 2012-12-03 13:36 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-12-13 22:40 . 2012-12-03 13:36 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-12-13 22:40 . 2012-11-16 18:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-12-13 22:40 . 2012-12-13 22:40 -------- d-----w- c:\programdata\Avira
2012-12-13 22:40 . 2012-12-13 22:40 -------- d-----w- c:\program files (x86)\Avira
2012-12-13 22:27 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-12-13 22:27 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-12-13 22:27 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-12-13 21:50 . 2012-12-13 21:50 -------- d-----w- c:\windows\SysWow64\Wat
2012-12-13 21:50 . 2012-12-13 21:50 -------- d-----w- c:\windows\system32\Wat
2012-12-13 21:33 . 2012-11-18 23:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F89374FA-520B-42AB-82DC-4BB82AFBE426}\mpengine.dll
2012-12-13 21:21 . 2012-07-26 07:45 2560 ----a-w- c:\windows\system32\drivers\sv-SE\wdf01000.sys.mui
2012-12-13 21:21 . 2012-07-26 07:31 2560 ----a-w- c:\windows\system32\drivers\da-DK\wdf01000.sys.mui
2012-12-13 21:21 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\nb-NO\wdf01000.sys.mui
2012-12-13 21:21 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\fi-FI\wdf01000.sys.mui
2012-12-13 21:21 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-12-13 21:21 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 21:21 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 21:21 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 21:16 . 2012-11-28 13:58 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-13 21:13 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-12-13 21:07 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 21:07 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 21:07 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-13 21:07 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 21:07 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 21:07 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 21:07 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 21:06 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-12-13 21:06 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-12-13 21:06 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-12-13 21:06 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-12-13 21:06 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-12-13 21:05 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-12-13 21:05 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2012-12-13 21:05 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-12-13 21:05 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-12-13 21:03 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-12-13 21:02 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-12-13 20:36 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-12-13 20:36 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-12-13 20:36 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-12-13 20:36 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-12-13 20:36 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-12-13 20:36 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-12-13 20:36 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-12-13 20:36 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-12-13 20:36 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-12-13 19:29 . 2012-12-14 00:39 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-12-13 19:29 . 2012-12-13 19:31 -------- d-----w- C:\ASUS.DAT
2012-12-13 19:29 . 2012-12-13 19:29 -------- d-----w- c:\users\Donald
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 00:24 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-12-14 00:24 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-12-13 22:25 . 2010-06-24 18:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-16 08:38 . 2012-12-13 21:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-13 21:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-13 21:04 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 00:22 . 2012-10-10 00:22 80384 ----a-w- c:\windows\system32\igdde64.dll
2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-10-10 00:22 . 2012-10-10 00:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll
2012-10-10 00:22 . 2012-10-10 00:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-10-10 00:22 . 2012-10-10 00:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe
2012-10-10 00:22 . 2012-10-10 00:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-10-10 00:22 . 2012-10-10 00:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-10-10 00:22 . 2012-10-10 00:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-10-10 00:22 . 2012-10-10 00:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-10-10 00:22 . 2012-10-10 00:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-10-10 00:22 . 2012-10-10 00:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-10-10 00:22 . 2012-10-10 00:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-10-10 00:22 . 2012-10-10 00:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-10-10 00:22 . 2011-03-23 12:19 12836864 ----a-w- c:\windows\system32\igd10umd64.dll
2012-10-10 00:22 . 2011-03-23 12:19 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-10-10 00:22 . 2012-10-10 00:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-10-10 00:22 . 2012-10-10 00:22 12604416 ----a-w- c:\windows\system32\igdumd64.dll
2012-10-10 00:22 . 2012-10-10 00:22 441888 ----a-w- c:\windows\system32\igfxpers.exe
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-10-10 00:22 . 2012-10-10 00:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-10-10 00:22 . 2012-10-10 00:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-10-10 00:22 . 2012-10-10 00:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-10 00:22 . 2012-10-10 00:22 441856 ----a-w- c:\windows\system32\igfxdev.dll
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-10-10 00:22 . 2012-10-10 00:22 399392 ----a-w- c:\windows\system32\hkcmd.exe
2012-10-10 00:22 . 2012-10-10 00:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin
2012-10-10 00:22 . 2012-10-10 00:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-10-10 00:22 . 2012-10-10 00:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll
2012-10-10 00:22 . 2011-03-23 12:19 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-10 00:22 . 2011-03-23 12:19 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-10-10 00:22 . 2012-10-10 00:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-10-10 00:22 . 2012-10-10 00:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-10-10 00:22 . 2012-10-10 00:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-10-10 00:22 . 2012-10-10 00:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-10-10 00:22 . 2012-10-10 00:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-10 00:22 . 2012-10-10 00:22 185376 ----a-w- c:\windows\system32\difx64.exe
2012-10-10 00:22 . 2012-10-10 00:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-10-10 00:22 . 2012-10-10 00:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll
2012-10-10 00:22 . 2012-10-10 00:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-10-10 00:22 . 2012-10-10 00:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-10-10 00:22 . 2012-10-10 00:22 171040 ----a-w- c:\windows\system32\igfxtray.exe
2012-10-10 00:22 . 2012-10-10 00:22 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-10-10 00:22 . 2012-10-10 00:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-10 00:22 . 2012-10-10 00:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-10-10 00:22 . 2012-10-10 00:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-10-10 00:22 . 2012-10-10 00:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-10-10 00:22 . 2012-10-10 00:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-10-10 00:22 . 2012-10-10 00:22 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-10-10 00:22 . 2012-10-10 00:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin
2012-10-10 00:22 . 2012-10-10 00:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2012-10-10 00:22 . 2012-10-10 00:22 386048 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-10 00:22 . 2012-10-10 00:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll
2012-10-10 00:22 . 2012-10-10 00:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-10-10 00:22 . 2012-10-10 00:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-10-10 00:22 . 2012-10-10 00:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-10-10 00:22 . 2012-10-10 00:22 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-10-10 00:22 . 2012-10-10 00:22 252448 ----a-w- c:\windows\system32\igfxext.exe
2012-10-10 00:22 . 2011-03-23 12:19 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-10-10 00:22 . 2012-10-10 00:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-10-10 00:22 . 2012-10-10 00:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-10-10 00:22 . 2012-10-10 00:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-10-08 09:42 . 2012-10-08 09:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-08 09:42 . 2012-10-08 09:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-08 09:42 . 2012-10-08 09:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-08 09:42 . 2012-10-08 09:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-08 09:42 . 2012-10-08 09:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-08 09:42 . 2012-10-08 09:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-08 09:42 . 2012-10-08 09:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-08 09:42 . 2011-03-23 13:12 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-08 09:42 . 2012-10-08 09:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-08 09:42 . 2012-10-08 09:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-08 09:42 . 2012-10-08 09:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-10-08 09:42 . 2012-10-08 09:42 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-08 09:42 . 2012-10-08 09:42 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-08 09:42 . 2012-10-08 09:42 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-08 09:42 . 2011-03-23 13:12 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-08 09:42 . 2012-10-08 09:42 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-08 09:42 . 2012-10-08 09:42 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-08 09:42 . 2012-10-08 09:42 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-08 09:42 . 2012-10-08 09:42 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-08 09:42 . 2012-10-08 09:42 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-08 09:42 . 2011-03-23 13:12 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-08 09:42 . 2012-10-08 09:42 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-04 384800]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-3-23 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-3-23 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-13 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-11-30 379520]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 333928]
.
.
'Ajoitetut tehtävät'-kansion sisältö
.
2012-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]
.
2012-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-23 2188904]
"AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]
"AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Täydentävä tarkistus -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.254.254 192.168.254.254
.
- - - - POISTETUT JÄMÄRIVIT - - - -
.
Toolbar-Locked - (no file)
SafeBoot-71783896.sys
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Valmistumisajankohta: 2012-12-28 20:58:35
ComboFix-quarantined-files.txt 2012-12-28 18:58
.
Ennen ajoa: 439 029 219 328 tavua vapaana
Ajon jälkeen: 439 297 241 088 tavua vapaana
.
- - End Of File - - A0A96F946267540A3FAE2E2A9ED0792C
-
Nothing seems different on the computer, though the ip blocks were irregular occurences to start with. I also failed to mention on the first post that I ran TDSS killer before contacting this forum. The one suspicious file it removed is mentioned below.
20:29:48.0633 3728 Detected object count: 1
20:29:48.0633 3728 Actual detected object count: 1
20:30:28.0241 3728 C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe - copied to quarantine
20:30:28.0241 3728 HKLM\SYSTEM\ControlSet001\services\Atheros Bt&Wlan Coex Agent - will be deleted on reboot
20:30:28.0287 3728 HKLM\SYSTEM\ControlSet002\services\Atheros Bt&Wlan Coex Agent - will be deleted on reboot
20:30:28.0506 3728 C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe - will be deleted on reboot
20:30:28.0506 3728 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Delete
20:31:13.0106 2472 Deinitialize success
Rest of the scans.
Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware versio 1.65.1.1000
Google Chrome 23.0.1271.97
Google Chrome 3.0.195.27
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
# AdwCleaner v2.103 - Logfile created 12/28/2012 at 12:28:03
# Updated 25/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Donald - DONALD-PC
# Boot Mode : Normal
# Running from : C:\Users\Donald\Desktop\adwcleaner.exe
# Option [Delete]
***** [services] *****
***** [Files / Folders] *****
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Donald\AppData\Local\APN
Folder Deleted : C:\Users\Donald\AppData\Local\Temp\AskSearch
***** [Registry] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4f73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
***** [internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Registry is clean.
-\\ Google Chrome v23.0.1271.97
File : C:\Users\Donald\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\normi\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
Roguekiller
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 3 ¤¤¤
[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\Run : Nuance PDF Reader-reminder ("C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini") -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BPVT-80HXZT1 +++++
--- User ---
[MBR] 808d1b6df875075220a521a048472825
[bSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45062328 | Size: 454935 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_12282012_02d1235.txt >>
RKreport[1]_S_12282012_02d1235.txt
-
Hello,
Full scans with Avira and mbam show nothing. About six months ago I had a similar problem and opted in the end to reset the system factory settings using the recovery partition in the laptop, since scans indicated a previous ZeroAccess rootkit infection.
I'd again prefer to reformat the drives and reset the OS to factory settings by using the recovery partition, but I'm wondering if the hard drive recovery partition can be -or was- compromised earlier. I regrettably don't have a separate dvd backup of the partition that predates the infection.
Last time:
http://forums.malwar...l=&fromsearch=1
Blocks:
94.242.251.103 (Type: outgoing, Port: 53363, Process: chrome.exe)
2012/12/27 20:21:32 +0200 DONALD-PC normi IP-BLOCK 109.236.82.186 (Type: outgoing, Port: 54803, Process: chrome.exe)
2012/12/27 20:21:32 +0200 DONALD-PC normi IP-BLOCK 94.242.251.103 (Type: outgoing, Port: 54804, Process: chrome.exe)
DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457
Run by Donald at 5:14:11 on 2012-12-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4008.2063
[GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-
DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:
\ProgramData\Partner\Partner.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program
Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6}
- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-
1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion
\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:
\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program
Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint
\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint"
UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go
\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go"
UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF
Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media
\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey
\HControlUser.exe
mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus
\SonicFocusTray.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console
3\wcourier.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup
\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup
\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-
FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-
65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion
\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-
E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer
\WriterBrowserExtension.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-
11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll
TCP: NameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{5BFECA8C-2C50-4D21-84A5-BC2F322CCCB6} : DHCPNameServer =
192.168.254.254 192.168.254.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files
(x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://asus.msn.com
x64-BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:
\ProgramData\Partner\Partner64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-
5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live
\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:
\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program
Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage
\SERVICE\AsusWSService.exe
x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel
\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Atheros\Bluetooth Suite
\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Atheros\Bluetooth Suite
\AthBtTray.exe"
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [setwallpaper] c:\programdata\SetWallpaper.cmd
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-10-8
30056]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package
\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-12-14 27800]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-3-23 379520]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira
\AntiVir Desktop\sched.exe [2012-12-14 85280]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira
\AntiVir Desktop\avguard.exe [2012-12-14 109344]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX
\ASMMAP64.sys [2009-7-3 15416]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Atheros\Bluetooth Suite
\AdminService.exe [2010-11-26 52896]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-12-14
99912]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-
Malware\mbamscheduler.exe [2012-12-14 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-
Malware\mbamservice.exe [2012-12-14 676936]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers
\TurboB.sys [2010-4-17 13832]
R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files
\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys
[2010-11-26 28832]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys
[2010-12-13 138024]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys
[2010-10-14 317440]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-
12-14 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys
[2011-3-23 333928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN
v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
[2010-3-18 138576]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers
\btath_flt.sys [2010-11-26 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers
\btath_a2dp.sys [2010-11-26 298144]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers
\btath_hcrp.sys [2010-11-26 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers
\btath_lwflt.sys [2010-11-26 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers
\btath_rcp.sys [2010-11-26 154272]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-11-26
275616]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-3-23 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows
Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2011
-3-23 332272]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows
\System32\drivers\rdpvideominiport.sys [2012-12-14 19456]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows
\System32\drivers\rtsuvstor.sys [2011-3-23 290920]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows
\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-14
57856]
S3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;C:\Windows
\System32\Wat\WatAdminSvc.exe [2012-12-13 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files
\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-12-27 18:30:28 -------- d-----w- C:
\TDSSKiller_Quarantine
2012-12-22 12:43:47 46080 ----a-w- C:\Windows
\System32\atmlib.dll
2012-12-22 12:43:47 367616 ----a-w- C:\Windows
\System32\atmfd.dll
2012-12-22 12:43:47 34304 ----a-w- C:\Windows
\SysWow64\atmlib.dll
2012-12-22 12:43:46 295424 ----a-w- C:\Windows
\SysWow64\atmfd.dll
2012-12-15 11:22:52 -------- d-----w- C:\files
2012-12-14 12:50:50 -------- d-----w- C:\downloads
2012-12-14 01:21:14 -------- d-----w- C:\Users\Donald
\AppData\Roaming\Malwarebytes
2012-12-14 01:21:06 -------- d-----w- C:\ProgramData
\Malwarebytes
2012-12-14 01:21:05 25928 ----a-w- C:\Windows\System32\drivers
\mbam.sys
2012-12-14 01:21:05 -------- d-----w- C:\Program Files
(x86)\Malwarebytes' Anti-Malware
2012-12-14 00:48:26 96768 ----a-w- C:\Windows
\SysWow64\sspicli.dll
2012-12-14 00:47:22 245760 ----a-w- C:\Windows
\System32\OxpsConverter.exe
2012-12-13 23:50:54 -------- d-----w- C:\Windows
\System32\SPReview
2012-12-13 23:50:27 -------- d-----w- C:\Windows
\System32\EventProviders
2012-12-13 23:37:59 982912 ----a-w- C:\Windows\System32\drivers
\dxgkrnl.sys
2012-12-13 23:36:59 70656 ----a-w- C:\Windows
\SysWow64\amstream.dll
2012-12-13 23:34:57 529408 ----a-w- C:\Windows
\System32\wbemcomn.dll
2012-12-13 23:34:57 244736 ----a-w- C:\Program Files\Windows
Portable Devices\sqmapi.dll
2012-12-13 23:34:51 244736 ----a-w- C:\Windows
\System32\sqmapi.dll
2012-12-13 22:42:59 -------- d-----w- C:\Users\Donald
\AppData\Roaming\Avira
2012-12-13 22:40:07 -------- d-----w- C:\Users\Donald
\AppData\Local\APN
2012-12-13 22:40:02 99912 ----a-w- C:\Windows\System32\drivers
\avgntflt.sys
2012-12-13 22:40:02 27800 ----a-w- C:\Windows\System32\drivers
\avkmgr.sys
2012-12-13 22:40:01 -------- d-----w- C:\ProgramData\Avira
2012-12-13 22:40:01 -------- d-----w- C:\Program Files
(x86)\Avira
2012-12-13 22:27:42 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-12-13 22:27:42 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-12-13 22:27:42 1139200 ----a-w- C:\Windows
\System32\FntCache.dll
2012-12-13 21:50:13 -------- d-----w- C:\Windows
\SysWow64\Wat
2012-12-13 21:50:13 -------- d-----w- C:\Windows
\System32\Wat
2012-12-13 21:33:20 9125352 ----a-w- C:\ProgramData\Microsoft
\Windows Defender\Definition Updates\{F89374FA-520B-42AB-82DC-
4BB82AFBE426}\mpengine.dll
2012-12-13 21:21:44 2560 ----a-w- C:\Windows\System32\drivers
\sv-SE\wdf01000.sys.mui
2012-12-13 21:21:44 2560 ----a-w- C:\Windows\System32\drivers
\nb-NO\wdf01000.sys.mui
2012-12-13 21:21:44 2560 ----a-w- C:\Windows\System32\drivers
\fi-FI\wdf01000.sys.mui
2012-12-13 21:21:44 2560 ----a-w- C:\Windows\System32\drivers
\en-US\wdf01000.sys.mui
2012-12-13 21:21:44 2560 ----a-w- C:\Windows\System32\drivers
\da-DK\wdf01000.sys.mui
2012-12-13 21:21:43 9728 ----a-w- C:\Windows
\System32\Wdfres.dll
2012-12-13 21:21:43 785512 ----a-w- C:\Windows\System32\drivers
\Wdf01000.sys
2012-12-13 21:21:43 54376 ----a-w- C:\Windows\System32\drivers
\WdfLdr.sys
2012-12-13 21:13:04 294912 ----a-w- C:\Windows
\System32\browserchoice.exe
2012-12-13 21:07:18 87040 ----a-w- C:\Windows\System32\drivers
\WUDFPf.sys
2012-12-13 21:07:18 198656 ----a-w- C:\Windows\System32\drivers
\WUDFRd.sys
2012-12-13 21:07:17 84992 ----a-w- C:\Windows
\System32\WUDFSvc.dll
2012-12-13 21:07:17 744448 ----a-w- C:\Windows
\System32\WUDFx.dll
2012-12-13 21:07:17 45056 ----a-w- C:\Windows
\System32\WUDFCoinstaller.dll
2012-12-13 21:07:17 229888 ----a-w- C:\Windows
\System32\WUDFHost.exe
2012-12-13 21:07:17 194048 ----a-w- C:\Windows
\System32\WUDFPlatform.dll
2012-12-13 21:06:17 81408 ----a-w- C:\Windows
\System32\imagehlp.dll
2012-12-13 21:06:17 23408 ----a-w- C:\Windows\System32\drivers
\fs_rec.sys
2012-12-13 21:06:17 159232 ----a-w- C:\Windows
\SysWow64\imagehlp.dll
2012-12-13 21:06:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-12-13 21:06:16 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-12-13 21:05:14 1659760 ----a-w- C:\Windows\System32\drivers
\ntfs.sys
2012-12-13 21:05:09 1544704 ----a-w- C:\Windows
\System32\DWrite.dll
2012-12-13 21:05:09 1077248 ----a-w- C:\Windows
\SysWow64\DWrite.dll
2012-12-13 21:03:59 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2012-12-13 21:02:59 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-12-13 20:50:51 -------- d-----w- C:\Users\Donald
\AppData\Local\Google
2012-12-13 20:36:51 2622464 ----a-w- C:\Windows
\System32\wucltux.dll
2012-12-13 20:36:47 99840 ----a-w- C:\Windows
\System32\wudriver.dll
2012-12-13 20:36:45 36864 ----a-w- C:\Windows
\System32\wuapp.exe
2012-12-13 20:36:45 186752 ----a-w- C:\Windows
\System32\wuwebv.dll
2012-12-13 19:31:27 -------- d-----w- C:\Users\Donald
\AppData\Roaming\Asus WebStorage
2012-12-13 19:31:09 -------- d-----w- C:\Users\Donald
\AppData\Local\BMExplorer
.
==================== Find3M ====================
.
2012-12-14 00:39:29 45056 ----a-w- C:\Windows
\System32\acovcnt.exe
2012-12-14 00:24:12 175616 ----a-w- C:\Windows
\System32\msclmd.dll
2012-12-14 00:24:12 152576 ----a-w- C:\Windows
\SysWow64\msclmd.dll
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows
\System32\win32k.sys
2012-11-09 05:45:09 2048 ----a-w- C:\Windows
\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows
\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows
\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows
\SysWow64\dpnet.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch
\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch
\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch
\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows
\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows
\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows
\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows
\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows
\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows
\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows
\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows
\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows
\System32\ntvdm64.dll
2012-10-04 17:41:16 424960 ----a-w- C:\Windows
\System32\KernelBase.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows
\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows
\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows
\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows
\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows
\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows
\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-
win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-
win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-
win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-
win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers
\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows
\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows
\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows
\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows
\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows
\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows
\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows
\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers
\tcpipreg.sys
2012-10-02 19:51:15 3536817 ----a-w- C:\Windows
\System32\nvcoproc.bin
2012-10-02 19:51:11 3293544 ----a-w- C:\Windows
\System32\nvsvc64.dll
2012-10-02 19:51:04 6200680 ----a-w- C:\Windows
\System32\nvcpl.dll
2012-10-02 19:50:57 891240 ----a-w- C:\Windows
\System32\nvvsvc.exe
2012-10-02 19:50:57 866664 ----a-w- C:\Windows
\System32\nv3dappshext.dll
2012-10-02 19:50:57 63336 ----a-w- C:\Windows
\System32\nvshext.dll
2012-10-02 19:50:57 55144 ----a-w- C:\Windows
\System32\nv3dappshextr.dll
2012-10-02 19:50:57 2557800 ----a-w- C:\Windows
\System32\nvsvcr.dll
2012-10-02 19:50:57 118120 ----a-w- C:\Windows
\System32\nvmctray.dll
.
============= FINISH: 5:14:32,91 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 13.12.2012 21:29:08
System Uptime: 27.12.2012 21:40:43 (8 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K53SV
Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz | CPU 1 | 782/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 444 GiB total, 408,75 GiB free.
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
ASUS AI Recovery
ASUS FancyStart
ASUS K3 Series ScreenSaver
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS WebStorage
ASUS Virtual Camera
AsusVibe2.0
Atheros WLAN and Bluetooth Client Installation Program
ATK Package
Avira Free Antivirus
Bluetooth Win7 Suite (64)
Bookworm Deluxe
Cooking Dash
CyberLink LabelPrint
CyberLink Power2Go
D3DX10
ETDWare PS/2-X64 8.0.5.0_WHQL
Fast Boot
Game Park Console
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Governor of Poker
Hotel Dash Suite Success
Intel® Control Center
Intel® Processor Graphics
Intel® Turbo Boost Technology Monitor
Jewel Quest 3
Junk Mail filter update
Luxor 3
Mahjongg dimensions
Malwarebytes Anti-Malware versio 1.65.1.1000
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile FIN Language Pack
Microsoft .NET Framework 4 Client Profilen suomen kielipaketti
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
Nuance PDF Reader
NVIDIA-ohjauspaneeli 306.97
NVIDIA-päivitykset 1.10.8
NVIDIA Grafiikkaohjain 306.97
NVIDIA Install Application
NVIDIA Optimus 1.10.8
NVIDIA Update Components
Plants vs Zombies
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Sonic Focus
syncables desktop SE
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
Wireless Console 3
World of Goo
.
==== End Of File ===========================
-
Hello again. No more questions after this.
I wasn't entirely sure what you meant when you called the rootkit a leftover. Did you mean that the more sinister rootkits failed to install themselves on the computer or that they at some point possibly were installed on the computer, but were removed?
The windows reinstall instruction link leads to mit site that gives the 404 error. However, if resetting this asus laptop to factory settings equals reformatting the OS, I probably won't need the instructions though.
Anyways. Thanks again for all the lovely help.
-
You wouldn't happen to know what that particular rootkit was designed to do on the computer? Apparently it was active for months and still managed to remain more or less undetected by any of the scanners on the system.
Reformatting windows would probably be the most reassuring choice for me. I'm just wondering how to get the necessary updates for windows and other programs offline. I lack easy access to a clean computer at the moment. But yes, instructions on reformatting windows would be most welcome.
-
Umm... Can I really be sure about the safety of the computer without complete reformat of the OS?
Rootkit presence on the computer often implies that there was a backdoor present on the computer and apparently a lot of the experts think that the only way to be really certain that the computer in clean is to re-format the OS.
So would it be prudent to just re-format everything?
-
Ok. Uninstalled the out of fate versions and the newly installed flash and java seem to be working just fine. Also ran the securitycheck again and it no longer complains about the outdated versions. However according to the link chrome updates flash automatically, but I installed flash on explorer with no problems. It just complained about not being able to find chrome, even though I unchecked the option to install chrome.
So this thing is finally resolved then? If it is then thanks for all the help. Nice to be finally rid of that thing.
-
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Nothing on scan. Does this mean that the rootkit is removed?
-
Hi,
Well the combofix completed now within the 10 minute timeframe. Last time it took about twenty minutes to finish. Afterwards I had to reboot the computer again since combofix apparently did something to the registry entries of all the other programs preventing their use. Everything seems to work fine now.
I'd also be interested in knowing what combofix actually found on my computer.
ComboFix 12-06-05.03 - Vesa 07.06.2012 6:19.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4008.2322 [GMT 3:00]
Sijainti: c:\users\Vesa\Desktop\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\users\Vesa\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Uusi palautuspiste luotu
.
FILE ::
"c:\windows\System32\Drivers\30838599.sys"
"c:\windows\System32\Drivers\35801033.sys"
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ajurit/Palvelut )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_30838599
-------\Legacy_35801033
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-05-07 to 2012-06-07 )))))))))))))))))
.
.
2012-06-07 03:27 . 2012-06-07 03:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-01 14:15 . 2012-06-01 14:16 -------- d-----w- c:\users\usertili\AppData\Roaming\Mount&Blade Warband
2012-05-31 20:23 . 2012-05-31 20:23 -------- d-----w- c:\users\usertili\AppData\Local\My Games
2012-05-13 15:54 . 2012-05-13 15:54 -------- d-----w- c:\users\usertili\AppData\Local\Skyrim
2012-05-13 15:51 . 2012-05-13 15:51 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-10 00:19 . 2012-05-10 00:19 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-10 00:19 . 2012-05-10 00:19 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-09 23:52 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 23:52 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-09 23:52 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 23:52 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-09 23:52 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 23:52 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 23:52 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-09 23:52 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 23:52 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 23:52 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 23:52 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 23:52 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 23:51 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 02:08 . 2012-06-02 21:33 -------- d-----w- c:\users\usertili\AppData\Local\CrashDumps
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-07 03:28 . 2011-05-21 15:19 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-06-07 03:28 . 2011-03-23 12:08 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2012-06-07 03:28 . 2011-05-22 18:56 58288 ----a-w- c:\windows\SysWow64\rpcnet.dll
2012-05-08 23:22 . 2012-05-01 15:50 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 23:22 . 2012-05-01 15:50 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-04-18 00:03 . 2012-05-01 11:22 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A1581912-766F-4EA8-AB42-2BD0C7729558}\mpengine.dll
2012-04-04 12:56 . 2012-02-20 12:02 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 13:13 . 2011-05-29 16:04 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-20 14:39 . 2012-03-20 14:39 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-20 14:39 . 2012-03-20 14:39 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-20 14:39 . 2012-03-20 14:39 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-20 14:39 . 2012-03-20 14:39 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-20 14:39 . 2012-03-20 14:39 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-20 14:39 . 2012-03-20 14:39 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-20 14:39 . 2012-03-20 14:39 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-20 14:39 . 2012-03-20 14:39 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-20 14:39 . 2012-03-20 14:39 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-20 14:39 . 2012-03-20 14:39 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-20 14:39 . 2012-03-20 14:39 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-20 14:39 . 2012-03-20 14:39 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-20 14:39 . 2012-03-20 14:39 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-20 14:39 . 2012-03-20 14:39 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-20 14:39 . 2012-03-20 14:39 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-20 14:39 . 2012-03-20 14:39 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-20 14:39 . 2012-03-20 14:39 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-20 14:39 . 2012-03-20 14:39 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-20 14:39 . 2012-03-20 14:39 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-20 14:39 . 2012-03-20 14:39 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-20 14:39 . 2012-03-20 14:39 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-20 14:39 . 2012-03-20 14:39 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-20 14:39 . 2012-03-20 14:39 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-20 14:39 . 2012-03-20 14:39 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-20 14:39 . 2012-03-20 14:39 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-20 14:39 . 2012-03-20 14:39 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-20 14:39 . 2012-03-20 14:39 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-20 14:39 . 2012-03-20 14:39 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-20 14:39 . 2012-03-20 14:39 448512 ----a-w- c:\windows\system32\html.iec
2012-03-20 14:39 . 2012-03-20 14:39 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-20 14:39 . 2012-03-20 14:39 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-20 14:39 . 2012-03-20 14:39 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-20 14:39 . 2012-03-20 14:39 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-20 14:39 . 2012-03-20 14:39 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-19 20:44 . 2012-03-19 20:44 5888792 ----a-w- c:\windows\system32\GfxUI.exe
2012-03-19 20:44 . 2012-03-19 20:44 509720 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-03-19 20:44 . 2012-03-19 20:44 439064 ----a-w- c:\windows\system32\igfxpers.exe
2012-03-19 20:44 . 2012-03-19 20:44 398616 ----a-w- c:\windows\system32\hkcmd.exe
2012-03-19 20:44 . 2012-03-19 20:44 276248 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-03-19 20:44 . 2012-03-19 20:44 250136 ----a-w- c:\windows\system32\igfxext.exe
2012-03-19 20:44 . 2012-03-19 20:44 184600 ----a-w- c:\windows\system32\difx64.exe
2012-03-19 20:44 . 2012-03-19 20:44 170264 ----a-w- c:\windows\system32\igfxtray.exe
2012-03-19 20:42 . 2012-03-19 20:42 90112 ----a-w- c:\windows\system32\igfxCoIn_v2696.dll
2012-03-19 20:32 . 2012-03-19 20:32 14745600 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-03-19 20:31 . 2012-03-19 20:31 8087040 ----a-w- c:\windows\system32\igdumd64.dll
2012-03-19 20:31 . 2012-03-19 20:31 79360 ----a-w- c:\windows\system32\igdde64.dll
2012-03-19 20:26 . 2012-03-19 20:26 6120960 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-03-19 20:25 . 2012-03-19 20:25 58880 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-03-19 20:22 . 2011-03-23 12:19 9605632 ----a-w- c:\windows\system32\igd10umd64.dll
2012-03-19 20:11 . 2012-03-19 20:11 7795200 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-03-19 19:31 . 2012-03-19 19:31 18137088 ----a-w- c:\windows\system32\ig4icd64.dll
2012-03-19 19:21 . 2012-03-19 19:21 13212672 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-03-19 19:18 . 2012-03-19 19:18 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438272 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-03-19 19:18 . 2012-03-19 19:18 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-03-19 19:18 . 2012-03-19 19:18 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-03-19 19:18 . 2012-03-19 19:18 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-03-19 19:18 . 2012-03-19 19:18 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-03-19 19:18 . 2012-03-19 19:18 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-03-19 19:18 . 2012-03-19 19:18 430592 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-03-19 19:18 . 2012-03-19 19:18 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-03-19 19:18 . 2012-03-19 19:18 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-03-19 19:18 . 2012-03-19 19:18 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-03-19 19:18 . 2012-03-19 19:18 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-03-19 19:18 . 2012-03-19 19:18 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-03-19 19:18 . 2012-03-19 19:18 386560 ----a-w- c:\windows\system32\igfxpph.dll
2012-03-19 19:18 . 2012-03-19 19:18 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-03-19 19:17 . 2012-03-19 19:17 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-03-19 19:17 . 2011-03-23 12:19 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-03-19 19:17 . 2011-03-23 12:19 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-03-19 19:17 . 2012-03-19 19:17 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-03-19 19:17 . 2012-03-19 19:17 434688 ----a-w- c:\windows\system32\igfxdev.dll
2012-03-19 19:17 . 2012-03-19 19:17 172032 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-03-19 19:16 . 2012-03-19 19:16 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-03-19 19:16 . 2012-03-19 19:16 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-03-19 19:16 . 2011-03-23 12:19 9007616 ----a-w- c:\windows\system32\igfxress.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-06_00.00.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-23 13:11 . 2012-06-07 03:07 51454 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-07 03:30 34806 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-05-21 15:20 . 2012-06-07 03:30 18404 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2065890004-3735609052-1085264056-1001_UserData.bin
- 2009-08-04 11:04 . 2012-06-05 23:18 90988 c:\windows\system32\perfc00B.dat
+ 2009-08-04 11:04 . 2012-06-06 08:30 90988 c:\windows\system32\perfc00B.dat
+ 2011-05-22 19:02 . 2012-06-07 03:07 6906 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2065890004-3735609052-1085264056-1002_UserData.bin
+ 2012-06-07 03:28 . 2012-06-07 03:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-05 23:13 . 2012-06-05 23:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-07 03:28 . 2012-06-07 03:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-05 23:13 . 2012-06-05 23:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-08-04 11:04 . 2012-06-06 08:30 460390 c:\windows\system32\perfh00B.dat
- 2009-08-04 11:04 . 2012-06-05 23:18 460390 c:\windows\system32\perfh00B.dat
- 2009-07-14 02:36 . 2012-06-05 23:18 635938 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-06-06 08:30 635938 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-05 23:18 114262 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-06-06 08:30 114262 c:\windows\system32\perfc009.dat
- 2011-03-22 22:50 . 2012-06-05 23:12 662400 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-03-22 22:50 . 2012-06-07 03:27 662400 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-06-05 23:12 277996 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-07 03:27 277996 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-06-19 00:23 . 2012-06-07 03:27 645161 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2065890004-3735609052-1085264056-1001-8192.dat
- 2011-06-19 00:23 . 2012-05-01 16:16 645161 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2065890004-3735609052-1085264056-1001-8192.dat
+ 2012-04-26 15:23 . 2012-06-07 03:27 1257412 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2065890004-3735609052-1085264056-1002-8192.dat
- 2012-04-26 15:23 . 2012-06-05 23:12 1257412 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2065890004-3735609052-1085264056-1002-8192.dat
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Steam"="d:\progs\steam\Steam.exe" [2012-05-13 1242448]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-04-27 4786048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
.
c:\users\usertili\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\users\Vesa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-3-23 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-3-23 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 135664]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Päivitä-palvelu (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 135664]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-09-29 140672]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
S2 BecHelperService;BecHelperService;c:\program files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe [2011-03-09 1958272]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-02-19 2009704]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
'Ajoitetut tehtävät'-kansion sisältö
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-23 2188904]
"AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]
"AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [bU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Täydentävä tarkistus -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{5BFECA8C-2C50-4D21-84A5-BC2F322CCCB6}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{DCA7AF32-EF46-497E-9AA2-296A20952E8A}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{F5D1B026-3400-4E74-98DE-E527BC0448A2}: NameServer = 156.154.70.22,156.154.71.22
.
- - - - POISTETUT JäMäRIVIT - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Muut prosessit ------------------------
.
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Mobiililaajakaista\Mobiililaajakaista\LoggerServer.exe
c:\windows\SysWOW64\rpcnet.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
**************************************************************************
.
Valmistumisajankohta: 2012-06-07 06:34:41 - kone käynnistettiin uudelleen
ComboFix-quarantined-files.txt 2012-06-07 03:34
ComboFix2.txt 2012-06-06 00:03
.
Ennen ajoa: 71 348 457 472 tavua vapaana
Ajon jälkeen: 73 112 899 584 tavua vapaana
.
- - End Of File - - 5E349EAD2801C2774D76C6139BBCD24E
-
Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware versio 1.61.0.1400
Java 6 Update 22
Java 6 Update 31
Java version out of date!
Adobe Flash Player 10 Flash Player out of date!
Google Chrome 19.0.1084.46
Google Chrome 19.0.1084.52
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
-
ComboFix 12-06-05.03 - Vesa 06.06.2012 2:37.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4008.2574 [GMT 3:00]
Sijainti: c:\users\Vesa\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-05-06 to 2012-06-06 )))))))))))))))))
.
.
2012-06-01 14:15 . 2012-06-01 14:16 -------- d-----w- c:\users\usertili\AppData\Roaming\Mount&Blade Warband
2012-05-31 20:23 . 2012-05-31 20:23 -------- d-----w- c:\users\usertili\AppData\Local\My Games
2012-05-13 15:54 . 2012-05-13 15:54 -------- d-----w- c:\users\usertili\AppData\Local\Skyrim
2012-05-13 15:51 . 2012-05-13 15:51 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-10 00:19 . 2012-05-10 00:19 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-10 00:19 . 2012-05-10 00:19 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-09 23:52 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 23:52 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-09 23:52 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 23:52 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-09 23:52 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 23:52 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 23:52 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-09 23:52 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 23:52 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 23:52 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 23:52 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 23:52 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 23:51 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 02:08 . 2012-06-02 21:33 -------- d-----w- c:\users\usertili\AppData\Local\CrashDumps
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-05 23:13 . 2011-03-23 12:08 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2012-06-05 23:13 . 2011-05-21 15:19 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-06-05 23:13 . 2011-05-22 18:56 58288 ----a-w- c:\windows\SysWow64\rpcnet.dll
2012-05-08 23:22 . 2012-05-01 15:50 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 23:22 . 2012-05-01 15:50 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-04-18 00:03 . 2012-05-01 11:22 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A1581912-766F-4EA8-AB42-2BD0C7729558}\mpengine.dll
2012-04-04 12:56 . 2012-02-20 12:02 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 13:13 . 2011-05-29 16:04 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-20 14:39 . 2012-03-20 14:39 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-20 14:39 . 2012-03-20 14:39 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-20 14:39 . 2012-03-20 14:39 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-20 14:39 . 2012-03-20 14:39 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-20 14:39 . 2012-03-20 14:39 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-20 14:39 . 2012-03-20 14:39 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-20 14:39 . 2012-03-20 14:39 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-20 14:39 . 2012-03-20 14:39 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-20 14:39 . 2012-03-20 14:39 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-20 14:39 . 2012-03-20 14:39 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-20 14:39 . 2012-03-20 14:39 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-20 14:39 . 2012-03-20 14:39 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-20 14:39 . 2012-03-20 14:39 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-20 14:39 . 2012-03-20 14:39 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-20 14:39 . 2012-03-20 14:39 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-20 14:39 . 2012-03-20 14:39 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-20 14:39 . 2012-03-20 14:39 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-20 14:39 . 2012-03-20 14:39 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-20 14:39 . 2012-03-20 14:39 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-20 14:39 . 2012-03-20 14:39 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-20 14:39 . 2012-03-20 14:39 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-20 14:39 . 2012-03-20 14:39 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-20 14:39 . 2012-03-20 14:39 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-20 14:39 . 2012-03-20 14:39 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-20 14:39 . 2012-03-20 14:39 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-20 14:39 . 2012-03-20 14:39 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-20 14:39 . 2012-03-20 14:39 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-20 14:39 . 2012-03-20 14:39 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-03-20 14:39 . 2012-03-20 14:39 448512 ----a-w- c:\windows\system32\html.iec
2012-03-20 14:39 . 2012-03-20 14:39 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-20 14:39 . 2012-03-20 14:39 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-20 14:39 . 2012-03-20 14:39 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-20 14:39 . 2012-03-20 14:39 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-20 14:39 . 2012-03-20 14:39 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-19 20:44 . 2012-03-19 20:44 5888792 ----a-w- c:\windows\system32\GfxUI.exe
2012-03-19 20:44 . 2012-03-19 20:44 509720 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-03-19 20:44 . 2012-03-19 20:44 439064 ----a-w- c:\windows\system32\igfxpers.exe
2012-03-19 20:44 . 2012-03-19 20:44 398616 ----a-w- c:\windows\system32\hkcmd.exe
2012-03-19 20:44 . 2012-03-19 20:44 276248 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-03-19 20:44 . 2012-03-19 20:44 250136 ----a-w- c:\windows\system32\igfxext.exe
2012-03-19 20:44 . 2012-03-19 20:44 184600 ----a-w- c:\windows\system32\difx64.exe
2012-03-19 20:44 . 2012-03-19 20:44 170264 ----a-w- c:\windows\system32\igfxtray.exe
2012-03-19 20:42 . 2012-03-19 20:42 90112 ----a-w- c:\windows\system32\igfxCoIn_v2696.dll
2012-03-19 20:32 . 2012-03-19 20:32 14745600 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-03-19 20:31 . 2012-03-19 20:31 8087040 ----a-w- c:\windows\system32\igdumd64.dll
2012-03-19 20:31 . 2012-03-19 20:31 79360 ----a-w- c:\windows\system32\igdde64.dll
2012-03-19 20:26 . 2012-03-19 20:26 6120960 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-03-19 20:25 . 2012-03-19 20:25 58880 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-03-19 20:22 . 2011-03-23 12:19 9605632 ----a-w- c:\windows\system32\igd10umd64.dll
2012-03-19 20:11 . 2012-03-19 20:11 7795200 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-03-19 19:31 . 2012-03-19 19:31 18137088 ----a-w- c:\windows\system32\ig4icd64.dll
2012-03-19 19:21 . 2012-03-19 19:21 13212672 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-03-19 19:18 . 2012-03-19 19:18 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438272 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-03-19 19:18 . 2012-03-19 19:18 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-03-19 19:18 . 2012-03-19 19:18 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-03-19 19:18 . 2012-03-19 19:18 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-03-19 19:18 . 2012-03-19 19:18 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-03-19 19:18 . 2012-03-19 19:18 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-03-19 19:18 . 2012-03-19 19:18 430592 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-03-19 19:18 . 2012-03-19 19:18 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-03-19 19:18 . 2012-03-19 19:18 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-03-19 19:18 . 2012-03-19 19:18 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-03-19 19:18 . 2012-03-19 19:18 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-03-19 19:18 . 2012-03-19 19:18 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-03-19 19:18 . 2012-03-19 19:18 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-03-19 19:18 . 2012-03-19 19:18 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-03-19 19:18 . 2012-03-19 19:18 386560 ----a-w- c:\windows\system32\igfxpph.dll
2012-03-19 19:18 . 2012-03-19 19:18 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-03-19 19:17 . 2012-03-19 19:17 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-03-19 19:17 . 2011-03-23 12:19 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-03-19 19:17 . 2011-03-23 12:19 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-03-19 19:17 . 2012-03-19 19:17 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-03-19 19:17 . 2012-03-19 19:17 434688 ----a-w- c:\windows\system32\igfxdev.dll
2012-03-19 19:17 . 2012-03-19 19:17 172032 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-03-19 19:16 . 2012-03-19 19:16 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-03-19 19:16 . 2012-03-19 19:16 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-03-19 19:16 . 2011-03-23 12:19 9007616 ----a-w- c:\windows\system32\igfxress.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Steam"="d:\progs\steam\Steam.exe" [2012-05-13 1242448]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-04-27 4786048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
.
c:\users\usertili\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\users\Vesa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-3-23 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-3-23 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 135664]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Päivitä-palvelu (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 135664]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-09-29 140672]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
S2 BecHelperService;BecHelperService;c:\program files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe [2011-03-09 1958272]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-02-19 2009704]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Muut muistissa olevat ajurit/palvelut ---
.
*NewlyCreated* - 30838599
*NewlyCreated* - 35801033
*Deregistered* - 30838599
*Deregistered* - 35801033
.
'Ajoitetut tehtävät'-kansion sisältö
.
2012-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]
.
2012-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 12:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-23 2188904]
"AtherosBtStack"="c:\program files (x86)\Atheros\Bluetooth Suite\BtvStack.exe" [2010-11-26 613536]
"AthBtTray"="c:\program files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe" [2010-11-26 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Täydentävä tarkistus -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{5BFECA8C-2C50-4D21-84A5-BC2F322CCCB6}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{DCA7AF32-EF46-497E-9AA2-296A20952E8A}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{F5D1B026-3400-4E74-98DE-E527BC0448A2}: NameServer = 156.154.70.22,156.154.71.22
.
- - - - POISTETUT JäMäRIVIT - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Valmistumisajankohta: 2012-06-06 03:03:00
ComboFix-quarantined-files.txt 2012-06-06 00:03
.
Ennen ajoa: 68 537 425 920 tavua vapaana
Ajon jälkeen: 71 546 228 736 tavua vapaana
.
- - End Of File - - EC4F7A3860798348858CCE4AB2F6F7A4
-
Hi,
Thanks for replying.
The ip-block notifications stopped coming more than a month ago. Is this functionality still present in the free version of mbam? The only other strangeness was/is that while connecting to the net via wireless network the computer occasionally tried to connect using roaming connections which are -unless I'm mistaken- used by my ISP for connecting to the net from abroad. However I was not abroad at the time.
TDSSkiller log:
577 1040 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
02:31:49.0592 1040 ============================================================
02:31:49.0592 1040 Current date / time: 2012/06/06 02:31:49.0592
02:31:49.0592 1040 SystemInfo:
02:31:49.0592 1040
02:31:49.0592 1040 OS Version: 6.1.7601 ServicePack: 1.0
02:31:49.0592 1040 Product type: Workstation
02:31:49.0592 1040 ComputerName:
02:31:49.0592 1040 UserName:
02:31:49.0592 1040 Windows directory: C:\Windows
02:31:49.0592 1040 System windows directory: C:\Windows
02:31:49.0592 1040 Running under WOW64
02:31:49.0592 1040 Processor architecture: Intel x64
02:31:49.0592 1040 Number of processors: 4
02:31:49.0592 1040 Page size: 0x1000
02:31:49.0592 1040 Boot type: Normal boot
02:31:49.0592 1040 ============================================================
02:31:50.0091 1040 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:31:50.0107 1040 ============================================================
02:31:50.0107 1040 \Device\Harddisk0\DR0:
02:31:50.0107 1040 MBR partitions:
02:31:50.0107 1040 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0xE8E0909
02:31:50.0123 1040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x113DB000, BlocksNum 0x28FAA800
02:31:50.0123 1040 ============================================================
02:31:50.0185 1040 C: <-> \Device\Harddisk0\DR0\Partition0
02:31:50.0201 1040 D: <-> \Device\Harddisk0\DR0\Partition1
02:31:50.0201 1040 ============================================================
02:31:50.0201 1040 Initialize success
02:31:50.0201 1040 ============================================================
02:31:53.0726 1272 ============================================================
02:31:53.0726 1272 Scan started
02:31:53.0726 1272 Mode: Manual;
02:31:53.0726 1272 ============================================================
02:31:54.0241 1272 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
02:31:54.0257 1272 !SASCORE - ok
02:31:54.0506 1272 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
02:31:54.0506 1272 1394ohci - ok
02:31:54.0615 1272 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
02:31:54.0615 1272 ACPI - ok
02:31:54.0662 1272 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
02:31:54.0662 1272 AcpiPmi - ok
02:31:54.0740 1272 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
02:31:54.0756 1272 adp94xx - ok
02:31:54.0818 1272 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
02:31:54.0818 1272 adpahci - ok
02:31:54.0849 1272 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
02:31:54.0849 1272 adpu320 - ok
02:31:54.0896 1272 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
02:31:54.0896 1272 AeLookupSvc - ok
02:31:54.0974 1272 AFBAgent (079cba3c5c9ab11b2b4e6bd729a860f2) C:\Windows\system32\FBAgent.exe
02:31:54.0990 1272 AFBAgent - ok
02:31:55.0083 1272 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
02:31:55.0099 1272 AFD - ok
02:31:55.0146 1272 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
02:31:55.0146 1272 agp440 - ok
02:31:55.0193 1272 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
02:31:55.0193 1272 ALG - ok
02:31:55.0224 1272 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
02:31:55.0224 1272 aliide - ok
02:31:55.0271 1272 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
02:31:55.0271 1272 amdide - ok
02:31:55.0317 1272 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
02:31:55.0317 1272 AmdK8 - ok
02:31:55.0364 1272 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
02:31:55.0380 1272 AmdPPM - ok
02:31:55.0427 1272 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
02:31:55.0427 1272 amdsata - ok
02:31:55.0473 1272 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
02:31:55.0473 1272 amdsbs - ok
02:31:55.0505 1272 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
02:31:55.0505 1272 amdxata - ok
02:31:55.0645 1272 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
02:31:55.0645 1272 AntiVirSchedulerService - ok
02:31:55.0707 1272 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
02:31:55.0707 1272 AntiVirService - ok
02:31:55.0754 1272 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
02:31:55.0754 1272 AppID - ok
02:31:55.0785 1272 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
02:31:55.0785 1272 AppIDSvc - ok
02:31:55.0832 1272 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
02:31:55.0832 1272 Appinfo - ok
02:31:55.0848 1272 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
02:31:55.0848 1272 arc - ok
02:31:55.0879 1272 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
02:31:55.0895 1272 arcsas - ok
02:31:55.0957 1272 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
02:31:55.0957 1272 ASLDRService - ok
02:31:55.0988 1272 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
02:31:55.0988 1272 ASMMAP64 - ok
02:31:56.0035 1272 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:31:56.0035 1272 AsyncMac - ok
02:31:56.0082 1272 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
02:31:56.0082 1272 atapi - ok
02:31:56.0129 1272 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
02:31:56.0129 1272 AthBTPort - ok
02:31:56.0207 1272 Atheros Bt&Wlan Coex Agent (a6307f356d778e18a76e7783ef98c6aa) C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
02:31:56.0207 1272 Atheros Bt&Wlan Coex Agent - ok
02:31:56.0253 1272 AtherosSvc (749ff240dedafaff94288e0307104df3) C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
02:31:56.0253 1272 AtherosSvc - ok
02:31:56.0487 1272 athr (b4174564ad5834a1680610572477878c) C:\Windows\system32\DRIVERS\athrx.sys
02:31:56.0503 1272 athr - ok
02:31:56.0581 1272 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
02:31:56.0581 1272 ATKGFNEXSrv - ok
02:31:56.0612 1272 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
02:31:56.0612 1272 ATKWMIACPIIO - ok
02:31:56.0799 1272 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:31:56.0815 1272 AudioEndpointBuilder - ok
02:31:56.0815 1272 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:31:56.0831 1272 AudioSrv - ok
02:31:56.0940 1272 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
02:31:56.0940 1272 avgntflt - ok
02:31:57.0002 1272 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
02:31:57.0002 1272 avipbb - ok
02:31:57.0049 1272 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
02:31:57.0049 1272 avkmgr - ok
02:31:57.0127 1272 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
02:31:57.0127 1272 AxInstSV - ok
02:31:57.0205 1272 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
02:31:57.0221 1272 b06bdrv - ok
02:31:57.0330 1272 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:31:57.0330 1272 b57nd60a - ok
02:31:57.0392 1272 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
02:31:57.0392 1272 BDESVC - ok
02:31:57.0611 1272 BecHelperService (468dfcaa46ffa1d079392c38145e9023) C:\Program Files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe
02:31:57.0626 1272 BecHelperService - ok
02:31:57.0767 1272 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:31:57.0767 1272 Beep - ok
02:31:57.0876 1272 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
02:31:57.0891 1272 BFE - ok
02:31:58.0032 1272 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
02:31:58.0047 1272 BITS - ok
02:31:58.0141 1272 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:31:58.0141 1272 blbdrive - ok
02:31:58.0188 1272 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
02:31:58.0188 1272 bowser - ok
02:31:58.0203 1272 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:31:58.0203 1272 BrFiltLo - ok
02:31:58.0235 1272 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:31:58.0235 1272 BrFiltUp - ok
02:31:58.0297 1272 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
02:31:58.0297 1272 Browser - ok
02:31:58.0391 1272 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:31:58.0391 1272 Brserid - ok
02:31:58.0453 1272 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:31:58.0453 1272 BrSerWdm - ok
02:31:58.0484 1272 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:31:58.0484 1272 BrUsbMdm - ok
02:31:58.0500 1272 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:31:58.0500 1272 BrUsbSer - ok
02:31:58.0562 1272 BTATH_A2DP (227c8f308de4af4808e587465ceab838) C:\Windows\system32\drivers\btath_a2dp.sys
02:31:58.0562 1272 BTATH_A2DP - ok
02:31:58.0609 1272 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
02:31:58.0609 1272 BTATH_BUS - ok
02:31:58.0640 1272 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
02:31:58.0640 1272 BTATH_HCRP - ok
02:31:58.0718 1272 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
02:31:58.0718 1272 BTATH_LWFLT - ok
02:31:58.0749 1272 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
02:31:58.0765 1272 BTATH_RCP - ok
02:31:58.0812 1272 BtFilter (486720da2b3bb13d1080c83140c18b56) C:\Windows\system32\DRIVERS\btfilter.sys
02:31:58.0827 1272 BtFilter - ok
02:31:58.0859 1272 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
02:31:58.0859 1272 BthEnum - ok
02:31:58.0890 1272 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
02:31:58.0890 1272 BTHMODEM - ok
02:31:58.0921 1272 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
02:31:58.0921 1272 BthPan - ok
02:31:58.0983 1272 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
02:31:58.0983 1272 BTHPORT - ok
02:31:59.0030 1272 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
02:31:59.0030 1272 bthserv - ok
02:31:59.0046 1272 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
02:31:59.0046 1272 BTHUSB - ok
02:31:59.0077 1272 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:31:59.0077 1272 cdfs - ok
02:31:59.0139 1272 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
02:31:59.0139 1272 cdrom - ok
02:31:59.0186 1272 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:31:59.0186 1272 CertPropSvc - ok
02:31:59.0217 1272 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
02:31:59.0217 1272 circlass - ok
02:31:59.0249 1272 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:31:59.0249 1272 CLFS - ok
02:31:59.0327 1272 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:31:59.0327 1272 clr_optimization_v2.0.50727_32 - ok
02:31:59.0420 1272 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:31:59.0420 1272 clr_optimization_v2.0.50727_64 - ok
02:31:59.0498 1272 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:31:59.0498 1272 clr_optimization_v4.0.30319_32 - ok
02:31:59.0529 1272 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:31:59.0529 1272 clr_optimization_v4.0.30319_64 - ok
02:31:59.0561 1272 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:31:59.0561 1272 CmBatt - ok
02:31:59.0576 1272 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
02:31:59.0576 1272 cmdide - ok
02:31:59.0654 1272 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
02:31:59.0670 1272 CNG - ok
02:31:59.0701 1272 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
02:31:59.0701 1272 Compbatt - ok
02:31:59.0748 1272 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
02:31:59.0748 1272 CompositeBus - ok
02:31:59.0748 1272 COMSysApp - ok
02:31:59.0888 1272 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe
02:31:59.0888 1272 cphs - ok
02:31:59.0904 1272 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
02:31:59.0904 1272 crcdisk - ok
02:31:59.0951 1272 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
02:31:59.0951 1272 CryptSvc - ok
02:32:00.0044 1272 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:32:00.0044 1272 DcomLaunch - ok
02:32:00.0107 1272 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
02:32:00.0107 1272 defragsvc - ok
02:32:00.0169 1272 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
02:32:00.0169 1272 DfsC - ok
02:32:00.0216 1272 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
02:32:00.0216 1272 Dhcp - ok
02:32:00.0247 1272 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:32:00.0247 1272 discache - ok
02:32:00.0278 1272 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
02:32:00.0278 1272 Disk - ok
02:32:00.0341 1272 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
02:32:00.0341 1272 Dnscache - ok
02:32:00.0387 1272 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
02:32:00.0387 1272 dot3svc - ok
02:32:00.0419 1272 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
02:32:00.0419 1272 DPS - ok
02:32:00.0450 1272 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:32:00.0450 1272 drmkaud - ok
02:32:00.0543 1272 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
02:32:00.0559 1272 DXGKrnl - ok
02:32:00.0606 1272 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
02:32:00.0606 1272 EapHost - ok
02:32:00.0840 1272 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
02:32:00.0871 1272 ebdrv - ok
02:32:01.0011 1272 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
02:32:01.0011 1272 EFS - ok
02:32:01.0105 1272 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
02:32:01.0121 1272 ehRecvr - ok
02:32:01.0183 1272 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
02:32:01.0183 1272 ehSched - ok
02:32:01.0323 1272 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
02:32:01.0323 1272 elxstor - ok
02:32:01.0401 1272 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
02:32:01.0401 1272 ErrDev - ok
02:32:01.0464 1272 ETD (5b042aa9cebdab5b61e747ddcebff51b) C:\Windows\system32\DRIVERS\ETD.sys
02:32:01.0464 1272 ETD - ok
02:32:01.0526 1272 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
02:32:01.0542 1272 EventSystem - ok
02:32:01.0620 1272 ewusbnet (d83eb7ade99d99a4cd6568ac1261d35e) C:\Windows\system32\DRIVERS\ewusbnet.sys
02:32:01.0635 1272 ewusbnet - ok
02:32:01.0667 1272 ew_hwusbdev (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
02:32:01.0667 1272 ew_hwusbdev - ok
02:32:01.0682 1272 ew_usbenumfilter (55e0eda185869f7ea67ea97fd0655b39) C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
02:32:01.0682 1272 ew_usbenumfilter - ok
02:32:01.0745 1272 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:32:01.0745 1272 exfat - ok
02:32:01.0791 1272 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:32:01.0791 1272 fastfat - ok
02:32:01.0885 1272 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
02:32:01.0901 1272 Fax - ok
02:32:01.0932 1272 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
02:32:01.0932 1272 fdc - ok
02:32:01.0947 1272 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
02:32:01.0947 1272 fdPHost - ok
02:32:01.0963 1272 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
02:32:01.0963 1272 FDResPub - ok
02:32:01.0979 1272 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:32:01.0979 1272 FileInfo - ok
02:32:01.0994 1272 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:32:01.0994 1272 Filetrace - ok
02:32:02.0010 1272 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
02:32:02.0010 1272 flpydisk - ok
02:32:02.0088 1272 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
02:32:02.0088 1272 FltMgr - ok
02:32:02.0197 1272 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
02:32:02.0213 1272 FontCache - ok
02:32:02.0322 1272 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:32:02.0322 1272 FontCache3.0.0.0 - ok
02:32:02.0369 1272 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:32:02.0369 1272 FsDepends - ok
02:32:02.0415 1272 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
02:32:02.0415 1272 fssfltr - ok
02:32:02.0649 1272 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
02:32:02.0681 1272 fsssvc - ok
02:32:02.0805 1272 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
02:32:02.0805 1272 Fs_Rec - ok
02:32:02.0883 1272 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:32:02.0883 1272 fvevol - ok
02:32:02.0961 1272 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
02:32:02.0961 1272 gagp30kx - ok
02:32:03.0039 1272 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
02:32:03.0055 1272 gpsvc - ok
02:32:03.0133 1272 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:32:03.0149 1272 gupdate - ok
02:32:03.0164 1272 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:32:03.0164 1272 gupdatem - ok
02:32:03.0211 1272 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
02:32:03.0211 1272 gusvc - ok
02:32:03.0242 1272 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:32:03.0242 1272 hcw85cir - ok
02:32:03.0320 1272 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
02:32:03.0336 1272 HdAudAddService - ok
02:32:03.0445 1272 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
02:32:03.0445 1272 HDAudBus - ok
02:32:03.0461 1272 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
02:32:03.0476 1272 HidBatt - ok
02:32:03.0492 1272 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
02:32:03.0492 1272 HidBth - ok
02:32:03.0539 1272 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
02:32:03.0539 1272 HidIr - ok
02:32:03.0570 1272 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
02:32:03.0570 1272 hidserv - ok
02:32:03.0601 1272 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
02:32:03.0601 1272 HidUsb - ok
02:32:03.0648 1272 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
02:32:03.0648 1272 hkmsvc - ok
02:32:03.0695 1272 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
02:32:03.0710 1272 HomeGroupListener - ok
02:32:03.0757 1272 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
02:32:03.0757 1272 HomeGroupProvider - ok
02:32:03.0788 1272 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
02:32:03.0804 1272 HpSAMD - ok
02:32:03.0882 1272 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
02:32:03.0882 1272 HTTP - ok
02:32:03.0944 1272 huawei_enumerator (09af4d7563efc283bedddafe60faf168) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
02:32:03.0944 1272 huawei_enumerator - ok
02:32:03.0975 1272 hwdatacard (6e05228393cd614b983568ec40c262c3) C:\Windows\system32\DRIVERS\ewusbmdm.sys
02:32:03.0975 1272 hwdatacard - ok
02:32:04.0022 1272 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
02:32:04.0022 1272 hwpolicy - ok
02:32:04.0085 1272 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
02:32:04.0085 1272 i8042prt - ok
02:32:04.0163 1272 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
02:32:04.0163 1272 iaStor - ok
02:32:04.0225 1272 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
02:32:04.0225 1272 iaStorV - ok
02:32:04.0381 1272 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:32:04.0397 1272 idsvc - ok
02:32:05.0270 1272 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys
02:32:05.0333 1272 igfx - ok
02:32:05.0457 1272 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
02:32:05.0457 1272 iirsp - ok
02:32:05.0551 1272 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
02:32:05.0567 1272 IKEEXT - ok
02:32:05.0832 1272 IntcAzAudAddService (3e3926f4fa7c9162c5c3ec6bf1e4f349) C:\Windows\system32\drivers\RTKVHD64.sys
02:32:05.0847 1272 IntcAzAudAddService - ok
02:32:05.0972 1272 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
02:32:05.0988 1272 IntcDAud - ok
02:32:06.0003 1272 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
02:32:06.0003 1272 intelide - ok
02:32:06.0035 1272 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:32:06.0035 1272 intelppm - ok
02:32:06.0081 1272 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
02:32:06.0081 1272 IPBusEnum - ok
02:32:06.0113 1272 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:32:06.0128 1272 IpFilterDriver - ok
02:32:06.0222 1272 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
02:32:06.0237 1272 iphlpsvc - ok
02:32:06.0284 1272 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
02:32:06.0284 1272 IPMIDRV - ok
02:32:06.0315 1272 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:32:06.0315 1272 IPNAT - ok
02:32:06.0347 1272 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:32:06.0347 1272 IRENUM - ok
02:32:06.0362 1272 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
02:32:06.0378 1272 isapnp - ok
02:32:06.0409 1272 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
02:32:06.0409 1272 iScsiPrt - ok
02:32:06.0487 1272 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
02:32:06.0487 1272 kbdclass - ok
02:32:06.0503 1272 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
02:32:06.0503 1272 kbdhid - ok
02:32:06.0549 1272 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
02:32:06.0549 1272 kbfiltr - ok
02:32:06.0581 1272 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:32:06.0581 1272 KeyIso - ok
02:32:06.0612 1272 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
02:32:06.0612 1272 KSecDD - ok
02:32:06.0659 1272 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
02:32:06.0674 1272 KSecPkg - ok
02:32:06.0721 1272 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:32:06.0721 1272 ksthunk - ok
02:32:06.0783 1272 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
02:32:06.0799 1272 KtmRm - ok
02:32:06.0861 1272 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
02:32:06.0861 1272 LanmanServer - ok
02:32:06.0939 1272 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
02:32:06.0939 1272 LanmanWorkstation - ok
02:32:06.0971 1272 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:32:06.0986 1272 lltdio - ok
02:32:07.0033 1272 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
02:32:07.0049 1272 lltdsvc - ok
02:32:07.0049 1272 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
02:32:07.0049 1272 lmhosts - ok
02:32:07.0095 1272 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
02:32:07.0111 1272 LSI_FC - ok
02:32:07.0127 1272 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
02:32:07.0142 1272 LSI_SAS - ok
02:32:07.0158 1272 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:32:07.0158 1272 LSI_SAS2 - ok
02:32:07.0205 1272 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:32:07.0205 1272 LSI_SCSI - ok
02:32:07.0236 1272 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:32:07.0236 1272 luafv - ok
02:32:07.0283 1272 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
02:32:07.0283 1272 MBAMProtector - ok
02:32:07.0407 1272 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
02:32:07.0407 1272 MBAMService - ok
02:32:07.0454 1272 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
02:32:07.0454 1272 Mcx2Svc - ok
02:32:07.0470 1272 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
02:32:07.0470 1272 megasas - ok
02:32:07.0517 1272 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
02:32:07.0517 1272 MegaSR - ok
02:32:07.0548 1272 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
02:32:07.0548 1272 MEIx64 - ok
02:32:07.0579 1272 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:32:07.0579 1272 MMCSS - ok
02:32:07.0610 1272 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:32:07.0610 1272 Modem - ok
02:32:07.0626 1272 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:32:07.0626 1272 monitor - ok
02:32:07.0673 1272 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
02:32:07.0673 1272 mouclass - ok
02:32:07.0704 1272 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:32:07.0704 1272 mouhid - ok
02:32:07.0735 1272 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
02:32:07.0735 1272 mountmgr - ok
02:32:07.0797 1272 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
02:32:07.0797 1272 mpio - ok
02:32:07.0813 1272 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:32:07.0829 1272 mpsdrv - ok
02:32:07.0922 1272 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
02:32:07.0938 1272 MpsSvc - ok
02:32:07.0969 1272 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
02:32:07.0969 1272 MRxDAV - ok
02:32:08.0016 1272 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:32:08.0031 1272 mrxsmb - ok
02:32:08.0078 1272 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:32:08.0078 1272 mrxsmb10 - ok
02:32:08.0109 1272 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:32:08.0109 1272 mrxsmb20 - ok
02:32:08.0125 1272 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
02:32:08.0125 1272 msahci - ok
02:32:08.0156 1272 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
02:32:08.0156 1272 msdsm - ok
02:32:08.0187 1272 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
02:32:08.0187 1272 MSDTC - ok
02:32:08.0234 1272 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:32:08.0234 1272 Msfs - ok
02:32:08.0250 1272 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:32:08.0250 1272 mshidkmdf - ok
02:32:08.0265 1272 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
02:32:08.0265 1272 msisadrv - ok
02:32:08.0328 1272 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
02:32:08.0328 1272 MSiSCSI - ok
02:32:08.0328 1272 msiserver - ok
02:32:08.0359 1272 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:32:08.0359 1272 MSKSSRV - ok
02:32:08.0375 1272 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:32:08.0375 1272 MSPCLOCK - ok
02:32:08.0375 1272 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:32:08.0375 1272 MSPQM - ok
02:32:08.0437 1272 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
02:32:08.0453 1272 MsRPC - ok
02:32:08.0468 1272 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
02:32:08.0468 1272 mssmbios - ok
02:32:08.0484 1272 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:32:08.0484 1272 MSTEE - ok
02:32:08.0499 1272 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
02:32:08.0499 1272 MTConfig - ok
02:32:08.0531 1272 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:32:08.0531 1272 Mup - ok
02:32:08.0609 1272 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
02:32:08.0624 1272 napagent - ok
02:32:08.0718 1272 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:32:08.0718 1272 NativeWifiP - ok
02:32:08.0889 1272 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
02:32:08.0905 1272 NDIS - ok
02:32:08.0936 1272 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:32:08.0936 1272 NdisCap - ok
02:32:08.0967 1272 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:32:08.0967 1272 NdisTapi - ok
02:32:09.0014 1272 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
02:32:09.0014 1272 Ndisuio - ok
02:32:09.0077 1272 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
02:32:09.0077 1272 NdisWan - ok
02:32:09.0139 1272 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
02:32:09.0155 1272 NDProxy - ok
02:32:09.0170 1272 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:32:09.0170 1272 NetBIOS - ok
02:32:09.0217 1272 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
02:32:09.0217 1272 NetBT - ok
02:32:09.0279 1272 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:32:09.0279 1272 Netlogon - ok
02:32:09.0373 1272 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
02:32:09.0373 1272 Netman - ok
02:32:09.0467 1272 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
02:32:09.0467 1272 netprofm - ok
02:32:09.0576 1272 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
02:32:09.0576 1272 NetTcpPortSharing - ok
02:32:09.0638 1272 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
02:32:09.0638 1272 nfrd960 - ok
02:32:09.0716 1272 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
02:32:09.0716 1272 NlaSvc - ok
02:32:09.0732 1272 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:32:09.0747 1272 Npfs - ok
02:32:09.0763 1272 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
02:32:09.0763 1272 nsi - ok
02:32:09.0779 1272 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:32:09.0779 1272 nsiproxy - ok
02:32:09.0950 1272 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
02:32:09.0966 1272 Ntfs - ok
02:32:10.0075 1272 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:32:10.0075 1272 Null - ok
02:32:10.0855 1272 nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:32:10.0917 1272 nvlddmkm - ok
02:32:11.0011 1272 nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
02:32:11.0011 1272 nvpciflt - ok
02:32:11.0058 1272 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
02:32:11.0058 1272 nvraid - ok
02:32:11.0089 1272 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
02:32:11.0105 1272 nvstor - ok
02:32:11.0198 1272 NVSvc (5a4af8ea634b4feeaf6f16bb1845715a) C:\Windows\system32\nvvsvc.exe
02:32:11.0214 1272 NVSvc - ok
02:32:11.0495 1272 nvUpdatusService (4b7636c52a359ab0783b350a5fbdbb49) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
02:32:11.0526 1272 nvUpdatusService - ok
02:32:11.0619 1272 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
02:32:11.0619 1272 nv_agp - ok
02:32:11.0651 1272 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
02:32:11.0651 1272 ohci1394 - ok
02:32:11.0713 1272 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:32:11.0713 1272 p2pimsvc - ok
02:32:11.0775 1272 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
02:32:11.0791 1272 p2psvc - ok
02:32:11.0822 1272 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
02:32:11.0822 1272 Parport - ok
02:32:11.0869 1272 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
02:32:11.0869 1272 partmgr - ok
02:32:11.0900 1272 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
02:32:11.0900 1272 PcaSvc - ok
02:32:11.0978 1272 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
02:32:11.0978 1272 pci - ok
02:32:11.0994 1272 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
02:32:11.0994 1272 pciide - ok
02:32:12.0041 1272 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
02:32:12.0056 1272 pcmcia - ok
02:32:12.0087 1272 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:32:12.0087 1272 pcw - ok
02:32:12.0150 1272 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:32:12.0165 1272 PEAUTH - ok
02:32:12.0259 1272 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
02:32:12.0275 1272 PerfHost - ok
02:32:12.0477 1272 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
02:32:12.0509 1272 pla - ok
02:32:12.0633 1272 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
02:32:12.0633 1272 PlugPlay - ok
02:32:12.0665 1272 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
02:32:12.0665 1272 PNRPAutoReg - ok
02:32:12.0711 1272 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:32:12.0711 1272 PNRPsvc - ok
02:32:12.0774 1272 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
02:32:12.0774 1272 PolicyAgent - ok
02:32:12.0821 1272 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
02:32:12.0821 1272 Power - ok
02:32:12.0899 1272 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
02:32:12.0899 1272 PptpMiniport - ok
02:32:12.0914 1272 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
02:32:12.0914 1272 Processor - ok
02:32:12.0961 1272 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
02:32:12.0961 1272 ProfSvc - ok
02:32:12.0992 1272 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:32:12.0992 1272 ProtectedStorage - ok
02:32:13.0039 1272 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
02:32:13.0039 1272 Psched - ok
02:32:13.0211 1272 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
02:32:13.0226 1272 ql2300 - ok
02:32:13.0289 1272 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
02:32:13.0289 1272 ql40xx - ok
02:32:13.0320 1272 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
02:32:13.0335 1272 QWAVE - ok
02:32:13.0351 1272 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:32:13.0351 1272 QWAVEdrv - ok
02:32:13.0382 1272 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:32:13.0382 1272 RasAcd - ok
02:32:13.0413 1272 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:32:13.0413 1272 RasAgileVpn - ok
02:32:13.0445 1272 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
02:32:13.0445 1272 RasAuto - ok
02:32:13.0476 1272 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:32:13.0476 1272 Rasl2tp - ok
02:32:13.0554 1272 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
02:32:13.0569 1272 RasMan - ok
02:32:13.0585 1272 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:32:13.0585 1272 RasPppoe - ok
02:32:13.0632 1272 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:32:13.0647 1272 RasSstp - ok
02:32:13.0679 1272 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
02:32:13.0694 1272 rdbss - ok
02:32:13.0710 1272 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
02:32:13.0710 1272 rdpbus - ok
02:32:13.0741 1272 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:32:13.0741 1272 RDPCDD - ok
02:32:13.0788 1272 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:32:13.0788 1272 RDPENCDD - ok
02:32:13.0803 1272 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:32:13.0803 1272 RDPREFMP - ok
02:32:13.0850 1272 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
02:32:13.0850 1272 RDPWD - ok
02:32:13.0897 1272 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
02:32:13.0897 1272 rdyboost - ok
02:32:13.0944 1272 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
02:32:13.0944 1272 RemoteAccess - ok
02:32:13.0975 1272 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
02:32:13.0991 1272 RemoteRegistry - ok
02:32:14.0022 1272 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
02:32:14.0022 1272 RFCOMM - ok
02:32:14.0053 1272 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
02:32:14.0053 1272 RpcEptMapper - ok
02:32:14.0069 1272 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
02:32:14.0069 1272 RpcLocator - ok
02:32:14.0193 1272 rpcnet (3297445bb9fd3e8363e7559010ed2ae7) C:\Windows\SysWOW64\rpcnet.exe
02:32:14.0193 1272 rpcnet - ok
02:32:14.0271 1272 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:32:14.0287 1272 RpcSs - ok
02:32:14.0349 1272 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:32:14.0349 1272 rspndr - ok
02:32:14.0427 1272 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys
02:32:14.0427 1272 RSUSBVSTOR - ok
02:32:14.0490 1272 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys
02:32:14.0505 1272 RTL8167 - ok
02:32:14.0521 1272 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:32:14.0521 1272 SamSs - ok
02:32:14.0615 1272 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
02:32:14.0615 1272 SASDIFSV - ok
02:32:14.0646 1272 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
02:32:14.0646 1272 SASKUTIL - ok
02:32:14.0693 1272 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
02:32:14.0693 1272 sbp2port - ok
02:32:14.0724 1272 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
02:32:14.0724 1272 SCardSvr - ok
02:32:14.0771 1272 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
02:32:14.0771 1272 scfilter - ok
02:32:14.0880 1272 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
02:32:14.0895 1272 Schedule - ok
02:32:14.0927 1272 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:32:14.0927 1272 SCPolicySvc - ok
02:32:14.0973 1272 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
02:32:14.0989 1272 SDRSVC - ok
02:32:15.0020 1272 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:32:15.0020 1272 secdrv - ok
02:32:15.0067 1272 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
02:32:15.0067 1272 seclogon - ok
02:32:15.0098 1272 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
02:32:15.0114 1272 SENS - ok
02:32:15.0129 1272 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
02:32:15.0145 1272 SensrSvc - ok
02:32:15.0161 1272 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
02:32:15.0161 1272 Serenum - ok
02:32:15.0207 1272 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
02:32:15.0207 1272 Serial - ok
02:32:15.0223 1272 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
02:32:15.0223 1272 sermouse - ok
02:32:15.0270 1272 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
02:32:15.0270 1272 SessionEnv - ok
02:32:15.0301 1272 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
02:32:15.0301 1272 sffdisk - ok
02:32:15.0317 1272 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
02:32:15.0317 1272 sffp_mmc - ok
02:32:15.0332 1272 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
02:32:15.0332 1272 sffp_sd - ok
02:32:15.0363 1272 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
02:32:15.0363 1272 sfloppy - ok
02:32:15.0441 1272 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
02:32:15.0441 1272 SharedAccess - ok
02:32:15.0504 1272 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
02:32:15.0519 1272 ShellHWDetection - ok
02:32:15.0566 1272 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
02:32:15.0566 1272 SiSGbeLH - ok
02:32:15.0613 1272 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:32:15.0613 1272 SiSRaid2 - ok
02:32:15.0644 1272 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
02:32:15.0644 1272 SiSRaid4 - ok
02:32:15.0660 1272 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:32:15.0675 1272 Smb - ok
02:32:15.0707 1272 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
02:32:15.0722 1272 SNMPTRAP - ok
02:32:15.0738 1272 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:32:15.0738 1272 spldr - ok
02:32:15.0800 1272 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
02:32:15.0800 1272 Spooler - ok
02:32:16.0050 1272 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
02:32:16.0081 1272 sppsvc - ok
02:32:16.0206 1272 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
02:32:16.0206 1272 sppuinotify - ok
02:32:16.0299 1272 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
02:32:16.0299 1272 srv - ok
02:32:16.0362 1272 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
02:32:16.0377 1272 srv2 - ok
02:32:16.0424 1272 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
02:32:16.0424 1272 srvnet - ok
02:32:16.0471 1272 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
02:32:16.0487 1272 SSDPSRV - ok
02:32:16.0502 1272 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
02:32:16.0502 1272 SstpSvc - ok
02:32:16.0580 1272 Steam Client Service - ok
02:32:16.0611 1272 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
02:32:16.0611 1272 stexstor - ok
02:32:16.0689 1272 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
02:32:16.0705 1272 stisvc - ok
02:32:16.0736 1272 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
02:32:16.0736 1272 swenum - ok
02:32:16.0783 1272 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
02:32:16.0799 1272 swprv - ok
02:32:16.0955 1272 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
02:32:16.0970 1272 SysMain - ok
02:32:17.0064 1272 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
02:32:17.0064 1272 TabletInputService - ok
02:32:17.0111 1272 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
02:32:17.0126 1272 TapiSrv - ok
02:32:17.0157 1272 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
02:32:17.0173 1272 TBS - ok
02:32:17.0329 1272 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
02:32:17.0360 1272 Tcpip - ok
02:32:17.0594 1272 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
02:32:17.0610 1272 TCPIP6 - ok
02:32:17.0703 1272 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
02:32:17.0703 1272 tcpipreg - ok
02:32:17.0750 1272 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:32:17.0750 1272 TDPIPE - ok
02:32:17.0781 1272 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
02:32:17.0781 1272 TDTCP - ok
02:32:17.0828 1272 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
02:32:17.0828 1272 tdx - ok
02:32:17.0859 1272 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
02:32:17.0859 1272 TermDD - ok
02:32:17.0922 1272 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
02:32:17.0937 1272 TermService - ok
02:32:17.0953 1272 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
02:32:17.0953 1272 Themes - ok
02:32:18.0000 1272 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:32:18.0000 1272 THREADORDER - ok
02:32:18.0031 1272 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
02:32:18.0031 1272 TrkWks - ok
02:32:18.0078 1272 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
02:32:18.0078 1272 TrustedInstaller - ok
02:32:18.0125 1272 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:32:18.0125 1272 tssecsrv - ok
02:32:18.0218 1272 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
02:32:18.0218 1272 TsUsbFlt - ok
02:32:18.0265 1272 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
02:32:18.0265 1272 tunnel - ok
02:32:18.0296 1272 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
02:32:18.0296 1272 TurboB - ok
02:32:18.0359 1272 TurboBoost (6564e84b1522c12ea1c3a181ed03276f) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
02:32:18.0359 1272 TurboBoost - ok
02:32:18.0390 1272 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
02:32:18.0390 1272 uagp35 - ok
02:32:18.0452 1272 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
02:32:18.0468 1272 udfs - ok
02:32:18.0499 1272 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
02:32:18.0499 1272 UI0Detect - ok
02:32:18.0530 1272 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
02:32:18.0530 1272 uliagpkx - ok
02:32:18.0593 1272 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
02:32:18.0593 1272 umbus - ok
02:32:18.0624 1272 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
02:32:18.0624 1272 UmPass - ok
02:32:18.0686 1272 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
02:32:18.0686 1272 upnphost - ok
02:32:18.0733 1272 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
02:32:18.0733 1272 usbccgp - ok
02:32:18.0764 1272 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
02:32:18.0780 1272 usbcir - ok
02:32:18.0780 1272 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
02:32:18.0780 1272 usbehci - ok
02:32:18.0858 1272 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
02:32:18.0858 1272 usbhub - ok
02:32:18.0920 1272 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
02:32:18.0920 1272 usbohci - ok
02:32:18.0951 1272 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
02:32:18.0951 1272 usbprint - ok
02:32:18.0998 1272 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
02:32:18.0998 1272 usbscan - ok
02:32:19.0014 1272 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:32:19.0014 1272 USBSTOR - ok
02:32:19.0029 1272 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
02:32:19.0029 1272 usbuhci - ok
02:32:19.0076 1272 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
02:32:19.0092 1272 usbvideo - ok
02:32:19.0107 1272 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
02:32:19.0107 1272 UxSms - ok
02:32:19.0139 1272 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:32:19.0139 1272 VaultSvc - ok
02:32:19.0154 1272 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
02:32:19.0170 1272 vdrvroot - ok
02:32:19.0232 1272 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
02:32:19.0232 1272 vds - ok
02:32:19.0263 1272 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:32:19.0263 1272 vga - ok
02:32:19.0279 1272 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:32:19.0279 1272 VgaSave - ok
02:32:19.0326 1272 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
02:32:19.0326 1272 vhdmp - ok
02:32:19.0341 1272 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
02:32:19.0341 1272 viaide - ok
02:32:19.0373 1272 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
02:32:19.0373 1272 volmgr - ok
02:32:19.0435 1272 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
02:32:19.0435 1272 volmgrx - ok
02:32:19.0482 1272 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
02:32:19.0482 1272 volsnap - ok
02:32:19.0529 1272 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
02:32:19.0529 1272 vsmraid - ok
02:32:19.0700 1272 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
02:32:19.0716 1272 VSS - ok
02:32:19.0856 1272 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
02:32:19.0856 1272 vwifibus - ok
02:32:19.0887 1272 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
02:32:19.0887 1272 vwififlt - ok
02:32:19.0919 1272 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
02:32:19.0919 1272 vwifimp - ok
02:32:19.0981 1272 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
02:32:19.0997 1272 W32Time - ok
02:32:20.0028 1272 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
02:32:20.0028 1272 WacomPen - ok
02:32:20.0059 1272 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:32:20.0059 1272 WANARP - ok
02:32:20.0075 1272 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:32:20.0075 1272 Wanarpv6 - ok
02:32:20.0231 1272 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
02:32:20.0246 1272 WatAdminSvc - ok
02:32:20.0402 1272 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
02:32:20.0418 1272 wbengine - ok
02:32:20.0527 1272 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
02:32:20.0527 1272 WbioSrvc - ok
02:32:20.0589 1272 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
02:32:20.0605 1272 wcncsvc - ok
02:32:20.0652 1272 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
02:32:20.0667 1272 WcsPlugInService - ok
02:32:20.0683 1272 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
02:32:20.0683 1272 Wd - ok
02:32:20.0761 1272 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:32:20.0777 1272 Wdf01000 - ok
02:32:20.0808 1272 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:32:20.0808 1272 WdiServiceHost - ok
02:32:20.0808 1272 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:32:20.0823 1272 WdiSystemHost - ok
02:32:20.0870 1272 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
02:32:20.0870 1272 WebClient - ok
02:32:20.0917 1272 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
02:32:20.0917 1272 Wecsvc - ok
02:32:20.0948 1272 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
02:32:20.0948 1272 wercplsupport - ok
02:32:20.0964 1272 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
02:32:20.0979 1272 WerSvc - ok
02:32:20.0995 1272 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:32:20.0995 1272 WfpLwf - ok
02:32:21.0042 1272 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
02:32:21.0042 1272 WimFltr - ok
02:32:21.0073 1272 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:32:21.0073 1272 WIMMount - ok
02:32:21.0135 1272 WinDefend - ok
02:32:21.0135 1272 WinHttpAutoProxySvc - ok
02:32:21.0213 1272 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
02:32:21.0213 1272 Winmgmt - ok
02:32:21.0416 1272 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
02:32:21.0432 1272 WinRM - ok
02:32:21.0603 1272 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
02:32:21.0603 1272 WinUsb - ok
02:32:21.0697 1272 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
02:32:21.0713 1272 Wlansvc - ok
02:32:21.0775 1272 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
02:32:21.0775 1272 wlcrasvc - ok
02:32:21.0978 1272 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:32:21.0993 1272 wlidsvc - ok
02:32:22.0071 1272 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
02:32:22.0071 1272 WmiAcpi - ok
02:32:22.0118 1272 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
02:32:22.0118 1272 wmiApSrv - ok
02:32:22.0134 1272 WMPNetworkSvc - ok
02:32:22.0149 1272 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
02:32:22.0149 1272 WPCSvc - ok
02:32:22.0196 1272 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
02:32:22.0196 1272 WPDBusEnum - ok
02:32:22.0274 1272 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:32:22.0274 1272 ws2ifsl - ok
02:32:22.0305 1272 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
02:32:22.0305 1272 wscsvc - ok
02:32:22.0321 1272 WSearch - ok
02:32:22.0524 1272 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
02:32:22.0539 1272 wuauserv - ok
02:32:22.0633 1272 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
02:32:22.0633 1272 WudfPf - ok
02:32:22.0742 1272 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:32:22.0742 1272 WUDFRd - ok
02:32:22.0773 1272 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
02:32:22.0789 1272 wudfsvc - ok
02:32:22.0820 1272 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
02:32:22.0820 1272 WwanSvc - ok
02:32:22.0883 1272 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
02:32:23.0148 1272 \Device\Harddisk0\DR0 - ok
02:32:23.0163 1272 Boot (0x1200) (b5f6be6cdbce8afec77e24d29abd022d) \Device\Harddisk0\DR0\Partition0
02:32:23.0163 1272 \Device\Harddisk0\DR0\Partition0 - ok
02:32:23.0179 1272 Boot (0x1200) (5ee60bfdce741c68bea6e759d22b676a) \Device\Harddisk0\DR0\Partition1
02:32:23.0179 1272 \Device\Harddisk0\DR0\Partition1 - ok
02:32:23.0179 1272 ============================================================
02:32:23.0179 1272 Scan finished
02:32:23.0179 1272 ============================================================
02:32:23.0195 5048 Detected object count: 0
02:32:23.0195 5048 Actual detected object count: 0
02:33:04.0836 5672 Deinitialize success
-
Hello,
Over past few weeks the IP protection module on anti-malware has been making few notifications of blocked access from disreputable ip-addresses to and from my computer. The reports have come while I've been surfing, but the websites I've been in at the time are -as far as I know- considered safe(I'm pretty certain Youtube being the only one that runs ads). After the notifications I did full scans using the latest updates on anti-malware, superantispyware and avira antivirus. They have yielded nothing more than tracking cookies(superantispyware).
The anti-malware logs on the Ip Blocks
2012/03/20 13:31:36 +0200 VESA-PC Vesa IP-BLOCK 91.211.117.70 (Type: outgoing, Port: 50651, Process: chrome.exe)
2012/03/20 13:31:36 +0200 VESA-PC Vesa IP-BLOCK 91.211.117.70 (Type: outgoing, Port: 50652, Process: chrome.exe)
2012/03/20 13:31:36 +0200 VESA-PC Vesa IP-BLOCK 91.211.117.70 (Type: outgoing, Port: 50653, Process: chrome.exe)
2012/03/20 13:39:23 +0200 VESA-PC Vesa IP-BLOCK 93.114.42.168 (Type: outgoing, Port: 50794, Process: chrome.exe)
2012/03/20 13:45:00 +0200 VESA-PC Vesa IP-BLOCK 93.114.42.168 (Type: outgoing, Port: 50853, Process: chrome.exe)
2012/03/20 13:45:00 +0200 VESA-PC Vesa IP-BLOCK 93.114.42.168 (Type: outgoing, Port: 50854, Process: chrome.exe)
2012/03/20 13:45:00 +0200 VESA-PC Vesa IP-BLOCK 93.114.42.168 (Type: outgoing, Port: 50855, Process: chrome.exe)
2012/03/20 13:45:25 +0200 VESA-PC Vesa IP-BLOCK 93.114.42.168 (Type: outgoing, Port: 50874, Process: chrome.exe)
2012/03/20 13:45:25 +0200 VESA-PC Vesa IP-BLOCK 93.114.42.168 (Type: outgoing, Port: 50875, Process: chrome.exe)
2012/03/20 16:00:32 +0200 VESA-PC Vesa IP-BLOCK 93.114.42.168 (Type: outgoing, Port: 52358, Process: chrome.exe)
2012/04/03 00:16:23 +0300 VESA-PC Vesa IP-BLOCK 222.218.45.57 (Type: incoming, Port: 3389, Process: svchost.exe)
-----------
So should I be concerned about these notifications, even though the scans show nothing? Also, if the ip-address is indeed malicious in nature, is the anti-malware's ip-block the only thing insulating the process? I'm currently using windows 7 firewall. Until the time of the first ip-block cluster I used comodo, but since the scans showed nothing, the notices stopped and comodo's defence+ functionality started to complain that trusted and cleanly acquired programs like open office and bink video contained malware code, I changed my firewall to windows 7 default firewall
Outgoing IP blocks to malignant sites.
in Resolved Malware Removal Logs
Posted
Hello,
Allright then. As I have no further questions or problems, the thread can be closed.
Thank you very much for your help.
Bobobot