Jump to content

chooki

Honorary Members
  • Posts

    36
  • Joined

  • Last visited

Everything posted by chooki

  1. Hello Porthos. That fixed it. Thanks to everyone for their suggestions.
  2. Hello Ried, I've attached mb-check-results.zip Regards. mb-check-results.zip
  3. Thank you for your prompt response. I've searched through every column in shexview and don't have entries for Malwarebytes anywhere. There are no disbled items either. In the image I have put all non Microsoft images at the top. Back tomorrow.
  4. Hello, I'm unable to create a right click option. It's turned on in the program and I turned it off and on to see whether that would sort it but it did not. I've downloaded an unsigned .exe file and don't want to run it before scanning with MB even though it checks out alright with Total Defense AV. It seems I can only configure MB scans by drives and cannot further navigate to individual files. is that the way MB is or can it be configured to refine scans? May I have suggestions please?
  5. Hello all, Using Win7 currently running MBAM v2.2.1.1043 due to experiencing glitches in MB v3.0.5.1299 on this system. Lately, when the computer has been restarted, Windows has been repairing the start-up files, I thought the system was reverting to a last known good configuration but maybe not as System restore was turned off/on then a restore point manually created. Since the last reboot Windows update wants asks to re-install the files already recently installed, after the new restore point was manually created. The pc takes longer to start and the MBAM tray icon is almost always the last icon to appear, whereas it used to be one of the first. I am at a loss. Full scans with MBAM and Total Defense anti-virus come up clean. What else can be run to check whether there is a system problem (SSD failing) or whether there's some type of infection? If some tests are asked for, should all items in msconfig be enabled before running tests? Thanks in advance. C
  6. Hi everyone. First of all, peer 2 peer programs are off and have been prevented from starting with Windows in msconfig. I formatted 2 or 3 weeks ago and some problems still persist. The computer behaves strangely sometimes. Using Internet Explorer, my Total Defense anti-virus website checker usually has green, amber or red icons next to links in Facebook and Google. Instead I see small squares with a black x within. This problem has persisted since before the recent re-install. When I start the computer, alos as before the recent re-install, Malwarebytes Pro sometimes does not start and when it does, it's usually crippled. Malicious website protection is disabled and if it's not, after a few seconds it is. Clicking 'fix now' does not always fix it. Sometimes exiting Malwartebytes and re-starting it cures the problem, at other times it's necessary to re-install Malwarebytes over the top. That always fixes it...... temporarily. Most times I hibernate the pc and today when I woke the computer from hibernation, Malwarebytes did not start and it was running at last shutdown. After I started Malwarebytes today, for the first time a dialogue box popped up: "Malwarebytes was unable to load the Anti-Rootkit DDA Driver, this error may be cause by rootkit activity. Do you want to reboot the system and attempt to install the driver?" Afterwards, all seemed fine and a scan of the OS drive with MB turned up nothing. Also, the MB anti-root kit program with current signatures found nothing. I am at a loss about what to do next. May I have some help please? I cannot post the FRST and Addition logs because they make the post too long but I'll attach them if desired.
  7. Ok I am totally satisfied, thankyou. ========================================================================= Brains It's no joke! You really need one of those things. Yes very true lol, and to keep it turned on at all times! 15 years or so of using computers and I (should) know well enough the risk of running executables. I downloaded a film and it offered the video.codec.exe so I didn't tick to download it but the film wouldn't play without it so I went back and got the video.codec.exe and ran it with elevated UAC !! I didn't listen to the little man on my shoulder and paid the price for being greedy. thanks again chooki
  8. VirusTotal: https://www.virustotal.com/en/file/e4915a74c29feb8a68578907a734f0d011392ddc491eb176b8b51692638f472b/analysis/1383128722/
  9. aswMBR result: aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-10-30 21:17:25 ----------------------------- 21:17:25.475 OS Version: Windows x64 6.1.7601 Service Pack 1 21:17:25.475 Number of processors: 8 586 0x3A09 21:17:25.475 ComputerName: HPX UserName: 21:17:25.855 Initialize success 21:19:38.048 AVAST engine defs: 13102901 21:19:52.408 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 21:19:52.408 Disk 0 Vendor: INTEL_SS 335t Size: 228936MB BusType: 8 21:19:52.408 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-3 21:19:52.408 Disk 1 Vendor: WDC_WD20 05.0 Size: 1907729MB BusType: 8 21:19:52.418 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-4 21:19:52.418 Disk 2 Vendor: WDC_WD20 05.0 Size: 1907729MB BusType: 8 21:19:52.428 Disk 0 MBR read successfully 21:19:52.428 Disk 0 MBR scan 21:19:52.438 Disk 0 Windows 7 default MBR code 21:19:52.438 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 800 MB offset 2048 21:19:52.438 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 221789 MB offset 1640448 21:19:52.448 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 6245 MB offset 455864320 21:19:52.458 Disk 0 Partition 4 00 27 Hidden NTFS WinRE MSDOS5.0 100 MB offset 468654080 21:19:52.478 Disk 0 scanning C:\Windows\system32\drivers 21:19:57.498 Service scanning 21:20:05.023 Modules scanning 21:20:05.023 Disk 0 trace - called modules: 21:20:05.033 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 21:20:05.033 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80170cd790] 21:20:05.033 3 CLASSPNP.SYS[fffff88001cf343f] -> nt!IofCallDriver -> [0xfffffa800d5c4430] 21:20:05.043 5 ACPI.sys[fffff88000efa7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0xfffffa800d5c7050] 21:20:05.393 AVAST engine scan C:\Windows 21:20:06.033 AVAST engine scan C:\Windows\system32 21:21:19.898 AVAST engine scan C:\Windows\system32\drivers 21:21:24.928 AVAST engine scan C:\Users\Z220 21:21:37.261 AVAST engine scan C:\ProgramData 21:21:43.536 Scan finished successfully 21:22:26.196 Disk 0 MBR has been saved successfully to "C:\Users\Z220\Desktop\MBR.dat" 21:22:26.196 The log file has been saved successfully to "C:\Users\Z220\Desktop\aswMBR.txt"
  10. Yes, please do a special checkup. Let me know what to do. chooki
  11. Delfix cleaned up the desktop and a few other areas. I had to go into program files and delete one or two antimalware folders via the uninstall.exe files in them. Also deleted some other left over files and folders that remained after uninstalling via add/remove. The MBR still has traces of the malware, I think...one program already mentioned in this thread, boot cleaner or similar still notifies of rootkit modifications in the MBR. The antivirus email protection component broke again but I have reinstalled afresh and it works properly now, as does the antivirus BHO. Apart from the traces, everything is good, webpages load like lightning once again, no more crashing of I.E. 10. Windows Defender was able to run for the first time since system reinstall and WD update signatures which were about 3 years old. Provided everything remains as it is now, I am happy enough however if things start acting strangely again maybe I can fully wipe the SSD so that it needs to be reinitialized. THAT should, hopefully, wipe EVERYTHING, including the MBR, but.... there are 3 other partitions on Drive0 without letters assigned and in these partitions are system and recovery items. The workstation didn't come with a Windows 7 installation disc, only the HP discs... I suppose I could find the drivers on the HP website.... I don't know what I may do, I will think it over. I bought Malwarebytes Antimalware Pro yesterday. I think it's good to run it alongside Total Defense even though Total Defense don't like that being done. ... I like the realtime functionality in MAW Pro. Before I read one of your posts yesterday Marius, I split the file using WinRAR and uploaded it to bleepingcomputer. The more A-V and A-W companies that wipe it out the better. Kind regards
  12. Even though the problems I experienced ARE indeed fixed, ... problems remained after system reinstallation that caused the antivirus toolbar helper to still not check any web pages. It marked everything as 'unknown' instead of 'safe', 'medium risk' and 'high risk'. Now, after simply installing over the top, it works; it was a big concern for me that it didn't. I didn't try Combofix because I didn't know how to use it. I'm going to buy the Malwarebytes Pro. I like it's realtime functionality. I had the trial and it's blocked a few pages already. Thanks for everything Marius, have a look in your Paypal in a few minutes. Let me know when you receive it chooki
  13. AdwCleaner: # AdwCleaner v3.010 - Report created 29/10/2013 at 22:50:52 # Updated 20/10/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Z220 - HPX # Running from : C:\Users\Z220\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16720 ************************* checkup.txt: Results of screen317's Security Check version 0.99.75 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! Total Defense Anti-Virus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Total Defense Internet Security Suite Anti-Virus caamsvc.exe Total Defense Internet Security Suite Anti-Virus isafe.exe Malwarebytes' Anti-Malware mbamscheduler.exe Malwarebytes Anti-Exploit mbae.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 3% ````````````````````End of Log`````````````````````` FSS.txt: Farbar Service Scanner Version: 24-10-2013 Ran by Z220 (administrator) on 29-10-2013 at 22:57:54 Running from "C:\Users\Z220\Desktop" Microsoft Windows 7 Professional Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys [2013-10-12 02:52] - [2013-09-14 12:10] - 0497152 ____A (Microsoft Corporation) 314C17917AC8523EC77A710215012A65 C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys [2013-10-12 02:52] - [2013-09-08 13:30] - 1903552 ____A (Microsoft Corporation) 40AF23633D197905F03AB5628C558C51 C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** Hopefully, all I have to do now is to reinstall my antivirus program to get its toolbar website checker working.
  14. ESET found only these: C:\Users\Z220\Desktop\malware\x264 Video Codecs XP-Win7.zip Win32/Sathurbot.A Trojan C:\Users\Z220\Desktop\malware\x264 Video Codecs XP-Win7.exe Win32/Sathurbot.A Trojan These are the files I tried to upload to Malwarebytes for examination but they exceed the 5MB maximum filesize so I couldn't. Combofix created a new folder called Qoobox and there are a few quarantined files and folders in it.
  15. Even though I stopped the antivirus from starting at bootup, certain components of it still ran until I rebooted twice more. Even then, the antivirus prompted me whether to block or allow "Freeware Implementation Of reg.exe" and "NirCmd". I allowed them. Combofix.txt: ComboFix 13-10-28.01 - Z220 29/10/2013 19:21:21.1.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.16329.14324 [GMT 11:00] Running from: c:\users\Z220\Desktop\ComboFix.exe AV: Total Defense Anti-Virus *Enabled/Updated* {57B5C44D-AAB5-DBC9-741B-542BE5A132EA} FW: Total Defense Personal Firewall *Enabled* {6F8E4568-E0DA-DA91-5F44-FD1E1B727591} SP: Total Defense Anti-Virus *Enabled/Updated* {ECD425A9-8C8F-D447-4EAB-6F599E267857} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\wininit.ini . . ((((((((((((((((((((((((( Files Created from 2013-09-28 to 2013-10-29 ))))))))))))))))))))))))))))))) . . 2013-10-29 08:26 . 2013-10-29 08:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-10-29 08:17 . 2013-10-29 08:17 16712 ----a-w- c:\windows\system32\drivers\PROCEXP113.SYS 2013-10-27 06:24 . 2013-10-27 06:25 -------- d-----w- c:\programdata\Recovery 2013-10-26 07:43 . 2013-10-26 07:43 12872 ----a-w- c:\windows\system32\bootdelete.exe 2013-10-26 07:33 . 2013-10-26 07:43 -------- d-----w- c:\programdata\HitmanPro 2013-10-26 02:00 . 2013-10-26 02:00 -------- d-----w- c:\programdata\Kingsoft 2013-10-26 01:34 . 2013-10-26 01:34 -------- d-----w- c:\programdata\SysReveal 2013-10-26 01:23 . 2013-10-26 01:24 25088 ----a-w- c:\windows\SysWow64\drivers\dvqGGvc.sys 2013-10-26 01:12 . 2013-10-26 01:12 35712 ----a-w- c:\windows\SysWow64\drivers\Lpc0GR7b.sys 2013-10-25 10:12 . 2013-10-25 10:12 -------- d-----w- c:\programdata\Norton 2013-10-25 10:08 . 2013-10-25 10:08 56832 ----a-w- c:\windows\SysWow64\drivers\RKD.sys 2013-10-25 09:43 . 2010-08-23 06:07 29752 ----a-w- c:\windows\system32\drivers\rspSanity64.sys 2013-10-25 06:16 . 2013-10-25 06:16 -------- d-----w- c:\programdata\Sony 2013-10-25 06:16 . 2013-10-25 06:16 -------- d-----w- c:\program files (x86)\Sony 2013-10-24 08:14 . 2013-10-24 08:14 -------- d-----w- c:\program files (x86)\MSECache 2013-10-23 10:18 . 2013-10-23 10:18 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2013-10-23 10:18 . 2013-10-23 10:18 -------- d-----w- c:\programdata\AVG SafeGuard toolbar 2013-10-23 04:12 . 2013-10-23 04:12 -------- d-----w- c:\windows\ERUNT 2013-10-23 04:11 . 2013-10-23 04:11 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-10-23 03:40 . 2013-10-23 03:40 116440 ----a-w- c:\windows\system32\drivers\48230029.sys 2013-10-23 03:39 . 2013-10-23 03:39 91352 ----a-w- c:\windows\system32\drivers\3E5D0FD8.sys 2013-10-23 03:16 . 2013-10-23 03:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-10-23 03:16 . 2013-04-04 03:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-10-23 01:55 . 2013-10-28 03:40 -------- d-----w- c:\program files\Malwarebytes Anti-Exploit 2013-10-23 01:55 . 2013-07-15 17:41 743248 ----a-w- c:\windows\SysWow64\msvcp100d.dll 2013-10-23 01:55 . 2013-07-15 17:41 1858896 ----a-w- c:\windows\system32\msvcr100d.dll 2013-10-23 01:55 . 2013-07-15 17:41 1498960 ----a-w- c:\windows\SysWow64\msvcr100d.dll 2013-10-23 01:55 . 2013-07-15 17:41 1014096 ----a-w- c:\windows\system32\msvcp100d.dll 2013-10-22 07:17 . 2013-10-22 07:17 -------- d-----w- C:\Program Files(x86) 2013-10-22 06:53 . 2013-10-22 06:53 -------- d-----w- c:\programdata\Easy CD-DA Extractor 2013-10-22 06:53 . 2013-10-22 06:53 -------- d-----w- c:\program files\Easy CD-DA Extractor 15 2013-10-21 06:39 . 2013-10-21 06:39 -------- d-----w- c:\programdata\vsosdk 2013-10-21 02:44 . 2013-10-21 02:44 -------- d-----w- c:\program files (x86)\Convert AVI to MP4 2013-10-21 02:39 . 2013-10-23 09:10 -------- d-----w- c:\programdata\VSO 2013-10-21 02:39 . 2013-10-21 04:48 -------- d-----w- c:\program files (x86)\VSO 2013-10-21 02:11 . 2013-10-21 02:11 -------- d-----w- c:\program files (x86)\Gabest 2013-10-21 02:11 . 2011-05-30 13:42 240640 ----a-w- c:\windows\SysWow64\xvidvfw.dll 2013-10-21 02:11 . 2011-05-30 13:42 255488 ----a-w- c:\windows\system32\xvidvfw.dll 2013-10-21 02:11 . 2011-05-23 09:52 153088 ----a-w- c:\windows\SysWow64\xvid.ax 2013-10-21 02:11 . 2011-05-23 07:49 173568 ----a-w- c:\windows\system32\xvid.ax 2013-10-21 02:11 . 2011-05-23 07:46 645632 ----a-w- c:\windows\SysWow64\xvidcore.dll 2013-10-21 02:11 . 2011-05-23 07:45 696832 ----a-w- c:\windows\system32\xvidcore.dll 2013-10-21 02:11 . 2013-10-21 02:11 -------- d-----w- c:\program files (x86)\Xvid 2013-10-21 02:10 . 2013-10-21 02:10 -------- d-----w- c:\program files (x86)\AviSynth 2.5 2013-10-21 02:09 . 2013-10-21 02:11 -------- d-----w- c:\program files (x86)\AVI ReComp 2013-10-21 00:57 . 2013-10-21 00:57 -------- d-----w- c:\program files\Handbrake 2013-10-21 00:40 . 2013-10-21 00:40 -------- d-----w- c:\programdata\ArcSoft 2013-10-21 00:40 . 2013-10-21 00:40 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft 2013-10-21 00:40 . 2013-10-21 00:40 -------- d-----w- c:\program files (x86)\ArcSoft 2013-10-21 00:34 . 2013-10-21 00:34 -------- d-----w- c:\programdata\Aiseesoft Studio 2013-10-21 00:34 . 2013-10-21 00:34 -------- d-----w- c:\program files (x86)\Aiseesoft Studio 2013-10-21 00:25 . 2013-10-22 07:27 -------- d-----w- c:\programdata\SlySoft 2013-10-21 00:25 . 2013-10-22 07:26 -------- d-----w- c:\program files (x86)\SlySoft 2013-10-17 05:26 . 2013-10-28 09:09 -------- d-----w- C:\P&Plus 2013-10-17 04:21 . 2013-10-17 04:20 265736 ----a-w- c:\windows\SysWow64\cfgmig32.exe 2013-10-17 04:21 . 2013-10-17 04:20 1424904 ----a-w- c:\windows\SysWow64\cfgmig32.dll 2013-10-17 04:21 . 2013-10-17 04:20 1424904 ----a-w- c:\windows\system32\cfgmig32.dll 2013-10-17 04:21 . 2013-09-03 12:01 3213712 ----a-w- c:\windows\SysWow64\mdmcls32.exe 2013-10-17 04:21 . 2013-09-03 12:01 3213712 ----a-w- c:\windows\system32\mdmcls32.exe 2013-10-17 04:21 . 2013-09-03 07:22 2992528 ----a-w- c:\windows\SysWow64\winsflte.dll 2013-10-17 04:05 . 2013-10-17 04:05 -------- d-----w- c:\program files (x86)\CA 2013-10-17 04:05 . 2013-09-03 12:09 2763152 ----a-w- c:\windows\SysWow64\svcprs32.exe 2013-10-17 04:05 . 2013-09-03 12:05 291728 ----a-w- c:\windows\SysWow64\winsfinst_x64.exe 2013-10-17 04:05 . 2013-09-03 12:05 100752 ----a-w- c:\windows\SysWow64\winsfinst.exe 2013-10-17 04:05 . 2013-09-03 12:03 4110736 ----a-w- c:\windows\SysWow64\win32cpr.dll 2013-10-17 04:05 . 2002-01-01 03:02 7440 ----a-w- c:\windows\SysWow64\sporder.dll 2013-10-17 04:05 . 2013-10-17 04:05 -------- d-----w- c:\program files (x86)\Common Files\InstallShield 2013-10-17 04:05 . 2013-10-17 04:20 -------- d-----w- c:\program files\ISSThirdParty 2013-10-17 04:05 . 2013-10-17 04:05 -------- d-----w- c:\program files\Total Defense 2013-10-17 04:05 . 2013-10-17 04:22 -------- d-----w- c:\programdata\CA 2013-10-17 00:22 . 2013-10-17 00:22 -------- d-----w- c:\programdata\EPSON 2013-10-16 15:12 . 2013-10-24 11:41 27256 ----a-w- c:\windows\system32\drivers\FixZeroAccess.sys 2013-10-16 09:52 . 2013-10-16 09:52 -------- d-----w- c:\programdata\Sophos 2013-10-15 06:16 . 2013-10-26 12:44 -------- d-----w- c:\program files\CCleaner 2013-10-15 00:48 . 2013-10-15 01:35 -------- d-----w- c:\program files (x86)\Defender Pro Quick Scanner 2013-10-14 23:07 . 2013-10-14 23:07 -------- d-----w- c:\program files\Enigma Software Group 2013-10-14 23:06 . 2013-10-14 23:06 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2013-10-14 10:22 . 2013-10-14 10:22 -------- d-----w- c:\programdata\Malwarebytes 2013-10-14 10:22 . 2013-10-23 03:47 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-10-13 09:21 . 2013-10-13 09:21 -------- d-----w- c:\program files\MPC-HC 2013-10-13 06:16 . 2013-10-13 06:18 -------- d-----w- c:\program files (x86)\Microsoft Works 2013-10-13 06:16 . 2013-10-13 06:16 -------- d-----w- c:\windows\PCHEALTH 2013-10-13 06:15 . 2013-10-13 06:15 -------- d-----w- c:\program files\Microsoft Office 2013-10-13 06:15 . 2013-10-13 06:15 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2013-10-13 06:15 . 2013-10-13 06:29 -------- d-----w- c:\programdata\Microsoft Help 2013-10-13 06:15 . 2013-10-13 06:15 -------- d-----r- C:\MSOCache 2013-10-12 21:58 . 2013-10-12 21:58 -------- d-----w- c:\users\Public\Creative 2013-10-12 21:31 . 2013-10-12 21:31 -------- d-----w- c:\windows\SysWow64\Wat 2013-10-12 21:31 . 2013-10-12 21:31 -------- d-----w- c:\windows\system32\Wat 2013-10-12 21:10 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll 2013-10-12 12:50 . 2013-02-20 11:14 495888 ----a-w- c:\windows\system32\drivers\e1c62x64.sys 2013-10-12 12:50 . 2012-12-05 16:21 73032 ----a-w- c:\windows\system32\e1cmsg.dll 2013-10-12 12:50 . 2012-11-13 17:07 101224 ----a-w- c:\windows\system32\NicInstC.dll 2013-10-12 12:50 . 2013-10-12 12:50 316736 ----a-w- c:\windows\system32\PRONtObj.dll 2013-10-12 12:50 . 2013-10-12 12:50 163400 ----a-w- c:\windows\system32\drivers\iANSW60e.sys 2013-10-12 12:07 . 2013-10-12 12:07 -------- d-----w- c:\programdata\{A5CCDB92-FA53-47D1-89E6-32B82D86621A} 2013-10-12 11:59 . 2013-10-15 01:34 -------- d-----w- c:\windows\system32\appmgmt 2013-10-12 10:03 . 2013-10-12 10:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-10-12 10:02 . 2013-10-17 03:51 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2 2013-10-12 09:22 . 2013-10-12 09:22 -------- d-----w- c:\program files (x86)\MSXML 4.0 2013-10-12 09:20 . 2013-10-12 09:20 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-10-12 08:44 . 2013-09-25 14:46 80541720 ----a-w- c:\windows\system32\MRT.exe 2013-10-12 08:29 . 2013-10-12 08:29 -------- d-----w- c:\program files\WinRAR 2013-10-12 06:31 . 2013-10-12 06:31 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2013-10-12 04:45 . 2012-06-08 18:09 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll 2013-10-12 04:45 . 2013-10-12 04:45 -------- d-----w- C:\Intel 2013-10-12 04:45 . 2011-08-23 20:52 117248 ----a-w- c:\windows\system32\HPMUIDir.exe 2013-10-12 04:45 . 2013-10-12 04:48 -------- d-----w- c:\program files\Hewlett-Packard 2013-10-12 04:45 . 2013-10-12 12:07 -------- d-----w- c:\program files (x86)\Hewlett-Packard 2013-10-12 04:38 . 2013-10-12 04:38 96768 ----a-w- c:\windows\system32\fsutil.exe 2013-10-12 04:38 . 2013-10-12 04:38 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS 2013-10-12 04:38 . 2013-10-12 04:38 74240 ----a-w- c:\windows\SysWow64\fsutil.exe 2013-10-12 04:38 . 2013-10-12 04:38 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys 2013-10-12 04:38 . 2013-10-12 04:38 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys 2013-10-12 04:38 . 2013-10-12 04:38 2565632 ----a-w- c:\windows\system32\esent.dll 2013-10-12 04:38 . 2013-10-12 04:38 189824 ----a-w- c:\windows\system32\drivers\storport.sys 2013-10-12 04:38 . 2013-10-12 04:38 1699328 ----a-w- c:\windows\SysWow64\esent.dll 2013-10-12 04:38 . 2013-10-12 04:38 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys 2013-10-12 04:38 . 2013-10-12 04:38 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys 2013-10-12 04:38 . 2013-10-12 04:38 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys 2013-10-12 04:37 . 2013-10-12 04:37 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2013-10-12 04:37 . 2013-10-12 04:37 503808 ----a-w- c:\windows\system32\srcore.dll 2013-10-12 04:37 . 2013-10-12 04:37 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2013-10-12 04:36 . 2013-10-12 04:36 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll 2013-10-12 04:36 . 2013-10-12 04:36 2048 ----a-w- c:\windows\system32\msxml3r.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-09-03 03:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-08-29 01:48 . 2013-10-11 15:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-07-31 11:23 . 2013-07-31 11:23 139352 ----a-w- c:\windows\SysWow64\drivers\AnyDVD.sys 2013-07-31 11:23 . 2013-07-31 11:23 139352 ----a-w- c:\windows\system32\drivers\AnyDVD.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVD.exe" [2013-10-25 94296] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-06-08 291648] "IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-05-02 132440] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoDevMgrUpdate"= 0 (0x0) "NoDFSTab"= 0 (0x0) "NoEncryptOnMove"= 0 (0x0) "NoResolveTrack"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDevMgrUpdate"= 0 (0x0) "NoDFSTab"= 0 (0x0) "NoEncryptOnMove"= 0 (0x0) "NoResolveTrack"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "DisableLocalMachineRun"= 0 (0x0) "DisableLocalMachineRunOnce"= 0 (0x0) "DisableCurrentUserRun"= 0 (0x0) "DisableCurrentUserRunOnce"= 0 (0x0) "NoFile"= 0 (0x0) "HideClock"= 0 (0x0) "NoDevMgrUpdate"= 0 (0x0) "NoDFSTab"= 0 (0x0) "NoEncryptOnMove"= 0 (0x0) "NoResolveTrack"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW] 2011-02-24 03:33 79368 ----a-w- c:\windows\System32\UmxWNP.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] @="" . R1 1UnHooker;1UnHooker;c:\windows\system32\DRIVERS\1UnHooker.sys;c:\windows\SYSNATIVE\DRIVERS\1UnHooker.sys [x] R1 A2DDA;A2 Direct Disk Access Support Driver;c:\eek\RUN\a2ddax64.sys;c:\eek\RUN\a2ddax64.sys [x] R2 CAAMSvc;CAAMSvc;c:\program files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe;c:\program files\Total Defense\Internet Security Suite\Anti-Virus\caamsvc.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe;c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [x] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R2 UmxEngine;TM Engine;c:\program files\CA\SharedComponents\TMEngine\UmxEngine.exe;c:\program files\CA\SharedComponents\TMEngine\UmxEngine.exe [x] R3 aswArKrn;aswArKrn;c:\users\Z220\AppData\Local\Temp\aswArKrn.sys;c:\users\Z220\AppData\Local\Temp\aswArKrn.sys [x] R3 cleanhlp;cleanhlp;c:\eek\Run\cleanhlp64.sys;c:\eek\Run\cleanhlp64.sys [x] R3 DarkSpy;DarkSpy;c:\windows\system32\DarkSpyKernel.sys;c:\windows\SYSNATIVE\DarkSpyKernel.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 FilterMon;FilterMon;c:\users\Z220\Desktop\anti rootkit apps\x64\FilterMon.sys;c:\users\Z220\Desktop\anti rootkit apps\x64\FilterMon.sys [x] R3 IFCoEMP;IFCoEMP;c:\windows\system32\drivers\ifM60x64.sys;c:\windows\SYSNATIVE\drivers\ifM60x64.sys [x] R3 IFCoEVB;IFCoEVB;c:\windows\system32\drivers\ifP60X64.sys;c:\windows\SYSNATIVE\drivers\ifP60X64.sys [x] R3 Lpc0GR7b;BlackBox SR2; [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] R3 pwalker;Process Walker Driver;c:\users\Z220\Desktop\anti rootkit apps\New folder\pwalker.sys;c:\users\Z220\Desktop\anti rootkit apps\New folder\pwalker.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 rspSanity;rspSanity;c:\windows\system32\DRIVERS\rspSanity64.sys;c:\windows\SYSNATIVE\DRIVERS\rspSanity64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x] S0 KmxAMRT;KmxAMRT;c:\windows\system32\DRIVERS\KmxAMRT.sys;c:\windows\SYSNATIVE\DRIVERS\KmxAMRT.sys [x] S0 KmxFw;KmxFw;c:\windows\System32\DRIVERS\kmxfw.sys;c:\windows\SYSNATIVE\DRIVERS\kmxfw.sys [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x] S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files\Malwarebytes Anti-Exploit\MBAE.sys;c:\program files\Malwarebytes Anti-Exploit\MBAE.sys [x] S1 KmxAgent;KmxAgent;c:\windows\system32\DRIVERS\kmxagent.sys;c:\windows\SYSNATIVE\DRIVERS\kmxagent.sys [x] S1 KmxCfg;KmxCfg;c:\windows\system32\DRIVERS\kmxcfg.sys;c:\windows\SYSNATIVE\DRIVERS\kmxcfg.sys [x] S1 KmxFile;KmxFile;c:\windows\system32\DRIVERS\KmxFile.sys;c:\windows\SYSNATIVE\DRIVERS\KmxFile.sys [x] S1 KmxFilter;HIPS Core Filter Driver;c:\windows\system32\DRIVERS\KmxFilter.sys;c:\windows\SYSNATIVE\DRIVERS\KmxFilter.sys [x] S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x] S2 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\Total Defense\Internet Security Suite\ccschedulersvc.exe;c:\program files\Total Defense\Internet Security Suite\ccschedulersvc.exe [x] S2 CtHdaSvc;Sound Blaster Service;c:\windows\sysWow64\CtHdaSvc.exe;c:\windows\sysWow64\CtHdaSvc.exe [x] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x] S2 KmxCF;KmxCF;c:\windows\system32\DRIVERS\KmxCF.sys;c:\windows\SYSNATIVE\DRIVERS\KmxCF.sys [x] S2 KmxSbx;KmxSbx;c:\windows\system32\DRIVERS\KmxSbx.sys;c:\windows\SYSNATIVE\DRIVERS\KmxSbx.sys [x] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S2 WinSvchostManagerSrv;WinSvchostManagerSrv;c:\windows\SysWOW64\cfgmig32.exe;c:\windows\SysWOW64\cfgmig32.exe [x] S3 cthda;Sound Blaster HDAudio;c:\windows\system32\drivers\cthda.sys;c:\windows\SYSNATIVE\drivers\cthda.sys [x] S3 cthdb;SB Recon3D PCIe Audio Bus Filter;c:\windows\system32\DRIVERS\cthdb.sys;c:\windows\SYSNATIVE\DRIVERS\cthdb.sys [x] S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x] S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2013-10-28 c:\windows\Tasks\HPCeeScheduleForZ220.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . 2013-10-29 c:\windows\Tasks\Malwarebytes Anti-Exploit.job - c:\program files\Malwarebytes Anti-Exploit\mbae-loader.exe [2013-10-23 22:48] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768] "nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-06-05 2716960] "cctray"="c:\program files\Total Defense\Internet Security Suite\casc.exe" [2013-10-17 2733576] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\UmxSbxExA64.dll . ------- Supplementary Scan ------- . uStart Page = https://www.google.com.au/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 198.142.0.51 211.29.132.12 198.142.235.14 . . ------- File Associations ------- . inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1 JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %* txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1 . - - - - ORPHANS REMOVED - - - - . SafeBoot-07589289.sys SafeBoot-48829666.sys SafeBoot-CleanHlp SafeBoot-CleanHlp.sys AddRemove-{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A} - c:\program files (x86)\InstallShield Installation Information\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-10-29 19:28:22 ComboFix-quarantined-files.txt 2013-10-29 08:28 . Pre-Run: 169,453,965,312 bytes free Post-Run: 169,285,218,304 bytes free . - - End Of File - - C4A02DD0465594C7508EACE1F78B6066
  16. virus total: https://www.virustotal.com/en/file/b19e0a4855ce7af346ae67a2479a3826d54909793f923bf48498394e2c02dfb0/analysis/1383033734/
  17. part 15: 05:53:42.0850 6188 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll 05:53:42.0850 6188 C:\Windows\SysWOW64\imapi2.dll - ok 05:53:42.0850 6188 [ 12395E528456DFE82979ACFEA96D290C ] C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui 05:53:42.0850 6188 C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui - ok 05:53:42.0850 6188 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll 05:53:42.0850 6188 C:\Windows\System32\imapi2.dll - ok 05:53:42.0850 6188 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL 05:53:42.0850 6188 C:\Windows\SysWOW64\QAGENT.DLL - ok 05:53:42.0850 6188 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL 05:53:42.0850 6188 C:\Windows\System32\QAGENT.DLL - ok 05:53:42.0850 6188 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl 05:53:42.0850 6188 C:\Windows\SysWOW64\bthprops.cpl - ok 05:53:42.0850 6188 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl 05:53:42.0850 6188 C:\Windows\System32\bthprops.cpl - ok 05:53:42.0866 6188 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll 05:53:42.0866 6188 C:\Windows\SysWOW64\hgcpl.dll - ok 05:53:42.0866 6188 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll 05:53:42.0866 6188 C:\Windows\System32\hgcpl.dll - ok 05:53:42.0866 6188 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll 05:53:42.0866 6188 C:\Windows\System32\ListSvc.dll - ok 05:53:42.0866 6188 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\SysWOW64\P2P.dll 05:53:42.0866 6188 C:\Windows\SysWOW64\P2P.dll - ok 05:53:42.0866 6188 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll 05:53:42.0866 6188 C:\Windows\System32\P2P.dll - ok 05:53:42.0866 6188 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll 05:53:42.0866 6188 C:\Windows\System32\IdListen.dll - ok 05:53:42.0866 6188 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll 05:53:42.0866 6188 C:\Windows\SysWOW64\p2pcollab.dll - ok 05:53:42.0866 6188 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll 05:53:42.0866 6188 C:\Windows\System32\pnrpsvc.dll - ok 05:53:42.0866 6188 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll 05:53:42.0866 6188 C:\Windows\System32\hgprint.dll - ok 05:53:42.0866 6188 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll 05:53:42.0866 6188 C:\Windows\SysWOW64\sqmapi.dll - ok 05:53:42.0881 6188 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll 05:53:42.0881 6188 C:\Windows\System32\p2psvc.dll - ok 05:53:42.0881 6188 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\SysWOW64\P2PGraph.dll 05:53:42.0881 6188 C:\Windows\SysWOW64\P2PGraph.dll - ok 05:53:42.0881 6188 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll 05:53:42.0881 6188 C:\Windows\System32\P2PGraph.dll - ok 05:53:42.0881 6188 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll 05:53:42.0881 6188 C:\Windows\System32\FXSST.dll - ok 05:53:42.0881 6188 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll 05:53:42.0881 6188 C:\Windows\SysWOW64\FXSAPI.dll - ok 05:53:42.0881 6188 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll 05:53:42.0881 6188 C:\Windows\System32\FXSAPI.dll - ok 05:53:42.0881 6188 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll 05:53:42.0881 6188 C:\Windows\SysWOW64\FXSRESM.dll - ok 05:53:42.0881 6188 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll 05:53:42.0881 6188 C:\Windows\System32\FXSRESM.dll - ok 05:53:42.0881 6188 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe 05:53:42.0881 6188 C:\Windows\System32\FXSSVC.exe - ok 05:53:42.0881 6188 ============================================================ 05:53:42.0881 6188 Scan finished 05:53:42.0881 6188 ============================================================ 05:53:42.0897 6180 Detected object count: 1 05:53:42.0897 6180 Actual detected object count: 1 05:54:58.0684 6180 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user 05:54:58.0684 6180 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip ======================================================================================== ark.txt: GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-10-29 06:11:01 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 INTEL_SS rev.335t 223.57GB Running: vh5jpc8s.exe; Driver: C:\Users\Z220\AppData\Local\Temp\pgldipow.sys ---- Threads - GMER 2.1 ---- Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2936:4484] 000007fefb802a7c Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2936:4512] 000007feea91d618 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2936:4428] 000007fef9315124 ---- EOF - GMER 2.1 ---- ==================================================================================== ** I am unable to upload the malicious file as it exceeds the 5 megabyte maximum. It's 7 meg already zipped and I don't know how to split it. Many thanks, chooki
  18. part 14: 05:53:42.0678 6188 [ 42771387FE5EAE8211F7000859157620 ] C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.dll 05:53:42.0678 6188 C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.dll - ok 05:53:42.0678 6188 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll 05:53:42.0678 6188 C:\Windows\AppPatch\AcLayers.dll - ok 05:53:42.0678 6188 [ 2041012726EF7C95ED51C15C56545A7F ] C:\Windows\SysWOW64\net1.exe 05:53:42.0678 6188 C:\Windows\SysWOW64\net1.exe - ok 05:53:42.0678 6188 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll 05:53:42.0678 6188 C:\Windows\SysWOW64\d3d9.dll - ok 05:53:42.0694 6188 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll 05:53:42.0694 6188 C:\Windows\System32\d3d9.dll - ok 05:53:42.0694 6188 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll 05:53:42.0694 6188 C:\Windows\SysWOW64\d3d8thk.dll - ok 05:53:42.0694 6188 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll 05:53:42.0694 6188 C:\Windows\System32\d3d8thk.dll - ok 05:53:42.0694 6188 [ F2E76C84BD0211103113A0BC4A835A7D ] C:\Windows\SysWOW64\TRACERT.EXE 05:53:42.0694 6188 C:\Windows\SysWOW64\TRACERT.EXE - ok 05:53:42.0694 6188 [ BF484058640D08AC23C4498002223B8F ] C:\Windows\System32\nvd3dumx.dll 05:53:42.0694 6188 C:\Windows\System32\nvd3dumx.dll - ok 05:53:42.0694 6188 [ 7E067D5C3EF2BB87B3E07DCD61286390 ] C:\Windows\AppPatch\acwow64.dll 05:53:42.0694 6188 C:\Windows\AppPatch\acwow64.dll - ok 05:53:42.0694 6188 [ B8DD4F4747E37DC6EEB4BDC22AE270F8 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDialog.dll 05:53:42.0694 6188 C:\Program Files (x86)\SlySoft\AnyDVD\AnyDialog.dll - ok 05:53:42.0694 6188 [ AFC329AF2E9AF235C7ABA8D6D63C40FE ] C:\Program Files\NVIDIA Corporation\nview\nView.dll 05:53:42.0694 6188 C:\Program Files\NVIDIA Corporation\nview\nView.dll - ok 05:53:42.0694 6188 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll 05:53:42.0694 6188 C:\Windows\SysWOW64\comdlg32.dll - ok 05:53:42.0694 6188 [ B976D45A3DE9B915E6A0625D89BF6529 ] C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp.dll 05:53:42.0694 6188 C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp.dll - ok 05:53:42.0710 6188 [ 33B26FA5DBEB69FFAB703EDCB4E6DE4A ] C:\Windows\SysWOW64\qdvd.dll 05:53:42.0710 6188 C:\Windows\SysWOW64\qdvd.dll - ok 05:53:42.0710 6188 [ B35B2DF377BB08844EA7A30D40FED7E7 ] C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe 05:53:42.0710 6188 C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe - ok 05:53:42.0710 6188 [ CE7803953FE7314061B3F9188D310EB2 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui 05:53:42.0710 6188 C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok 05:53:42.0710 6188 [ 766A9085EC0A0CA37B6905EE092D9D16 ] C:\Program Files\Total Defense\Internet Security Suite\issimages.dll 05:53:42.0710 6188 C:\Program Files\Total Defense\Internet Security Suite\issimages.dll - ok 05:53:42.0710 6188 [ A45CB10FC8C4DCA23F96FE4D334F64FE ] C:\Windows\SysWOW64\msxml3r.dll 05:53:42.0710 6188 C:\Windows\SysWOW64\msxml3r.dll - ok 05:53:42.0710 6188 [ 973131EB99BE1E19DAC502CB724E72A5 ] C:\Windows\System32\qdvd.dll 05:53:42.0710 6188 C:\Windows\System32\qdvd.dll - ok 05:53:42.0710 6188 [ F245764C6292A7364F4A9EC688430C47 ] C:\Program Files\Total Defense\Internet Security Suite\Parental Controls\capcbo.dll 05:53:42.0710 6188 C:\Program Files\Total Defense\Internet Security Suite\Parental Controls\capcbo.dll - ok 05:53:42.0710 6188 [ 8E19E70B4549D28E413FF04767BC6853 ] C:\Program Files\Total Defense\Internet Security Suite\caentitlementdll.dll 05:53:42.0710 6188 C:\Program Files\Total Defense\Internet Security Suite\caentitlementdll.dll - ok 05:53:42.0710 6188 [ 1E4B20432D6CB47A219A9049000F5E09 ] C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe 05:53:42.0710 6188 C:\Program Files\Total Defense\Internet Security Suite\ccprovsp.exe - ok 05:53:42.0725 6188 [ D0267EABA2147D97D696A69131DC1AA8 ] C:\Program Files\Total Defense\Internet Security Suite\ccdynamiccontent.dll 05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\ccdynamiccontent.dll - ok 05:53:42.0725 6188 [ 87816DF335990F58C0844BE8AB1976DE ] C:\Program Files\Total Defense\Internet Security Suite\ccissprd.dll 05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\ccissprd.dll - ok 05:53:42.0725 6188 [ 0C43FC1A5DF9CD2984508BCEA169C7FB ] C:\Windows\SysWOW64\nvapi.dll 05:53:42.0725 6188 C:\Windows\SysWOW64\nvapi.dll - ok 05:53:42.0725 6188 [ FE889875746F7E51CE79A516E1AAE86F ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\AntiSpamPBO.dll 05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\AntiSpamPBO.dll - ok 05:53:42.0725 6188 [ 9DF9BF62BBA3B7CD60A0002848443310 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphishbo.dll 05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphishbo.dll - ok 05:53:42.0725 6188 [ DEED9A789137833A1CEEE1B1501829FA ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\sitefilter.dll 05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\sitefilter.dll - ok 05:53:42.0725 6188 [ A005676B30AEB3C7703C317D992B193A ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 05:53:42.0725 6188 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe - ok 05:53:42.0725 6188 [ CBC8C9B3298F292F9DEBDCD16281688D ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphupd.exe 05:53:42.0725 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Phishing\caaphupd.exe - ok 05:53:42.0725 6188 [ 16E5353520281CE35F441F0EE3397E86 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe 05:53:42.0725 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe - ok 05:53:42.0741 6188 [ 0E245A12C90A46C6CFD2FC1291F6E0AF ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll 05:53:42.0741 6188 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll - ok 05:53:42.0741 6188 [ 30C43B8DF6B5E3AB01696CA902D95875 ] C:\Program Files\Total Defense\Internet Security Suite\commonbo.dll 05:53:42.0741 6188 C:\Program Files\Total Defense\Internet Security Suite\commonbo.dll - ok 05:53:42.0741 6188 [ 433BDD755D73E7FA75FCE69F9EAD4809 ] C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe 05:53:42.0741 6188 C:\Program Files\Total Defense\Internet Security Suite\cawsc.exe - ok 05:53:42.0741 6188 [ 6A964389E2DA5046982CD5FFC3276CAA ] C:\Program Files\NVIDIA Corporation\nview\nvShell.dll 05:53:42.0741 6188 C:\Program Files\NVIDIA Corporation\nview\nvShell.dll - ok 05:53:42.0741 6188 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll 05:53:42.0741 6188 C:\Windows\SysWOW64\wscisvif.dll - ok 05:53:42.0741 6188 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll 05:53:42.0741 6188 C:\Windows\SysWOW64\wscapi.dll - ok 05:53:42.0741 6188 [ 9DBC4D7C09DD0F51BCA0464E907ACE9D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\MeProv.dll 05:53:42.0741 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\MeProv.dll - ok 05:53:42.0741 6188 [ 210F667167ADED94A124CA8EC078E31D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\WsmanClient.dll 05:53:42.0741 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\WsmanClient.dll - ok 05:53:42.0741 6188 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll 05:53:42.0741 6188 C:\Windows\System32\wscapi.dll - ok 05:53:42.0756 6188 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll 05:53:42.0756 6188 C:\Windows\System32\wscisvif.dll - ok 05:53:42.0756 6188 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll 05:53:42.0756 6188 C:\Windows\SysWOW64\wshqos.dll - ok 05:53:42.0756 6188 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll 05:53:42.0756 6188 C:\Windows\SysWOW64\stobject.dll - ok 05:53:42.0756 6188 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll 05:53:42.0756 6188 C:\Windows\System32\stobject.dll - ok 05:53:42.0756 6188 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll 05:53:42.0756 6188 C:\Windows\SysWOW64\batmeter.dll - ok 05:53:42.0756 6188 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll 05:53:42.0756 6188 C:\Windows\System32\batmeter.dll - ok 05:53:42.0756 6188 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll 05:53:42.0756 6188 C:\Windows\SysWOW64\prnfldr.dll - ok 05:53:42.0756 6188 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll 05:53:42.0756 6188 C:\Windows\System32\prnfldr.dll - ok 05:53:42.0756 6188 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll 05:53:42.0756 6188 C:\Windows\SysWOW64\fundisc.dll - ok 05:53:42.0756 6188 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll 05:53:42.0756 6188 C:\Windows\SysWOW64\fdProxy.dll - ok 05:53:42.0756 6188 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll 05:53:42.0756 6188 C:\Windows\System32\fdProxy.dll - ok 05:53:42.0772 6188 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll 05:53:42.0772 6188 C:\Windows\System32\AudioSes.dll - ok 05:53:42.0772 6188 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll 05:53:42.0772 6188 C:\Windows\System32\DXP.dll - ok 05:53:42.0772 6188 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll 05:53:42.0772 6188 C:\Windows\SysWOW64\Syncreg.dll - ok 05:53:42.0772 6188 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll 05:53:42.0772 6188 C:\Windows\System32\Syncreg.dll - ok 05:53:42.0772 6188 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll 05:53:42.0772 6188 C:\Windows\ehome\ehSSO.dll - ok 05:53:42.0772 6188 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll 05:53:42.0772 6188 C:\Windows\SysWOW64\AltTab.dll - ok 05:53:42.0772 6188 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll 05:53:42.0772 6188 C:\Windows\System32\AltTab.dll - ok 05:53:42.0772 6188 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll 05:53:42.0772 6188 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok 05:53:42.0772 6188 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll 05:53:42.0772 6188 C:\Windows\System32\WPDShServiceObj.dll - ok 05:53:42.0772 6188 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll 05:53:42.0772 6188 C:\Windows\System32\wbem\wmipcima.dll - ok 05:53:42.0788 6188 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll 05:53:42.0788 6188 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok 05:53:42.0788 6188 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll 05:53:42.0788 6188 C:\Windows\System32\PortableDeviceTypes.dll - ok 05:53:42.0788 6188 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll 05:53:42.0788 6188 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok 05:53:42.0788 6188 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll 05:53:42.0788 6188 C:\Windows\SysWOW64\pnidui.dll - ok 05:53:42.0788 6188 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll 05:53:42.0788 6188 C:\Windows\System32\pnidui.dll - ok 05:53:42.0788 6188 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL 05:53:42.0788 6188 C:\Windows\SysWOW64\QUTIL.DLL - ok 05:53:42.0788 6188 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL 05:53:42.0788 6188 C:\Windows\System32\QUTIL.DLL - ok 05:53:42.0788 6188 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll 05:53:42.0788 6188 C:\Windows\SysWOW64\ncsi.dll - ok 05:53:42.0788 6188 [ CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\SysWOW64\cscobj.dll 05:53:42.0788 6188 C:\Windows\SysWOW64\cscobj.dll - ok 05:53:42.0788 6188 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll 05:53:42.0788 6188 C:\Windows\System32\cscobj.dll - ok 05:53:42.0803 6188 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll 05:53:42.0803 6188 C:\Windows\SysWOW64\netcfgx.dll - ok 05:53:42.0803 6188 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll 05:53:42.0803 6188 C:\Windows\SysWOW64\srchadmin.dll - ok 05:53:42.0803 6188 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll 05:53:42.0803 6188 C:\Windows\System32\netcfgx.dll - ok 05:53:42.0803 6188 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll 05:53:42.0803 6188 C:\Windows\System32\srchadmin.dll - ok 05:53:42.0803 6188 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll 05:53:42.0803 6188 C:\Windows\SysWOW64\dot3api.dll - ok 05:53:42.0803 6188 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll 05:53:42.0803 6188 C:\Windows\System32\dot3api.dll - ok 05:53:42.0803 6188 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\SysWOW64\eappcfg.dll 05:53:42.0803 6188 C:\Windows\SysWOW64\eappcfg.dll - ok 05:53:42.0803 6188 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll 05:53:42.0803 6188 C:\Windows\System32\eappcfg.dll - ok 05:53:42.0803 6188 [ 9DF7A7C74D8632CB5EBD37E3A374825E ] C:\Windows\SysWOW64\webcheck.dll 05:53:42.0803 6188 C:\Windows\SysWOW64\webcheck.dll - ok 05:53:42.0803 6188 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll 05:53:42.0803 6188 C:\Windows\SysWOW64\wlanhlp.dll - ok 05:53:42.0819 6188 [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll 05:53:42.0819 6188 C:\Windows\System32\webcheck.dll - ok 05:53:42.0819 6188 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll 05:53:42.0819 6188 C:\Windows\System32\wlanhlp.dll - ok 05:53:42.0819 6188 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll 05:53:42.0819 6188 C:\Windows\SysWOW64\mlang.dll - ok 05:53:42.0819 6188 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll 05:53:42.0819 6188 C:\Windows\SysWOW64\wlanapi.dll - ok 05:53:42.0819 6188 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll 05:53:42.0819 6188 C:\Windows\SysWOW64\wlanutil.dll - ok 05:53:42.0819 6188 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\SysWOW64\onex.dll 05:53:42.0819 6188 C:\Windows\SysWOW64\onex.dll - ok 05:53:42.0819 6188 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll 05:53:42.0819 6188 C:\Windows\System32\onex.dll - ok 05:53:42.0819 6188 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\SysWOW64\eappprxy.dll 05:53:42.0819 6188 C:\Windows\SysWOW64\eappprxy.dll - ok 05:53:42.0819 6188 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll 05:53:42.0819 6188 C:\Windows\System32\eappprxy.dll - ok 05:53:42.0819 6188 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll 05:53:42.0819 6188 C:\Windows\SysWOW64\hnetcfg.dll - ok 05:53:42.0834 6188 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll 05:53:42.0834 6188 C:\Windows\System32\hnetcfg.dll - ok 05:53:42.0834 6188 [ 987323F0247D023AD1AE52195540ECE0 ] C:\Windows\SysWOW64\mssvp.dll 05:53:42.0834 6188 C:\Windows\SysWOW64\mssvp.dll - ok 05:53:42.0834 6188 [ E503E15C88B4BBDA3F6345E34FED3E92 ] C:\Windows\System32\mssvp.dll 05:53:42.0834 6188 C:\Windows\System32\mssvp.dll - ok 05:53:42.0834 6188 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll 05:53:42.0834 6188 C:\Windows\SysWOW64\SyncCenter.dll - ok 05:53:42.0834 6188 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll 05:53:42.0834 6188 C:\Windows\System32\SyncCenter.dll - ok 05:53:42.0834 6188 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe 05:53:42.0834 6188 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok 05:53:42.0834 6188 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll 05:53:42.0834 6188 C:\Windows\SysWOW64\ActionCenter.dll - ok 05:53:42.0834 6188 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll 05:53:42.0834 6188 C:\Program Files\Windows Media Player\wmpnssci.dll - ok 05:53:42.0834 6188 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll 05:53:42.0834 6188 C:\Windows\System32\ActionCenter.dll - ok 05:53:42.0834 6188 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll 05:53:42.0834 6188 C:\Windows\SysWOW64\WWanAPI.dll - ok 05:53:42.0850 6188 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll 05:53:42.0850 6188 C:\Windows\System32\WWanAPI.dll - ok 05:53:42.0850 6188 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll 05:53:42.0850 6188 C:\Windows\SysWOW64\wwapi.dll - ok
  19. part 13: 05:53:42.0538 6188 [ A4308D8E2B90C3365B124AD2448ED1A2 ] C:\Windows\SysWOW64\NlsLexicons0018.dll 05:53:42.0538 6188 C:\Windows\SysWOW64\NlsLexicons0018.dll - ok 05:53:42.0554 6188 [ 3A84190D1D472A3BB9CC4AF141326F13 ] C:\Windows\System32\NlsLexicons0018.dll 05:53:42.0554 6188 C:\Windows\System32\NlsLexicons0018.dll - ok 05:53:42.0554 6188 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll 05:53:42.0554 6188 C:\Windows\SysWOW64\wmsgapi.dll - ok 05:53:42.0554 6188 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll 05:53:42.0554 6188 C:\Windows\System32\wups2.dll - ok 05:53:42.0554 6188 [ C7A572160F9FFA4363E7C90A91C1ACCB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\439eb22c3f6967beb8a3364626883423\System.Xml.ni.dll 05:53:42.0554 6188 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\439eb22c3f6967beb8a3364626883423\System.Xml.ni.dll - ok 05:53:42.0554 6188 [ 41132124BA846F34829F56ACF7C935B9 ] C:\Program Files (x86)\Hewlett-Packard\HP Ceement\CeeUtil.dll 05:53:42.0554 6188 C:\Program Files (x86)\Hewlett-Packard\HP Ceement\CeeUtil.dll - ok 05:53:42.0554 6188 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll 05:53:42.0554 6188 C:\Windows\SysWOW64\tapi32.dll - ok 05:53:42.0554 6188 [ 613BF4820361543956909043A265C6AC ] C:\Windows\SysWOW64\tapisrv.dll 05:53:42.0554 6188 C:\Windows\SysWOW64\tapisrv.dll - ok 05:53:42.0554 6188 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll 05:53:42.0554 6188 C:\Windows\System32\tapisrv.dll - ok 05:53:42.0554 6188 [ FA010336DB6FC6352A5056DD3E212CA8 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 05:53:42.0554 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok 05:53:42.0554 6188 [ FBF8259AEB2AD54BDC93B83C550B2348 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll 05:53:42.0554 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll - ok 05:53:42.0569 6188 [ E6F0F0253BB410AEE8B071E77A9CD201 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll 05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll - ok 05:53:42.0569 6188 [ 681C2614A2732E37A12BDE5192D95CA0 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll 05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll - ok 05:53:42.0569 6188 [ 56260EB61D3C58797EC00AC1B9013585 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll 05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll - ok 05:53:42.0569 6188 [ 82B105EDDE5BA70077AB0C62FE206651 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll 05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll - ok 05:53:42.0569 6188 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\SysWOW64\wdigest.dll 05:53:42.0569 6188 C:\Windows\SysWOW64\wdigest.dll - ok 05:53:42.0569 6188 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll 05:53:42.0569 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok 05:53:42.0569 6188 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe 05:53:42.0569 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok 05:53:42.0569 6188 [ DD50D698711D9435BF46E2EFDABB06CA ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll 05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll - ok 05:53:42.0569 6188 [ 5077C374979D8CCEC42CBD6780D53795 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\SoapServerService.dll 05:53:42.0569 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\SoapServerService.dll - ok 05:53:42.0585 6188 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll 05:53:42.0585 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok 05:53:42.0585 6188 [ 478B4083DD336A5C7FE26C9AD8C4672E ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\PartialFWUpdateService.dll 05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\PartialFWUpdateService.dll - ok 05:53:42.0585 6188 [ 0FC90F5E6A200DA235465495CB9F60E5 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\IPRefreshService.dll 05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\IPRefreshService.dll - ok 05:53:42.0585 6188 [ 878908FA24416D3EA1FA0708646B6D2D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ComEventHandler.dll 05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ComEventHandler.dll - ok 05:53:42.0585 6188 [ BC8D16DB1D85981ECD25B4A53C5E2B0A ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\HistoryEventHandler.dll 05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\HistoryEventHandler.dll - ok 05:53:42.0585 6188 [ DD1724F38102A558DBB5E9241730D64C ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll 05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll - ok 05:53:42.0585 6188 [ FF514B17CA850FCE3D0FAB1ACE22B1AC ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WMIEventHandler.dll 05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WMIEventHandler.dll - ok 05:53:42.0585 6188 [ C07E8CDC6FF4129DEA6FBAF3CC372C29 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WinLogEventHandler.dll 05:53:42.0585 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WinLogEventHandler.dll - ok 05:53:42.0585 6188 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll 05:53:42.0585 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok 05:53:42.0600 6188 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll 05:53:42.0600 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok 05:53:42.0600 6188 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe 05:53:42.0600 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok 05:53:42.0600 6188 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll 05:53:42.0600 6188 C:\Windows\SysWOW64\sfc.dll - ok 05:53:42.0600 6188 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll 05:53:42.0600 6188 C:\Windows\SysWOW64\sfc_os.dll - ok 05:53:42.0600 6188 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll 05:53:42.0600 6188 C:\Windows\SysWOW64\SndVolSSO.dll - ok 05:53:42.0600 6188 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll 05:53:42.0600 6188 C:\Windows\SysWOW64\hid.dll - ok 05:53:42.0600 6188 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl 05:53:42.0600 6188 C:\Windows\SysWOW64\timedate.cpl - ok 05:53:42.0600 6188 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl 05:53:42.0600 6188 C:\Windows\System32\timedate.cpl - ok 05:53:42.0600 6188 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\SysWOW64\shsvcs.dll 05:53:42.0600 6188 C:\Windows\SysWOW64\shsvcs.dll - ok 05:53:42.0600 6188 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll 05:53:42.0600 6188 C:\Windows\SysWOW64\actxprxy.dll - ok 05:53:42.0616 6188 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll 05:53:42.0616 6188 C:\Windows\System32\actxprxy.dll - ok 05:53:42.0616 6188 [ 23B001185B7C3CB1F4BDEB143E6B45B7 ] C:\Windows\System32\shdocvw.dll 05:53:42.0616 6188 C:\Windows\System32\shdocvw.dll - ok 05:53:42.0616 6188 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll 05:53:42.0616 6188 C:\Windows\SysWOW64\shacct.dll - ok 05:53:42.0616 6188 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll 05:53:42.0616 6188 C:\Windows\SysWOW64\msftedit.dll - ok 05:53:42.0616 6188 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll 05:53:42.0616 6188 C:\Windows\System32\msftedit.dll - ok 05:53:42.0616 6188 [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\SysWOW64\msls31.dll 05:53:42.0616 6188 C:\Windows\SysWOW64\msls31.dll - ok 05:53:42.0616 6188 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll 05:53:42.0616 6188 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok 05:53:42.0616 6188 [ E904178851A6A44BFA97E064EF779E9D ] C:\Windows\SysWOW64\authui.dll 05:53:42.0616 6188 C:\Windows\SysWOW64\authui.dll - ok 05:53:42.0616 6188 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll 05:53:42.0616 6188 C:\Windows\SysWOW64\cryptui.dll - ok 05:53:42.0616 6188 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll 05:53:42.0616 6188 C:\Windows\SysWOW64\gameux.dll - ok 05:53:42.0632 6188 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll 05:53:42.0632 6188 C:\Windows\System32\gameux.dll - ok 05:53:42.0632 6188 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll 05:53:42.0632 6188 C:\Windows\SysWOW64\wer.dll - ok 05:53:42.0632 6188 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll 05:53:42.0632 6188 C:\Windows\System32\msiltcfg.dll - ok 05:53:42.0632 6188 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll 05:53:42.0632 6188 C:\Windows\SysWOW64\msiltcfg.dll - ok 05:53:42.0632 6188 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll 05:53:42.0632 6188 C:\Windows\SysWOW64\msi.dll - ok 05:53:42.0632 6188 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll 05:53:42.0632 6188 C:\Windows\System32\msi.dll - ok 05:53:42.0632 6188 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll 05:53:42.0632 6188 C:\Windows\SysWOW64\linkinfo.dll - ok 05:53:42.0632 6188 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll 05:53:42.0632 6188 C:\Windows\System32\linkinfo.dll - ok 05:53:42.0632 6188 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll 05:53:42.0632 6188 C:\Windows\System32\DeviceCenter.dll - ok 05:53:42.0632 6188 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll 05:53:42.0632 6188 C:\Windows\SysWOW64\networkexplorer.dll - ok 05:53:42.0632 6188 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll 05:53:42.0632 6188 C:\Windows\System32\networkexplorer.dll - ok 05:53:42.0647 6188 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll 05:53:42.0647 6188 C:\Windows\SysWOW64\drprov.dll - ok 05:53:42.0647 6188 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll 05:53:42.0647 6188 C:\Windows\System32\drprov.dll - ok 05:53:42.0647 6188 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll 05:53:42.0647 6188 C:\Windows\SysWOW64\ntlanman.dll - ok 05:53:42.0647 6188 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll 05:53:42.0647 6188 C:\Windows\System32\ntlanman.dll - ok 05:53:42.0647 6188 [ EAF4712B706936C0B10D3B5319B37E81 ] C:\Windows\SysWOW64\davclnt.dll 05:53:42.0647 6188 C:\Windows\SysWOW64\davclnt.dll - ok 05:53:42.0647 6188 [ B32AB94A432289AC2DF77A3DCAD32EED ] C:\Windows\System32\davclnt.dll 05:53:42.0647 6188 C:\Windows\System32\davclnt.dll - ok 05:53:42.0647 6188 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll 05:53:42.0647 6188 C:\Windows\System32\davhlpr.dll - ok 05:53:42.0647 6188 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll 05:53:42.0647 6188 C:\Windows\SysWOW64\davhlpr.dll - ok 05:53:42.0647 6188 [ 554A50B5310E702029D3A675459108FF ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe 05:53:42.0647 6188 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe - ok 05:53:42.0647 6188 [ 195145237BE4B95227B8FD6F3D1283BC ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe 05:53:42.0647 6188 C:\Program Files\NVIDIA Corporation\nview\nwiz.exe - ok 05:53:42.0663 6188 [ 59AF838A39A377C6F7DD387748C5DE87 ] C:\Program Files\Total Defense\Internet Security Suite\casc.exe 05:53:42.0663 6188 C:\Program Files\Total Defense\Internet Security Suite\casc.exe - ok 05:53:42.0663 6188 [ FEF06E14E7105AD2769A614F45502540 ] C:\Program Files\NVIDIA Corporation\nview\nView64.dll 05:53:42.0663 6188 C:\Program Files\NVIDIA Corporation\nview\nView64.dll - ok 05:53:42.0663 6188 [ 79C982EF9198EB4B1A6AFDFA5D269E4D ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe 05:53:42.0663 6188 C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe - ok 05:53:42.0663 6188 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\05378752.sys 05:53:42.0663 6188 C:\Windows\System32\drivers\05378752.sys - ok 05:53:42.0663 6188 [ DF9CAA5B27E64551AC045FFB46F55629 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe 05:53:42.0663 6188 C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe - ok 05:53:42.0663 6188 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe 05:53:42.0663 6188 C:\Windows\SysWOW64\rundll32.exe - ok 05:53:42.0663 6188 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe 05:53:42.0663 6188 C:\Windows\System32\rundll32.exe - ok 05:53:42.0663 6188 [ 2F5B3AFA626DD53225E86BF34CB80EB1 ] C:\Windows\SysWOW64\ElbyCDIO.dll 05:53:42.0663 6188 C:\Windows\SysWOW64\ElbyCDIO.dll - ok 05:53:42.0663 6188 [ 1F74B33DC1296273C07F329466B8BE0F ] C:\Windows\SysWOW64\en-US\runonce.exe.mui 05:53:42.0663 6188 C:\Windows\SysWOW64\en-US\runonce.exe.mui - ok 05:53:42.0678 6188 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll 05:53:42.0678 6188 C:\Windows\SysWOW64\ExplorerFrame.dll - ok 05:53:42.0678 6188 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll 05:53:42.0678 6188 C:\Windows\SysWOW64\duser.dll - ok 05:53:42.0678 6188 [ 8433BDAC7D756F47B60A25B713E1CDD1 ] C:\Program Files\Total Defense\Internet Security Suite\ccemail.dll 05:53:42.0678 6188 C:\Program Files\Total Defense\Internet Security Suite\ccemail.dll - ok 05:53:42.0678 6188 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll 05:53:42.0678 6188 C:\Windows\SysWOW64\dui70.dll - ok 05:53:42.0678 6188 [ D5E18BA95F9E7D787D25EF07AC68603E ] C:\Windows\SysWOW64\tzres.dll 05:53:42.0678 6188 C:\Windows\SysWOW64\tzres.dll - ok 05:53:42.0678 6188 [ 8FD0EC6EB52F9EFE15B7A605C827932C ] C:\Windows\System32\Defrag.exe 05:53:42.0678 6188 C:\Windows\System32\Defrag.exe - ok
  20. part 12: 05:53:42.0413 6188 [ F479C4B55B70A27E509113273DC1E67B ] C:\Program Files\Internet Explorer\ieproxy.dll 05:53:42.0413 6188 C:\Program Files\Internet Explorer\ieproxy.dll - ok 05:53:42.0413 6188 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll 05:53:42.0413 6188 C:\Windows\SysWOW64\provsvc.dll - ok 05:53:42.0413 6188 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\SysWOW64\wmpps.dll 05:53:42.0413 6188 C:\Windows\SysWOW64\wmpps.dll - ok 05:53:42.0413 6188 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll 05:53:42.0413 6188 C:\Windows\System32\wmpps.dll - ok 05:53:42.0413 6188 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\SysWOW64\wmpmde.dll 05:53:42.0413 6188 C:\Windows\SysWOW64\wmpmde.dll - ok 05:53:42.0413 6188 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll 05:53:42.0413 6188 C:\Windows\System32\wmpmde.dll - ok 05:53:42.0429 6188 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll 05:53:42.0429 6188 C:\Windows\SysWOW64\httpapi.dll - ok 05:53:42.0429 6188 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll 05:53:42.0429 6188 C:\Windows\SysWOW64\pcwum.dll - ok 05:53:42.0429 6188 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll 05:53:42.0429 6188 C:\Windows\SysWOW64\WinSATAPI.dll - ok 05:53:42.0429 6188 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll 05:53:42.0429 6188 C:\Windows\System32\WinSATAPI.dll - ok 05:53:42.0429 6188 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll 05:53:42.0429 6188 C:\Windows\SysWOW64\dxgi.dll - ok 05:53:42.0429 6188 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll 05:53:42.0429 6188 C:\Windows\SysWOW64\msxml6.dll - ok 05:53:42.0429 6188 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL 05:53:42.0429 6188 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok 05:53:42.0429 6188 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\SysWOW64\MSMPEG2ENC.DLL 05:53:42.0429 6188 C:\Windows\SysWOW64\MSMPEG2ENC.DLL - ok 05:53:42.0429 6188 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL 05:53:42.0429 6188 C:\Windows\System32\MSMPEG2ENC.DLL - ok 05:53:42.0429 6188 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll 05:53:42.0429 6188 C:\Windows\SysWOW64\devenum.dll - ok 05:53:42.0444 6188 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll 05:53:42.0444 6188 C:\Windows\System32\devenum.dll - ok 05:53:42.0444 6188 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll 05:53:42.0444 6188 C:\Windows\SysWOW64\winmm.dll - ok 05:53:42.0444 6188 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll 05:53:42.0444 6188 C:\Windows\System32\msdmo.dll - ok 05:53:42.0444 6188 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll 05:53:42.0444 6188 C:\Windows\SysWOW64\msdmo.dll - ok 05:53:42.0444 6188 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\SysWOW64\upnphost.dll 05:53:42.0444 6188 C:\Windows\SysWOW64\upnphost.dll - ok 05:53:42.0444 6188 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll 05:53:42.0444 6188 C:\Windows\System32\upnphost.dll - ok 05:53:42.0444 6188 [ 6AAF3BECE2C3D17091BCEF37C5A82AC0 ] C:\Windows\SysWOW64\mmc.exe 05:53:42.0444 6188 C:\Windows\SysWOW64\mmc.exe - ok 05:53:42.0444 6188 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll 05:53:42.0444 6188 C:\Windows\SysWOW64\perfos.dll - ok 05:53:42.0444 6188 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll 05:53:42.0444 6188 C:\Windows\System32\wbem\wmiprov.dll - ok 05:53:42.0444 6188 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll 05:53:42.0444 6188 C:\Windows\SysWOW64\wmi.dll - ok 05:53:42.0460 6188 [ F24D69C3F5E98ABEE59ECCB0E2DF820E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fed86e49fe95761085bf287f901f5b53\System.Configuration.ni.dll 05:53:42.0460 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fed86e49fe95761085bf287f901f5b53\System.Configuration.ni.dll - ok 05:53:42.0460 6188 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui 05:53:42.0460 6188 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok 05:53:42.0460 6188 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui 05:53:42.0460 6188 C:\Windows\System32\en-US\tquery.dll.mui - ok 05:53:42.0460 6188 [ 2003E9B15E1C502B146DAD2E383AC1E3 ] C:\Windows\SysWOW64\schtasks.exe 05:53:42.0460 6188 C:\Windows\SysWOW64\schtasks.exe - ok 05:53:42.0460 6188 [ 97E0EC3D6D99E8CC2B17EF2D3760E8FC ] C:\Windows\System32\schtasks.exe 05:53:42.0460 6188 C:\Windows\System32\schtasks.exe - ok 05:53:42.0460 6188 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll 05:53:42.0460 6188 C:\Windows\System32\udhisapi.dll - ok 05:53:42.0460 6188 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\SysWOW64\udhisapi.dll 05:53:42.0460 6188 C:\Windows\SysWOW64\udhisapi.dll - ok 05:53:42.0460 6188 [ C7BC97E988324F5963CD7401C22E8024 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe 05:53:42.0460 6188 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe - ok 05:53:42.0460 6188 [ AF51D4FE088A3EFA5303B36FFFD0581B ] C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe 05:53:42.0460 6188 C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe - ok 05:53:42.0460 6188 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 05:53:42.0460 6188 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok 05:53:42.0476 6188 [ 37B6EBA4E783A0B25F3FE05EF86722CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 05:53:42.0476 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok 05:53:42.0476 6188 [ 33A77D477EF9D7A5C65A950129DF2E47 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll 05:53:42.0476 6188 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok 05:53:42.0476 6188 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll 05:53:42.0476 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok 05:53:42.0476 6188 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 05:53:42.0476 6188 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok 05:53:42.0476 6188 [ D144849E9B48A7DFB942281ED7EDB1C1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll 05:53:42.0476 6188 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll - ok 05:53:42.0476 6188 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll 05:53:42.0476 6188 C:\Windows\SysWOW64\vssapi.dll - ok 05:53:42.0476 6188 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll 05:53:42.0476 6188 C:\Windows\SysWOW64\atl.dll - ok 05:53:42.0476 6188 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll 05:53:42.0476 6188 C:\Windows\SysWOW64\vsstrace.dll - ok 05:53:42.0476 6188 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll 05:53:42.0476 6188 C:\Windows\SysWOW64\samlib.dll - ok 05:53:42.0476 6188 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll 05:53:42.0491 6188 C:\Windows\SysWOW64\es.dll - ok 05:53:42.0491 6188 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe 05:53:42.0491 6188 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok 05:53:42.0491 6188 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe 05:53:42.0491 6188 C:\Windows\System32\SearchProtocolHost.exe - ok 05:53:42.0491 6188 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll 05:53:42.0491 6188 C:\Windows\SysWOW64\msshooks.dll - ok 05:53:42.0491 6188 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll 05:53:42.0491 6188 C:\Windows\System32\msshooks.dll - ok 05:53:42.0491 6188 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe 05:53:42.0491 6188 C:\Windows\SysWOW64\SearchFilterHost.exe - ok 05:53:42.0491 6188 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe 05:53:42.0491 6188 C:\Windows\System32\SearchFilterHost.exe - ok 05:53:42.0491 6188 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll 05:53:42.0491 6188 C:\Windows\System32\wuaueng.dll - ok 05:53:42.0491 6188 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\SysWOW64\mspatcha.dll 05:53:42.0491 6188 C:\Windows\SysWOW64\mspatcha.dll - ok 05:53:42.0491 6188 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll 05:53:42.0491 6188 C:\Windows\System32\mspatcha.dll - ok 05:53:42.0507 6188 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll 05:53:42.0507 6188 C:\Windows\SysWOW64\mssprxy.dll - ok 05:53:42.0507 6188 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll 05:53:42.0507 6188 C:\Windows\System32\mssprxy.dll - ok 05:53:42.0507 6188 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll 05:53:42.0507 6188 C:\Windows\SysWOW64\mssph.dll - ok 05:53:42.0507 6188 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll 05:53:42.0507 6188 C:\Windows\System32\mssph.dll - ok 05:53:42.0507 6188 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll 05:53:42.0507 6188 C:\Windows\SysWOW64\mapi32.dll - ok 05:53:42.0507 6188 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll 05:53:42.0507 6188 C:\Windows\System32\mapi32.dll - ok 05:53:42.0507 6188 [ DC72ADE29F40EEFD38E35ED8A4D1F8F1 ] C:\Windows\SysWOW64\xmlfilter.dll 05:53:42.0507 6188 C:\Windows\SysWOW64\xmlfilter.dll - ok 05:53:42.0507 6188 [ 86C6E8597094BD9F2CF0E5F841641F4E ] C:\Windows\System32\xmlfilter.dll 05:53:42.0507 6188 C:\Windows\System32\xmlfilter.dll - ok 05:53:42.0507 6188 [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\SysWOW64\NaturalLanguage6.dll 05:53:42.0507 6188 C:\Windows\SysWOW64\NaturalLanguage6.dll - ok 05:53:42.0507 6188 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll 05:53:42.0507 6188 C:\Windows\System32\NaturalLanguage6.dll - ok 05:53:42.0507 6188 [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\SysWOW64\NlsData0009.dll 05:53:42.0507 6188 C:\Windows\SysWOW64\NlsData0009.dll - ok 05:53:42.0522 6188 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll 05:53:42.0522 6188 C:\Windows\System32\NlsData0009.dll - ok 05:53:42.0522 6188 [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\SysWOW64\NlsLexicons0009.dll 05:53:42.0522 6188 C:\Windows\SysWOW64\NlsLexicons0009.dll - ok 05:53:42.0522 6188 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll 05:53:42.0522 6188 C:\Windows\System32\NlsLexicons0009.dll - ok 05:53:42.0522 6188 [ 8444A7364D6877922049E99BF4B78C5C ] C:\Windows\SysWOW64\ELSCore.dll 05:53:42.0522 6188 C:\Windows\SysWOW64\ELSCore.dll - ok 05:53:42.0522 6188 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll 05:53:42.0522 6188 C:\Windows\System32\ELSCore.dll - ok 05:53:42.0522 6188 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll 05:53:42.0522 6188 C:\Windows\System32\elsTrans.dll - ok 05:53:42.0522 6188 [ 7B3FD36359DE5D2EE49D213CCAD13427 ] C:\Windows\SysWOW64\elsTrans.dll 05:53:42.0522 6188 C:\Windows\SysWOW64\elsTrans.dll - ok 05:53:42.0522 6188 [ 02A2ED8497F437EA200DF3ACED255AFE ] C:\Windows\SysWOW64\elslad.dll 05:53:42.0522 6188 C:\Windows\SysWOW64\elslad.dll - ok 05:53:42.0522 6188 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll 05:53:42.0522 6188 C:\Windows\System32\elslad.dll - ok 05:53:42.0522 6188 [ 61B33014F2D2A4F9553F6EF64FB82E31 ] C:\Windows\SysWOW64\NlsData000c.dll 05:53:42.0522 6188 C:\Windows\SysWOW64\NlsData000c.dll - ok 05:53:42.0538 6188 [ 51272A935F4F482A70F2A7D1C3A67AEE ] C:\Windows\System32\NlsData000c.dll 05:53:42.0538 6188 C:\Windows\System32\NlsData000c.dll - ok 05:53:42.0538 6188 [ AC7D0114246661B1E29A0939039157C5 ] C:\Windows\SysWOW64\NlsLexicons000c.dll 05:53:42.0538 6188 C:\Windows\SysWOW64\NlsLexicons000c.dll - ok 05:53:42.0538 6188 [ C2142407A2BE3462247500849B3FF8C7 ] C:\Windows\System32\NlsLexicons000c.dll 05:53:42.0538 6188 C:\Windows\System32\NlsLexicons000c.dll - ok 05:53:42.0538 6188 [ 555F35AF3B56EAAE367D767B9E2F1E8B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll 05:53:42.0538 6188 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll - ok 05:53:42.0538 6188 [ 28CAAA8B3DAC4604B6871F311C6B9F49 ] C:\Windows\SysWOW64\NlsData0000.dll 05:53:42.0538 6188 C:\Windows\SysWOW64\NlsData0000.dll - ok 05:53:42.0538 6188 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll 05:53:42.0538 6188 C:\Windows\System32\NlsData0000.dll - ok 05:53:42.0538 6188 [ A79FFFBA93697FB09584F11BD09AB636 ] C:\Windows\SysWOW64\NlsData0018.dll 05:53:42.0538 6188 C:\Windows\SysWOW64\NlsData0018.dll - ok 05:53:42.0538 6188 [ 9BDB62D5C4B3AE8807CB61F7503784E7 ] C:\Windows\System32\NlsData0018.dll 05:53:42.0538 6188 C:\Windows\System32\NlsData0018.dll - ok
  21. part 11: 05:53:42.0304 6188 [ 20F79A90C76651A17A9B211BC33743A7 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\bcdc7d59f3f8ed743115a7e706e6232a\System.ServiceProcess.ni.dll 05:53:42.0304 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\bcdc7d59f3f8ed743115a7e706e6232a\System.ServiceProcess.ni.dll - ok 05:53:42.0304 6188 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll 05:53:42.0304 6188 C:\Windows\SysWOW64\shfolder.dll - ok 05:53:42.0304 6188 [ DDA324215F71243786A9A4D1C5027BEB ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe 05:53:42.0304 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe - ok 05:53:42.0304 6188 [ FE32E6B3EEB32237CFED798F0B80EBD0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\7140611b14c038e25f80544af4f1ab61\System.Core.ni.dll 05:53:42.0304 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\7140611b14c038e25f80544af4f1ab61\System.Core.ni.dll - ok 05:53:42.0304 6188 [ 2BBEAE7C6CC97BA6669482AD69EE8541 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\cfd4d6a6ccde1323b6ecb279483718f1\System.Xml.Linq.ni.dll 05:53:42.0304 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\cfd4d6a6ccde1323b6ecb279483718f1\System.Xml.Linq.ni.dll - ok 05:53:42.0320 6188 [ 107F19308A07F27CEA7B317BDF67756F ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 05:53:42.0320 6188 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok 05:53:42.0320 6188 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe 05:53:42.0320 6188 C:\Windows\System32\sppsvc.exe - ok 05:53:42.0320 6188 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll 05:53:42.0320 6188 C:\Windows\System32\sppobjs.dll - ok 05:53:42.0320 6188 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll 05:53:42.0320 6188 C:\Windows\System32\sppwinob.dll - ok 05:53:42.0320 6188 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys 05:53:42.0320 6188 C:\Windows\System32\drivers\spsys.sys - ok 05:53:42.0320 6188 [ B3F15947F40E25B74938B203FEAF0640 ] C:\Users\Z220\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll 05:53:42.0320 6188 C:\Users\Z220\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll - ok 05:53:42.0320 6188 [ F980F2E6E8E68D797CF07434C8DDBF30 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll 05:53:42.0320 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll - ok 05:53:42.0320 6188 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe 05:53:42.0320 6188 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok 05:53:42.0320 6188 [ 671E5892CF12C89031FADC6697CBAEDE ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\ffcb92605ae455c5763d0cf2afa82ed2\System.Web.ni.dll 05:53:42.0320 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\ffcb92605ae455c5763d0cf2afa82ed2\System.Web.ni.dll - ok 05:53:42.0335 6188 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll 05:53:42.0335 6188 C:\Windows\SysWOW64\wsock32.dll - ok 05:53:42.0335 6188 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll 05:53:42.0335 6188 C:\Windows\System32\wsock32.dll - ok 05:53:42.0335 6188 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll 05:53:42.0335 6188 C:\Windows\System32\security.dll - ok 05:53:42.0335 6188 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll 05:53:42.0335 6188 C:\Windows\SysWOW64\powrprof.dll - ok 05:53:42.0335 6188 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll 05:53:42.0335 6188 C:\Windows\SysWOW64\security.dll - ok 05:53:42.0335 6188 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll 05:53:42.0335 6188 C:\Windows\SysWOW64\dssenh.dll - ok 05:53:42.0335 6188 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll 05:53:42.0335 6188 C:\Windows\System32\dssenh.dll - ok 05:53:42.0335 6188 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll 05:53:42.0335 6188 C:\Windows\SysWOW64\wmdrmdev.dll - ok 05:53:42.0335 6188 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll 05:53:42.0335 6188 C:\Windows\System32\wmdrmdev.dll - ok 05:53:42.0335 6188 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll 05:53:42.0335 6188 C:\Windows\SysWOW64\drmv2clt.dll - ok 05:53:42.0351 6188 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll 05:53:42.0351 6188 C:\Windows\System32\wscsvc.dll - ok 05:53:42.0351 6188 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll 05:53:42.0351 6188 C:\Windows\System32\drmv2clt.dll - ok 05:53:42.0351 6188 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll 05:53:42.0351 6188 C:\Windows\SysWOW64\dbghelp.dll - ok 05:53:42.0351 6188 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll 05:53:42.0351 6188 C:\Windows\SysWOW64\samcli.dll - ok 05:53:42.0351 6188 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll 05:53:42.0351 6188 C:\Windows\SysWOW64\logoncli.dll - ok 05:53:42.0351 6188 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll 05:53:42.0351 6188 C:\Windows\System32\dbghelp.dll - ok 05:53:42.0351 6188 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll 05:53:42.0351 6188 C:\Windows\SysWOW64\browcli.dll - ok 05:53:42.0351 6188 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll 05:53:42.0351 6188 C:\Windows\SysWOW64\mfplat.dll - ok 05:53:42.0351 6188 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll 05:53:42.0351 6188 C:\Windows\System32\mfplat.dll - ok 05:53:42.0351 6188 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll 05:53:42.0351 6188 C:\Windows\System32\browcli.dll - ok 05:53:42.0351 6188 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll 05:53:42.0351 6188 C:\Windows\SysWOW64\avrt.dll - ok 05:53:42.0366 6188 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll 05:53:42.0366 6188 C:\Windows\SysWOW64\schedcli.dll - ok 05:53:42.0366 6188 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll 05:53:42.0366 6188 C:\Windows\System32\schedcli.dll - ok 05:53:42.0366 6188 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll 05:53:42.0366 6188 C:\Windows\System32\p2pcollab.dll - ok 05:53:42.0366 6188 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL 05:53:42.0366 6188 C:\Windows\System32\QAGENTRT.DLL - ok 05:53:42.0366 6188 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe 05:53:42.0366 6188 C:\Windows\SysWOW64\SearchIndexer.exe - ok 05:53:42.0366 6188 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll 05:53:42.0366 6188 C:\Windows\SysWOW64\sxs.dll - ok 05:53:42.0366 6188 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll 05:53:42.0366 6188 C:\Windows\System32\fveui.dll - ok 05:53:42.0366 6188 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll 05:53:42.0366 6188 C:\Windows\SysWOW64\blackbox.dll - ok 05:53:42.0366 6188 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll 05:53:42.0366 6188 C:\Windows\System32\blackbox.dll - ok 05:53:42.0366 6188 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe 05:53:42.0366 6188 C:\Windows\System32\SearchIndexer.exe - ok 05:53:42.0382 6188 [ 7D4DC95A1F5E0818E74A399960569EA1 ] C:\Windows\SysWOW64\wuapi.dll 05:53:42.0382 6188 C:\Windows\SysWOW64\wuapi.dll - ok 05:53:42.0382 6188 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll 05:53:42.0382 6188 C:\Windows\SysWOW64\tquery.dll - ok 05:53:42.0382 6188 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll 05:53:42.0382 6188 C:\Windows\System32\wuapi.dll - ok 05:53:42.0382 6188 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll 05:53:42.0382 6188 C:\Windows\System32\tquery.dll - ok 05:53:42.0382 6188 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll 05:53:42.0382 6188 C:\Windows\SysWOW64\cabinet.dll - ok 05:53:42.0382 6188 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll 05:53:42.0382 6188 C:\Windows\System32\cabinet.dll - ok 05:53:42.0382 6188 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll 05:53:42.0382 6188 C:\Windows\SysWOW64\mssrch.dll - ok 05:53:42.0382 6188 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll 05:53:42.0382 6188 C:\Windows\SysWOW64\upnp.dll - ok 05:53:42.0382 6188 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll 05:53:42.0382 6188 C:\Windows\System32\mssrch.dll - ok 05:53:42.0382 6188 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll 05:53:42.0382 6188 C:\Windows\SysWOW64\winhttp.dll - ok 05:53:42.0398 6188 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll 05:53:42.0398 6188 C:\Windows\SysWOW64\esent.dll - ok 05:53:42.0398 6188 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll 05:53:42.0398 6188 C:\Windows\SysWOW64\webio.dll - ok 05:53:42.0398 6188 [ FB633DCC8664E4CCACF562DB5BAE38CF ] C:\Windows\SysWOW64\wups.dll 05:53:42.0398 6188 C:\Windows\SysWOW64\wups.dll - ok 05:53:42.0398 6188 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll 05:53:42.0398 6188 C:\Windows\System32\wups.dll - ok 05:53:42.0398 6188 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll 05:53:42.0398 6188 C:\Windows\SysWOW64\ssdpapi.dll - ok 05:53:42.0398 6188 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll 05:53:42.0398 6188 C:\Windows\SysWOW64\msidle.dll - ok 05:53:42.0398 6188 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll 05:53:42.0398 6188 C:\Windows\System32\msidle.dll - ok 05:53:42.0398 6188 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL 05:53:42.0398 6188 C:\Windows\SysWOW64\KBDUS.DLL - ok 05:53:42.0398 6188 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll 05:53:42.0398 6188 C:\Windows\SysWOW64\wmp.dll - ok 05:53:42.0398 6188 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll 05:53:42.0398 6188 C:\Windows\System32\wmp.dll - ok 05:53:42.0398 6188 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll 05:53:42.0398 6188 C:\Windows\SysWOW64\dwmapi.dll - ok 05:53:42.0413 6188 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL 05:53:42.0413 6188 C:\Windows\SysWOW64\wmploc.DLL - ok 05:53:42.0413 6188 [ F4079F18F919248CF978BBAEDB139A61 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\interop.Scheduler.dll 05:53:42.0413 6188 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\interop.Scheduler.dll - ok 05:53:42.0413 6188 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL 05:53:42.0413 6188 C:\Windows\System32\wmploc.DLL - ok 05:53:42.0413 6188 [ CE5516C7B8EC9948770FF72DB9FB8B96 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\7.0.0.1__d4a591153760ff28\HP.SupportFramework.dll 05:53:42.0413 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\7.0.0.1__d4a591153760ff28\HP.SupportFramework.dll - ok
  22. part 10: 05:53:42.0226 6188 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll 05:53:42.0226 6188 C:\Windows\SysWOW64\xmllite.dll - ok 05:53:42.0226 6188 [ 696584B827A0FD48E28A76F35EE0A2B8 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe 05:53:42.0226 6188 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe - ok 05:53:42.0226 6188 [ 3E6442B01E44B3AA31807FEF5235DC54 ] C:\Program Files\CCleaner\CCleaner.exe 05:53:42.0226 6188 C:\Program Files\CCleaner\CCleaner.exe - ok 05:53:42.0226 6188 [ 5C997FB34FBA9CD15637890048F1EB0B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll 05:53:42.0226 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll - ok 05:53:42.0226 6188 [ 99269DEE97D87DED45D05A3257493D8D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll 05:53:42.0226 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll - ok 05:53:42.0226 6188 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll 05:53:42.0226 6188 C:\Windows\SysWOW64\mscoree.dll - ok 05:53:42.0226 6188 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll 05:53:42.0226 6188 C:\Windows\System32\mscoree.dll - ok 05:53:42.0226 6188 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll 05:53:42.0226 6188 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok 05:53:42.0226 6188 [ C0FAAE8EC1B4760D3D04844F708DA0F0 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll 05:53:42.0226 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok 05:53:42.0242 6188 [ 7F9C912B2817076DC0C9C129C90D8914 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll 05:53:42.0242 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll - ok 05:53:42.0242 6188 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll 05:53:42.0242 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok 05:53:42.0242 6188 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll 05:53:42.0242 6188 C:\Windows\SysWOW64\riched20.dll - ok 05:53:42.0242 6188 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll 05:53:42.0242 6188 C:\Windows\System32\riched20.dll - ok 05:53:42.0242 6188 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll 05:53:42.0242 6188 C:\Windows\System32\SensApi.dll - ok 05:53:42.0242 6188 [ 8A525B8D583D067C5AAAC1AF5F91B89A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll 05:53:42.0242 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll - ok 05:53:42.0242 6188 [ 0F25194F0257C1ED7C93C55FE6AE6E8A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\3f0016119cbaccffc68806e1c91da0fc\PresentationFramework.ni.dll 05:53:42.0242 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\3f0016119cbaccffc68806e1c91da0fc\PresentationFramework.ni.dll - ok 05:53:42.0242 6188 [ AE098D9D3BD83440C59A0C3386F4F5DD ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll 05:53:42.0242 6188 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok 05:53:42.0242 6188 [ 6E656C325A5519A3A9D951709958CF6F ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll 05:53:42.0242 6188 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok 05:53:42.0257 6188 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll 05:53:42.0257 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok 05:53:42.0257 6188 [ 4C0989878EB9DF67C42A7CD42713451E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\868d117286ad259249f31d3fe813d39a\System.Drawing.ni.dll 05:53:42.0257 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\868d117286ad259249f31d3fe813d39a\System.Drawing.ni.dll - ok 05:53:42.0257 6188 [ 29EA0DE7CE74A18B99A2A94809C54C79 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\994b9a807cc6fa0c8d1a9ae90ab685ac\System.Windows.Forms.ni.dll 05:53:42.0257 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\994b9a807cc6fa0c8d1a9ae90ab685ac\System.Windows.Forms.ni.dll - ok 05:53:42.0257 6188 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll 05:53:42.0257 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok 05:53:42.0257 6188 [ AC6E6940C8C98EE153D96FFA2CA7B272 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll 05:53:42.0257 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll - ok 05:53:42.0257 6188 [ E2A3AE8CD6FA7F294ACF77180946616B ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Localization\7.0.0.1__a2352a4c73e11587\HP.SupportFramework.Localization.dll 05:53:42.0257 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Localization\7.0.0.1__a2352a4c73e11587\HP.SupportFramework.Localization.dll - ok 05:53:42.0257 6188 [ E98284A6C9A76D2FC08CD0FC9D91B534 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HP.SupportAssistant.UIController.dll 05:53:42.0257 6188 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HP.SupportAssistant.UIController.dll - ok 05:53:42.0257 6188 [ DB634D1F0330255341EEAD2CC4AEC920 ] C:\Windows\assembly\GAC_MSIL\HP.SupportAssistant.Engine\7.0.1.1__e1eab6ede003577a\HP.SupportAssistant.Engine.dll 05:53:42.0257 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportAssistant.Engine\7.0.1.1__e1eab6ede003577a\HP.SupportAssistant.Engine.dll - ok 05:53:42.0257 6188 [ 29FB9D78D310991E2E1488A716344638 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Utilities\7.0.0.1__deb98ab3a292405a\HP.SupportFramework.Utilities.dll 05:53:42.0257 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Utilities\7.0.0.1__deb98ab3a292405a\HP.SupportFramework.Utilities.dll - ok 05:53:42.0273 6188 [ D66F354CF10CB0CF65F401B5B3160140 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.UI\7.0.0.1__3d7f4982d5e863bc\HP.SupportFramework.UI.dll 05:53:42.0273 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.UI\7.0.0.1__3d7f4982d5e863bc\HP.SupportFramework.UI.dll - ok 05:53:42.0273 6188 [ 6E5C9C5171C0663331BF58B7DEA54498 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Common\7.0.0.1__41bdec5abf54f6dc\HP.SupportFramework.Common.dll 05:53:42.0273 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Common\7.0.0.1__41bdec5abf54f6dc\HP.SupportFramework.Common.dll - ok 05:53:42.0273 6188 [ CFA6A9299864FB9713BBF279CB0F7DEF ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Communicator\7.0.0.1__370cd15173f7ac8f\HP.SupportFramework.Communicator.dll 05:53:42.0273 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Communicator\7.0.0.1__370cd15173f7ac8f\HP.SupportFramework.Communicator.dll - ok 05:53:42.0273 6188 [ 08F2E3CD8BC16B54C39F779CE4DC2D74 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.ServiceManager\7.0.0.1__afd7346f05a57c11\HP.SupportFramework.ServiceManager.dll 05:53:42.0273 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.ServiceManager\7.0.0.1__afd7346f05a57c11\HP.SupportFramework.ServiceManager.dll - ok 05:53:42.0273 6188 [ 8B615B1E2D01DB66850B56727F99C558 ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Logging\7.0.0.1__a5a013d267b3a679\HP.SupportFramework.Logging.dll 05:53:42.0273 6188 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework.Logging\7.0.0.1__a5a013d267b3a679\HP.SupportFramework.Logging.dll - ok 05:53:42.0273 6188 [ 06324F22EF3BABF05D5B3EC905E2BEA9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\c3e08d83feb430f44496c4adb55ef007\System.Runtime.Remoting.ni.dll 05:53:42.0273 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\c3e08d83feb430f44496c4adb55ef007\System.Runtime.Remoting.ni.dll - ok 05:53:42.0273 6188 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll 05:53:42.0273 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok 05:53:42.0273 6188 [ 0405BACBBD2006CAF3C54256FE71FB2A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\7e1a0f53a8580321c5902b6867c3f7da\System.Management.ni.dll 05:53:42.0273 6188 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\7e1a0f53a8580321c5902b6867c3f7da\System.Management.ni.dll - ok 05:53:42.0273 6188 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 05:53:42.0273 6188 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok 05:53:42.0288 6188 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll 05:53:42.0288 6188 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok 05:53:42.0288 6188 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll 05:53:42.0288 6188 C:\Windows\SysWOW64\wbemcomn.dll - ok 05:53:42.0288 6188 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll 05:53:42.0288 6188 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok 05:53:42.0288 6188 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll 05:53:42.0288 6188 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok 05:53:42.0288 6188 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll 05:53:42.0288 6188 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok 05:53:42.0288 6188 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 05:53:42.0288 6188 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok 05:53:42.0288 6188 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll 05:53:42.0288 6188 C:\Windows\System32\msvcr100_clr0400.dll - ok 05:53:42.0288 6188 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll 05:53:42.0288 6188 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok 05:53:42.0288 6188 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll 05:53:42.0288 6188 C:\Windows\SysWOW64\wbem\fastprox.dll - ok 05:53:42.0288 6188 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll 05:53:42.0288 6188 C:\Windows\SysWOW64\ntdsapi.dll - ok 05:53:42.0304 6188 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe 05:53:42.0304 6188 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok 05:53:42.0304 6188 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll 05:53:42.0304 6188 C:\Windows\SysWOW64\ncobjapi.dll - ok 05:53:42.0304 6188 [ 9C9943220F8F94B917D8C4C9618074CC ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe 05:53:42.0304 6188 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe - ok 05:53:42.0304 6188 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll 05:53:42.0304 6188 C:\Windows\SysWOW64\framedynos.dll - ok
  23. part 9: 05:53:42.0117 6188 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll 05:53:42.0117 6188 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok 05:53:42.0117 6188 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll 05:53:42.0117 6188 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok 05:53:42.0117 6188 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll 05:53:42.0117 6188 C:\Windows\SysWOW64\msimg32.dll - ok 05:53:42.0117 6188 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll 05:53:42.0117 6188 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok 05:53:42.0117 6188 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll 05:53:42.0117 6188 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok 05:53:42.0117 6188 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll 05:53:42.0117 6188 C:\Windows\SysWOW64\msxml3.dll - ok 05:53:42.0117 6188 [ 61DC3F2BE3093FE22CD717260946D7AD ] C:\Windows\SysWOW64\urlmon.dll 05:53:42.0117 6188 C:\Windows\SysWOW64\urlmon.dll - ok 05:53:42.0117 6188 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 05:53:42.0117 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok 05:53:42.0117 6188 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll 05:53:42.0117 6188 C:\Windows\System32\netman.dll - ok 05:53:42.0132 6188 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll 05:53:42.0132 6188 C:\Windows\SysWOW64\netshell.dll - ok 05:53:42.0132 6188 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll 05:53:42.0132 6188 C:\Windows\System32\netshell.dll - ok 05:53:42.0132 6188 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll 05:53:42.0132 6188 C:\Windows\SysWOW64\secur32.dll - ok 05:53:42.0132 6188 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll 05:53:42.0132 6188 C:\Windows\SysWOW64\nlaapi.dll - ok 05:53:42.0132 6188 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe 05:53:42.0132 6188 C:\Windows\SysWOW64\cmd.exe - ok 05:53:42.0132 6188 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll 05:53:42.0132 6188 C:\Windows\SysWOW64\rasdlg.dll - ok 05:53:42.0132 6188 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll 05:53:42.0132 6188 C:\Windows\System32\rasdlg.dll - ok 05:53:42.0132 6188 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll 05:53:42.0132 6188 C:\Windows\SysWOW64\mprapi.dll - ok 05:53:42.0132 6188 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll 05:53:42.0132 6188 C:\Windows\System32\mprapi.dll - ok 05:53:42.0132 6188 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll 05:53:42.0132 6188 C:\Windows\SysWOW64\rasapi32.dll - ok 05:53:42.0148 6188 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll 05:53:42.0148 6188 C:\Windows\SysWOW64\rasman.dll - ok 05:53:42.0148 6188 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll 05:53:42.0148 6188 C:\Windows\SysWOW64\rtutils.dll - ok 05:53:42.0148 6188 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll 05:53:42.0148 6188 C:\Windows\SysWOW64\dsrole.dll - ok 05:53:42.0148 6188 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe 05:53:42.0148 6188 C:\Windows\SysWOW64\svchost.exe - ok 05:53:42.0148 6188 [ 812A161FC470FA832C3F0CC3D7ACA2F9 ] C:\Windows\SysWOW64\apisetschema.dll 05:53:42.0148 6188 C:\Windows\SysWOW64\apisetschema.dll - ok 05:53:42.0148 6188 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL 05:53:42.0148 6188 C:\Windows\System32\IPSECSVC.DLL - ok 05:53:42.0148 6188 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll 05:53:42.0148 6188 C:\Windows\SysWOW64\authz.dll - ok 05:53:42.0148 6188 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll 05:53:42.0148 6188 C:\Windows\SysWOW64\FirewallAPI.dll - ok 05:53:42.0148 6188 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll 05:53:42.0148 6188 C:\Windows\SysWOW64\winbrand.dll - ok 05:53:42.0148 6188 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\SysWOW64\FwRemoteSvr.dll 05:53:42.0148 6188 C:\Windows\SysWOW64\FwRemoteSvr.dll - ok 05:53:42.0164 6188 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll 05:53:42.0164 6188 C:\Windows\System32\FwRemoteSvr.dll - ok 05:53:42.0164 6188 [ B9A4DAC2192FD78CDA097BFA79F6E7B2 ] C:\Windows\SysWOW64\net.exe 05:53:42.0164 6188 C:\Windows\SysWOW64\net.exe - ok 05:53:42.0164 6188 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll 05:53:42.0164 6188 C:\Windows\SysWOW64\taskschd.dll - ok 05:53:42.0164 6188 [ 3E1EBF74DD93287B7DC1C681B09E3639 ] C:\Windows\SysWOW64\usbceip.dll 05:53:42.0164 6188 C:\Windows\SysWOW64\usbceip.dll - ok 05:53:42.0164 6188 [ B998AB59D5541777A1E43175A9ACBE83 ] C:\Windows\System32\en-US\conhost.exe.mui 05:53:42.0164 6188 C:\Windows\System32\en-US\conhost.exe.mui - ok 05:53:42.0164 6188 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll 05:53:42.0164 6188 C:\Windows\SysWOW64\schannel.dll - ok 05:53:42.0164 6188 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll 05:53:42.0164 6188 C:\Windows\SysWOW64\dimsjob.dll - ok 05:53:42.0164 6188 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll 05:53:42.0164 6188 C:\Windows\System32\dimsjob.dll - ok 05:53:42.0164 6188 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll 05:53:42.0164 6188 C:\Windows\SysWOW64\netprofm.dll - ok 05:53:42.0164 6188 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll 05:53:42.0164 6188 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok 05:53:42.0179 6188 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll 05:53:42.0179 6188 C:\Windows\SysWOW64\npmproxy.dll - ok 05:53:42.0179 6188 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll 05:53:42.0179 6188 C:\Windows\System32\npmproxy.dll - ok 05:53:42.0179 6188 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll 05:53:42.0179 6188 C:\Windows\SysWOW64\gpapi.dll - ok 05:53:42.0179 6188 [ 8F5EAAF76A6811332A8C67DB0D4C395F ] C:\Windows\SysWOW64\ieframe.dll 05:53:42.0179 6188 C:\Windows\SysWOW64\ieframe.dll - ok 05:53:42.0179 6188 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll 05:53:42.0179 6188 C:\Windows\System32\aelupsvc.dll - ok 05:53:42.0179 6188 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 05:53:42.0179 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok 05:53:42.0179 6188 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 05:53:42.0179 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok 05:53:42.0179 6188 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 05:53:42.0179 6188 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok 05:53:42.0179 6188 [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503 ] C:\Windows\SysWOW64\shdocvw.dll 05:53:42.0179 6188 C:\Windows\SysWOW64\shdocvw.dll - ok 05:53:42.0179 6188 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll 05:53:42.0179 6188 C:\Windows\SysWOW64\NapiNSP.dll - ok 05:53:42.0195 6188 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll 05:53:42.0195 6188 C:\Windows\SysWOW64\pnrpnsp.dll - ok 05:53:42.0195 6188 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll 05:53:42.0195 6188 C:\Windows\SysWOW64\winrnr.dll - ok 05:53:42.0195 6188 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Z220\AppData\Local\Temp\CDDFCDDA-17C4-4575-81C8-24DF586F3E61.exe 05:53:42.0195 6188 C:\Users\Z220\AppData\Local\Temp\CDDFCDDA-17C4-4575-81C8-24DF586F3E61.exe - ok 05:53:42.0195 6188 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll 05:53:42.0195 6188 C:\Windows\SysWOW64\imagehlp.dll - ok 05:53:42.0195 6188 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll 05:53:42.0195 6188 C:\Windows\SysWOW64\ncrypt.dll - ok 05:53:42.0195 6188 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll 05:53:42.0195 6188 C:\Windows\SysWOW64\bcrypt.dll - ok 05:53:42.0195 6188 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll 05:53:42.0195 6188 C:\Windows\SysWOW64\bcryptprimitives.dll - ok 05:53:42.0195 6188 [ 7B851A8018B1EA00A69707A390004884 ] C:\Windows\SysWOW64\cryptnet.dll 05:53:42.0195 6188 C:\Windows\SysWOW64\cryptnet.dll - ok 05:53:42.0195 6188 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll 05:53:42.0195 6188 C:\Windows\SysWOW64\SensApi.dll - ok 05:53:42.0195 6188 [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll 05:53:42.0195 6188 C:\Windows\SysWOW64\WindowsCodecs.dll - ok 05:53:42.0210 6188 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll 05:53:42.0210 6188 C:\Windows\SysWOW64\EhStorShell.dll - ok 05:53:42.0210 6188 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll 05:53:42.0210 6188 C:\Windows\SysWOW64\ntshrui.dll - ok 05:53:42.0210 6188 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll 05:53:42.0210 6188 C:\Windows\SysWOW64\cscapi.dll - ok 05:53:42.0210 6188 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll 05:53:42.0210 6188 C:\Windows\SysWOW64\slc.dll - ok 05:53:42.0210 6188 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll 05:53:42.0210 6188 C:\Windows\SysWOW64\imageres.dll - ok 05:53:42.0210 6188 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll 05:53:42.0210 6188 C:\Windows\SysWOW64\IconCodecService.dll - ok 05:53:42.0210 6188 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe 05:53:42.0210 6188 C:\Windows\SysWOW64\taskeng.exe - ok 05:53:42.0210 6188 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll 05:53:42.0210 6188 C:\Windows\SysWOW64\TSChannel.dll - ok 05:53:42.0210 6188 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll 05:53:42.0210 6188 C:\Windows\SysWOW64\ktmw32.dll - ok 05:53:42.0210 6188 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll 05:53:42.0210 6188 C:\Windows\SysWOW64\wevtapi.dll - ok
  24. part 8: 05:53:41.0992 6188 [ 2F22B0F9A7FF5C5D6511CC19A9561672 ] C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrm.dll 05:53:41.0992 6188 C:\Program Files\Total Defense\Internet Security Suite\ccmsgfrm.dll - ok 05:53:41.0992 6188 [ CCDB8FDC289AA9AFA5F8827A2ADB21AD ] C:\Windows\System32\ieframe.dll 05:53:41.0992 6188 C:\Windows\System32\ieframe.dll - ok 05:53:41.0992 6188 [ D664B6A7298014089F9F0C9B28158C14 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll 05:53:41.0992 6188 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok 05:53:41.0992 6188 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll 05:53:41.0992 6188 C:\Windows\System32\sqmapi.dll - ok 05:53:41.0992 6188 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll 05:53:41.0992 6188 C:\Windows\System32\wbem\fastprox.dll - ok 05:53:42.0008 6188 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll 05:53:42.0008 6188 C:\Windows\SysWOW64\dhcpcsvc.dll - ok 05:53:42.0008 6188 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll 05:53:42.0008 6188 C:\Windows\System32\aeevts.dll - ok 05:53:42.0008 6188 [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 05:53:42.0008 6188 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok 05:53:42.0008 6188 [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 05:53:42.0008 6188 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok 05:53:42.0008 6188 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll 05:53:42.0008 6188 C:\Windows\System32\ntdsapi.dll - ok 05:53:42.0008 6188 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll 05:53:42.0008 6188 C:\Windows\System32\srvsvc.dll - ok 05:53:42.0008 6188 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll 05:53:42.0008 6188 C:\Windows\System32\wbem\wbemprox.dll - ok 05:53:42.0008 6188 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll 05:53:42.0008 6188 C:\Windows\System32\wdscore.dll - ok 05:53:42.0008 6188 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll 05:53:42.0008 6188 C:\Windows\System32\browser.dll - ok 05:53:42.0008 6188 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll 05:53:42.0008 6188 C:\Windows\System32\netmsg.dll - ok 05:53:42.0023 6188 [ ED5DCBD7B658D12EA45F9C4E81953B97 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 05:53:42.0023 6188 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok 05:53:42.0023 6188 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll 05:53:42.0023 6188 C:\Windows\System32\clusapi.dll - ok 05:53:42.0023 6188 [ F026C6F104758D0EB215B017016FAE27 ] C:\Windows\System32\mshtml.dll 05:53:42.0023 6188 C:\Windows\System32\mshtml.dll - ok 05:53:42.0023 6188 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll 05:53:42.0023 6188 C:\Windows\System32\resutils.dll - ok 05:53:42.0023 6188 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll 05:53:42.0023 6188 C:\Windows\System32\sscore.dll - ok 05:53:42.0023 6188 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll 05:53:42.0023 6188 C:\Windows\System32\wbem\wbemcore.dll - ok 05:53:42.0023 6188 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll 05:53:42.0023 6188 C:\Windows\SysWOW64\netapi32.dll - ok 05:53:42.0023 6188 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll 05:53:42.0023 6188 C:\Windows\SysWOW64\netutils.dll - ok 05:53:42.0023 6188 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll 05:53:42.0023 6188 C:\Windows\System32\wbem\esscli.dll - ok 05:53:42.0023 6188 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll 05:53:42.0023 6188 C:\Windows\SysWOW64\srvcli.dll - ok 05:53:42.0039 6188 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll 05:53:42.0039 6188 C:\Windows\SysWOW64\wkscli.dll - ok 05:53:42.0039 6188 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll 05:53:42.0039 6188 C:\Windows\System32\wbem\wbemsvc.dll - ok 05:53:42.0039 6188 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll 05:53:42.0039 6188 C:\Windows\System32\wbem\wmiutils.dll - ok 05:53:42.0039 6188 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll 05:53:42.0039 6188 C:\Windows\System32\wbem\repdrvfs.dll - ok 05:53:42.0039 6188 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll 05:53:42.0039 6188 C:\Windows\System32\ncobjapi.dll - ok 05:53:42.0039 6188 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll 05:53:42.0039 6188 C:\Windows\System32\wbem\wbemess.dll - ok 05:53:42.0039 6188 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll 05:53:42.0039 6188 C:\Windows\System32\wbem\WmiPrvSD.dll - ok 05:53:42.0039 6188 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll 05:53:42.0039 6188 C:\Windows\System32\wbem\WinMgmtR.dll - ok 05:53:42.0039 6188 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll 05:53:42.0039 6188 C:\Windows\System32\wbem\NCProv.dll - ok 05:53:42.0039 6188 [ 161EFB45DE0744802FBE88F50B57EB86 ] C:\Program Files\Internet Explorer\sqmapi.dll 05:53:42.0039 6188 C:\Program Files\Internet Explorer\sqmapi.dll - ok 05:53:42.0054 6188 [ 631325E7D627345B4056C485BA6B7387 ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caambl.dll 05:53:42.0054 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Virus\caambl.dll - ok 05:53:42.0054 6188 [ 5F3AE297058F8B80862A13FD2CFD09C5 ] C:\Program Files\Total Defense\Internet Security Suite\scx86\Backup and Migration\DNABonesProxy.dll 05:53:42.0054 6188 C:\Program Files\Total Defense\Internet Security Suite\scx86\Backup and Migration\DNABonesProxy.dll - ok 05:53:42.0054 6188 [ 52E9D5B2322A8107FF5651B93D71E75B ] C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\QOEHook.dll 05:53:42.0054 6188 C:\Program Files\Total Defense\Internet Security Suite\Anti-Spam\QSP-9.2.0.41\QOEHook.dll - ok 05:53:42.0054 6188 [ 6B1F4B53A8E692F537184395299EAA8B ] C:\Program Files\Total Defense\Internet Security Suite\cckasubmit.dll 05:53:42.0054 6188 C:\Program Files\Total Defense\Internet Security Suite\cckasubmit.dll - ok 05:53:42.0054 6188 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll 05:53:42.0054 6188 C:\Windows\System32\qmgr.dll - ok 05:53:42.0054 6188 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll 05:53:42.0054 6188 C:\Windows\System32\wdi.dll - ok 05:53:42.0054 6188 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll 05:53:42.0054 6188 C:\Windows\System32\wpdbusenum.dll - ok 05:53:42.0054 6188 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll 05:53:42.0054 6188 C:\Windows\System32\Apphlpdm.dll - ok 05:53:42.0054 6188 [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll 05:53:42.0054 6188 C:\Windows\System32\appinfo.dll - ok 05:53:42.0054 6188 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll 05:53:42.0054 6188 C:\Windows\System32\bitsigd.dll - ok 05:53:42.0070 6188 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll 05:53:42.0070 6188 C:\Windows\System32\bitsperf.dll - ok 05:53:42.0070 6188 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll 05:53:42.0070 6188 C:\Windows\System32\diagperf.dll - ok 05:53:42.0070 6188 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll 05:53:42.0070 6188 C:\Windows\System32\msimtf.dll - ok 05:53:42.0070 6188 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll 05:53:42.0070 6188 C:\Windows\System32\perftrack.dll - ok 05:53:42.0070 6188 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll 05:53:42.0070 6188 C:\Windows\System32\wer.dll - ok 05:53:42.0070 6188 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll 05:53:42.0070 6188 C:\Windows\System32\pnpts.dll - ok 05:53:42.0070 6188 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll 05:53:42.0070 6188 C:\Windows\System32\PortableDeviceApi.dll - ok 05:53:42.0070 6188 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll 05:53:42.0070 6188 C:\Windows\System32\radardt.dll - ok 05:53:42.0070 6188 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll 05:53:42.0070 6188 C:\Windows\System32\upnp.dll - ok 05:53:42.0070 6188 [ D383602755758FA81166B0FD8AFE6D40 ] C:\Windows\System32\jscript9.dll 05:53:42.0070 6188 C:\Windows\System32\jscript9.dll - ok 05:53:42.0070 6188 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll 05:53:42.0070 6188 C:\Windows\System32\PortableDeviceConnectApi.dll - ok 05:53:42.0086 6188 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll 05:53:42.0086 6188 C:\Windows\System32\ssdpsrv.dll - ok 05:53:42.0086 6188 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll 05:53:42.0086 6188 C:\Windows\System32\wdiasqmmodule.dll - ok 05:53:42.0086 6188 [ 7E8A672B7B06A6EB11960C22E0360C59 ] C:\Windows\System32\d2d1.dll 05:53:42.0086 6188 C:\Windows\System32\d2d1.dll - ok 05:53:42.0086 6188 [ 63BB89DED1E9104E68D33E54DE4D340D ] C:\Windows\System32\DWrite.dll 05:53:42.0086 6188 C:\Windows\System32\DWrite.dll - ok 05:53:42.0086 6188 [ C498EF41B93986BCBD483597573EB96D ] C:\Windows\System32\d3d10warp.dll 05:53:42.0086 6188 C:\Windows\System32\d3d10warp.dll - ok 05:53:42.0086 6188 [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll 05:53:42.0086 6188 C:\Windows\System32\msls31.dll - ok 05:53:42.0086 6188 [ F62C8E6A4DF87F4C309FF2CE6A18C0F7 ] C:\Program Files\Total Defense\Internet Security Suite\ccpriv.dll 05:53:42.0086 6188 C:\Program Files\Total Defense\Internet Security Suite\ccpriv.dll - ok 05:53:42.0086 6188 [ 5C850E5BCCAD657CD0C62FACC49D8F9B ] C:\Program Files\Total Defense\Internet Security Suite\SQLite3.dll 05:53:42.0086 6188 C:\Program Files\Total Defense\Internet Security Suite\SQLite3.dll - ok 05:53:42.0086 6188 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe 05:53:42.0086 6188 C:\Windows\System32\wbem\WmiPrvSE.exe - ok 05:53:42.0101 6188 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll 05:53:42.0101 6188 C:\Windows\System32\wbem\cimwin32.dll - ok 05:53:42.0101 6188 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll 05:53:42.0101 6188 C:\Windows\System32\qmgrprxy.dll - ok 05:53:42.0101 6188 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe 05:53:42.0101 6188 C:\Windows\System32\runonce.exe - ok 05:53:42.0101 6188 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll 05:53:42.0101 6188 C:\Windows\SysWOW64\qmgrprxy.dll - ok 05:53:42.0101 6188 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll 05:53:42.0101 6188 C:\Windows\System32\framedynos.dll - ok 05:53:42.0101 6188 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll 05:53:42.0101 6188 C:\Windows\System32\wmi.dll - ok 05:53:42.0101 6188 [ 6519CF910F7CD2BC629E8E7237F4617D ] C:\Program Files\Total Defense\Internet Security Suite\ccipc.dll 05:53:42.0101 6188 C:\Program Files\Total Defense\Internet Security Suite\ccipc.dll - ok 05:53:42.0101 6188 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe 05:53:42.0101 6188 C:\Windows\SysWOW64\runonce.exe - ok 05:53:42.0101 6188 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll 05:53:42.0101 6188 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok 05:53:42.0101 6188 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll 05:53:42.0101 6188 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok 05:53:42.0117 6188 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll 05:53:42.0117 6188 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.