Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Browser does not go where I want it to

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Browser does not go where I want it to

Unread postby punkpal » February 12th, 2013, 11:52 pm

Hello,

I recently came here for another problem regarding my browser (internet explorer). The archived topic is here viewtopic.php?f=12&t=61408

I'm now experiencing a new problem, with no changes to my system and nothing done other than browsing and playing World of Warcraft. Everytime I click a link via search it redirects me to some other site (which seems very spam-like). I ran Windows Security Essentials for a virus scan and came up with Trojan.Alureon.A which Windows Security Essentials could not remove so I browsed a bit and used Kaspersky TDSSkiller tool...I ran the scans again and the virus seems to have disappeared but my browser is still not allowing me to go where I want it to. I will click the link and a strange address comes up ie. 192.429.2284 (something like that) and it will direct me to 'livesearch' or some other awful place. Any help or insight into this would be very helpful. Is the problem residual from before and never solved? Or is this something new? Oh one more thing, my computer randomly shut down yesterday and hasn't happened again.
:shock:

Here is the DDS log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by owner at 22:44:44 on 2013-02-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2640 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\owner\Desktop\tdsskiller.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://asus.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Akamai NetSession Interface] "C:\Users\owner\AppData\Local\Akamai\netsession_win.exe"
uRun: [ElevatedDiagnostics] rundll32 "C:\Users\owner\AppData\Local\Microsoft\ElevatedDiagnostics\msfrixm.dll",NVDisplayCoInstallW
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRun: [ElevatedDiagnostics] rundll32 "C:\Users\owner\AppData\Local\Microsoft\ElevatedDiagnostics\msfrixm.dll",NVDisplayCoInstallW
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDow ... ab_nvd.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{C1015840-AF1E-4695-993A-03A3069BB560} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C1015840-AF1E-4695-993A-03A3069BB560}\346416D6E45445 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C1015840-AF1E-4695-993A-03A3069BB560}\355707562702830284F64756C6 : DHCPNameServer = 64.59.168.13 64.59.168.15 64.59.174.84
TCP: Interfaces\{C1015840-AF1E-4695-993A-03A3069BB560}\7666C673 : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-6-26 75904]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-6-26 38016]
R0 lullaby;lullaby;C:\Windows\System32\drivers\lullaby.sys [2010-7-2 15928]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-7-2 379520]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-6-26 203264]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 128456]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-3-15 428384]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-9-24 116752]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-6-26 129024]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-8-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2010-2-24 131552]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-6-26 38528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 BS_DEF;BS_DEF;C:\Windows\BS_DEF.sys [2012-6-26 21048]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-8-14 57280]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-12 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-5 1255736]
.
=============== Created Last 30 ================
.
2013-02-13 03:28:03 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B787C607-E865-4180-8E33-2FAE8ED81840}\offreg.dll
2013-02-13 03:23:19 -------- d-----w- C:\TDSSKiller_Quarantine
2013-02-13 00:49:33 450560 ----a-w- C:\Users\owner\wgsdgsdgdsgsd.exe
2013-02-12 22:25:43 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B787C607-E865-4180-8E33-2FAE8ED81840}\mpengine.dll
2013-02-11 17:23:54 9161176 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-06 19:04:53 -------- d-----w- C:\Program Files (x86)\ESET
2013-02-05 20:39:40 -------- d-----w- C:\_OTL
2013-01-29 23:56:28 -------- d-----r- C:\Program Files (x86)\Skype
2013-01-25 04:35:09 -------- d-----w- C:\Users\owner\AppData\Local\Facebook
.
==================== Find3M ====================
.
2013-02-13 01:01:08 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2013-02-08 00:03:02 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 00:03:02 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2009-04-08 17:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll
.
============= FINISH: 22:45:55.46 ===============

.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/5/2010 2:24:35 AM
System Uptime: 2/12/2013 10:23:46 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K52Dr
Processor: AMD Phenom(tm) II N830 Triple-Core Processor | CPU 1 | 798/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 116 GiB total, 36.461 GiB free.
D: is FIXED (NTFS) - 330 GiB total, 294.616 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP405: 2/2/2013 7:45:24 PM - Microsoft Antimalware Checkpoint
RP407: 2/3/2013 7:49:02 PM - Microsoft Antimalware Checkpoint
RP409: 2/4/2013 7:50:33 PM - Microsoft Antimalware Checkpoint
RP410: 2/5/2013 3:22:12 PM - Windows Update
RP411: 2/5/2013 3:39:52 PM - OTL Restore Point - 2/5/2013 3:39:52 PM
RP412: 2/8/2013 4:51:08 PM - Windows Update
RP414: 2/11/2013 1:42:58 PM - Microsoft Antimalware Checkpoint
RP415: 2/12/2013 5:24:50 PM - Windows Update
RP417: 2/12/2013 7:55:35 PM - Microsoft Antimalware Checkpoint
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.5)
AMD Catalyst Install Manager
AMD USB Filter Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS AI Recovery
ASUS AP Bank
ASUS CopyProtect
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS MultiFrame
ASUS Power4Gear Hybrid
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS WebStorage
ATK Package
Battle.net
Boingo Wi-Fi
Bonjour
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
ControlDeck
CyberLink LabelPrint
CyberLink Power2Go
CyberLink PowerDVD 9
D3DX10
ESET Online Scanner v3
ETDWare PS/2-x64 7.0.5.16_WHQL
Fast Boot
Internet TV for Windows Media Center
iTunes
Java 7 Update 9
Java Auto Updater
JavaFX 2.1.1
JMicron Ethernet Adapter NDIS Driver
JMicron Flash Media Controller Driver
Junk Mail filter update
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Movie Maker
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Photo Common
Photo Gallery
PMB
QuickTime
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Skype™ 6.1
SpeedFan (remove only)
SRS Premium Sound Control Panel
StarCraft II
System Requirements Lab
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
USB 2.0 VGA UVC WebCam
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
Wireless Console 3
World of Warcraft
.
==== Event Viewer Messages From Past Week ========
.
2/5/2013 3:39:40 PM, Error: Service Control Manager [7034] - The ASLDR Service service terminated unexpectedly. It has done this 1 time(s).
2/12/2013 9:38:15 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
2/12/2013 9:38:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/12/2013 9:38:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/12/2013 9:38:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/12/2013 9:38:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/12/2013 9:37:57 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6
2/12/2013 9:37:54 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/11/2013 6:48:40 PM, Error: Service Control Manager [7043] - The Microsoft Antimalware Service service did not shut down properly after receiving a preshutdown control.
2/11/2013 6:48:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NisSrv service.
.
==== End Of File ===========================
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm
Advertisement
Register to Remove

Re: Browser does not go where I want it to

Unread postby melboy » February 13th, 2013, 9:18 am

Hi and welcome to the MR forums. :)

I'm melboy and I am going to try to help you with your problem. Please take note of the following:

  1. I will be working on your Malware issues this may or may not solve other issues you have with your machine.
  2. The fixes are specific to your problem and should only be used for this issue on this machine.
  3. If you don't know or understand something, please don't hesitate to ask.
  4. Please refrain from making any further changes to your computer (Install/Uninstall programs, delete files, edit the registry, etc...)
  5. Please DO NOT run any other tools or scans whilst I am helping you.
  6. It is important that you reply to this thread. Do not start a new topic.
  7. DO NOT attach logs unless requested to. Please copy/paste all requested logs into your replies.
  8. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  9. Absence of symptoms does not mean that everything is clear.


NOTE: Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.


IMPORTANT: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.



No Reply Within 3 Days Will Result In Your Topic Being Closed!! If you need more time, please inform me.


======================================


Gmer

Download GMER Rootkit Scanner from here.

  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • It is very important you do not use your computer while GMER is running
  • Right click the randomly named GMER Image icon & choose "Run as Administrator"
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan
  • If you receive a warning about rootkit activity and are asked to fully scan your system click NO
  • Please check the Quick scan box
  • Please uncheck the following:
    • IAT/EAT
    • Show All <<< Important
    Image
  • Click Scan
  • If you see a rootkit warning window click OK
  • When the scan is finished, Save the results to your desktop as gmer.log
  • Click Copy then paste the results in your reply
  • Exit GMER and be sure to re-enable your Antivirus, Firewall and any other security programs you had disabled
Note:
  • If you encounter any problems, try running GMER in Safe Mode
  • If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser does not go where I want it to

Unread postby punkpal » February 13th, 2013, 1:11 pm

Does posting information about my computer on this site leave my computer compromised at all?

Here is the Gmer Log:

GMER 2.0.18454 - http://www.gmer.net
Rootkit scan 2013-02-13 12:06:59
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000005b Hitachi_ rev.JF3O 465.76GB
Running: 2ypmzrcq.exe; Driver: C:\Users\owner\AppData\Local\Temp\uwddifow.sys


---- User code sections - GMER 2.0 ----

.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000766e1401 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000766e1419 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000766e1431 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000766e144a 2 bytes [6E, 76]
.text ... * 9
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766e14dd 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766e14f5 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000766e150d 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000766e1525 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000766e153d 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000766e1555 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000766e156d 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000766e1585 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000766e159d 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766e15b5 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766e15cd 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766e16b2 2 bytes [6E, 76]
.text C:\Windows\SysWOW64\rundll32.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766e16bd 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000766e1401 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000766e1419 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000766e1431 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000766e144a 2 bytes [6E, 76]
.text ... * 9
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000766e14dd 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000766e14f5 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000766e150d 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000766e1525 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000766e153d 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000766e1555 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000766e156d 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000766e1585 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000766e159d 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000766e15b5 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000766e15cd 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000766e16b2 2 bytes [6E, 76]
.text C:\Windows\AsScrPro.exe[4712] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000766e16bd 2 bytes [6E, 76]

---- EOF - GMER 2.0 ----
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm

Re: Browser does not go where I want it to

Unread postby melboy » February 13th, 2013, 1:34 pm

punkpal wrote:Does posting information about my computer on this site leave my computer compromised at all?

Put simply, no.


ComboFix (by sUBs)

Please visit this webpage for instructions for downloading and running ComboFix: Bleeping Computer ComboFix Tutorial

  • You must download it to and run it from your Desktop
  • Now STOP all your security applications (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
    For instructions on how to disable your security programs, please see this topic: How to disable your security applications
  • Double click combofix.exe & follow the prompts.
  • Combofix may reboot your computer.
  • When finished, it will produce a log. Please save that log to post in your next reply
  • Re-enable all the programs that were disabled during the running of ComboFix.

A word of warning: This tool is not for everyday use. ComboFix SHOULD NOT be used unless requested by a forum helper.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser does not go where I want it to

Unread postby punkpal » February 13th, 2013, 5:33 pm

Okay awesome, thank you.

Could not disable window security essentials, I dont think it gives me the option...but I did turn realtime and all scans OFF. Here is the combofix log:

ComboFix 13-02-13.02 - owner 02/13/2013 16:07:44.2.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2751 [GMT -5:00]
Running from: c:\users\owner\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-01-13 to 2013-02-13 )))))))))))))))))))))))))))))))
.
.
2013-02-13 21:15 . 2013-02-13 21:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-13 20:59 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA880545-F2A6-4409-AF2D-F47B674D4BB4}\mpengine.dll
2013-02-13 03:23 . 2013-02-13 03:23 -------- d-----w- C:\TDSSKiller_Quarantine
2013-02-11 17:23 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-06 19:04 . 2013-02-06 19:04 -------- d-----w- c:\program files (x86)\ESET
2013-02-05 20:39 . 2013-02-05 20:39 -------- d-----w- C:\_OTL
2013-01-29 23:56 . 2013-01-29 23:56 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-01-29 23:56 . 2013-01-29 23:56 -------- d-----r- c:\program files (x86)\Skype
2013-01-25 04:35 . 2013-01-25 04:37 -------- d-----w- c:\users\owner\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-13 01:01 . 2011-01-20 14:04 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-02-08 00:03 . 2012-07-18 18:48 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-08 00:03 . 2011-07-31 03:13 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2010-11-05 08:21 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 20:09 . 2010-11-05 07:25 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-22 17:03 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 17:03 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 17:03 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 17:03 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 19:11 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 19:11 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 19:11 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 19:11 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 19:11 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 19:11 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 19:11 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 19:11 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 19:11 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 19:11 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 19:11 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 19:11 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 19:11 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 19:11 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 19:11 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 19:11 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 19:11 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 19:11 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 19:11 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 19:11 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 19:11 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 19:11 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 19:11 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 19:11 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 19:11 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 19:11 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 19:11 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 19:11 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 19:11 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 19:11 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 19:11 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 19:11 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-11-30 05:45 . 2013-01-09 19:10 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 19:10 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 19:10 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:45 . 2013-01-09 19:10 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:43 . 2013-01-09 19:10 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 19:10 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 19:10 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:54 . 2013-01-09 19:10 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-11-30 04:53 . 2013-01-09 19:10 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 19:10 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-07-02 2429]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-22 98304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-7-2 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-7-2 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 BS_DEF;BS_DEF;c:\windows\BS_DEF.sys [2012-06-27 21048]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-05 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-07 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-22 203264]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-25 116752]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-08-01 52584]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-04-29 38528]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-18 00:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"MSC"="c:\program files\Microsoft Security Client\mssecex.exe" [BU]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
Trusted Zone: elfwood.com\www
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-76744647-276698571-1013355761-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-76744647-276698571-1013355761-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-02-13 16:19:19
ComboFix-quarantined-files.txt 2013-02-13 21:19
ComboFix2.txt 2013-02-13 20:57
.
Pre-Run: 37,604,450,304 bytes free
Post-Run: 37,546,319,872 bytes free
.
- - End Of File - - 7040BFE6E6ACDC88C4C17751C351AA4F
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm

Re: Browser does not go where I want it to

Unread postby melboy » February 13th, 2013, 5:40 pm

Hi

Did you run it twice?

Please post the contents of:

C:\qoobox\ComboFix2.txt

How are things running?
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser does not go where I want it to

Unread postby punkpal » February 13th, 2013, 5:52 pm

yes, the first time i lost the log file because i copy pasted something by accident.
:oops: :oops:
Combofix2:

ComboFix 13-02-13.02 - owner 02/13/2013 15:40:58.1.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2085 [GMT -5:00]
Running from: c:\users\owner\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\programdata\FullRemove.exe
c:\users\owner\AppData\Local\Microsoft\ElevatedDiagnostics\msfrixm.dll
c:\users\owner\wgsdgsdgdsgsd.exe
c:\windows\svchost.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-01-13 to 2013-02-13 )))))))))))))))))))))))))))))))
.
.
2013-02-13 17:09 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B1DAC3B6-9ACD-4C1E-934E-C51574784602}\mpengine.dll
2013-02-13 03:23 . 2013-02-13 03:23 -------- d-----w- C:\TDSSKiller_Quarantine
2013-02-11 17:23 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-06 19:04 . 2013-02-06 19:04 -------- d-----w- c:\program files (x86)\ESET
2013-02-05 20:39 . 2013-02-05 20:39 -------- d-----w- C:\_OTL
2013-01-29 23:56 . 2013-01-29 23:56 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-01-29 23:56 . 2013-01-29 23:56 -------- d-----r- c:\program files (x86)\Skype
2013-01-25 04:35 . 2013-01-25 04:37 -------- d-----w- c:\users\owner\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-13 01:01 . 2011-01-20 14:04 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-02-08 00:03 . 2012-07-18 18:48 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-08 00:03 . 2011-07-31 03:13 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2010-11-05 08:21 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 20:09 . 2010-11-05 07:25 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-22 17:03 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 17:03 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 17:03 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 17:03 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 19:11 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 19:11 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 19:11 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 19:11 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 19:11 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 19:11 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 19:11 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 19:11 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 19:11 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 19:11 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 19:11 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 19:11 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 19:11 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 19:11 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 19:11 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 19:11 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 19:11 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 19:11 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 19:11 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 19:11 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 19:11 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 19:11 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 19:11 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 19:11 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 19:11 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 19:11 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 19:11 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 19:11 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 19:11 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 19:11 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 19:11 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 19:11 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-11-30 05:45 . 2013-01-09 19:10 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 19:10 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 19:10 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:45 . 2013-01-09 19:10 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:43 . 2013-01-09 19:10 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 19:10 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 19:10 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:54 . 2013-01-09 19:10 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-11-30 04:53 . 2013-01-09 19:10 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 19:10 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 19:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-07-02 2429]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-22 98304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-7-2 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-7-2 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 BS_DEF;BS_DEF;c:\windows\BS_DEF.sys [2012-06-27 21048]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-05 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-07 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-22 203264]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-25 116752]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-08-01 52584]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-04-29 38528]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-18 00:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
Trusted Zone: elfwood.com\www
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\owner\AppData\Local\Akamai\netsession_win.exe
Wow6432Node-HKCU-Run-ElevatedDiagnostics - c:\users\owner\AppData\Local\Microsoft\ElevatedDiagnostics\msfrixm.dll
Wow6432Node-HKU-Default-Run-ElevatedDiagnostics - c:\users\owner\AppData\Local\Microsoft\ElevatedDiagnostics\msfrixm.dll
SafeBoot-88262710.sys
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-MSC - c:\program files\Microsoft Security Client\mssecex.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-76744647-276698571-1013355761-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-76744647-276698571-1013355761-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
.
**************************************************************************
.
Completion time: 2013-02-13 15:57:58 - machine was rebooted
ComboFix-quarantined-files.txt 2013-02-13 20:57
.
Pre-Run: 37,960,212,480 bytes free
Post-Run: 37,619,884,032 bytes free
.
- - End Of File - - 1A77F76FE95D79E8356D8A3BA12F4524
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm

Re: Browser does not go where I want it to

Unread postby punkpal » February 13th, 2013, 5:56 pm

Things seem to be running okay actually, the links are not redirecting me as they were to 'livesearch' and other spam sites. I'll browse a bit more and see.
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm

Re: Browser does not go where I want it to

Unread postby melboy » February 13th, 2013, 6:06 pm

Hi

Thanks.

If you already have a copy of TDSSKiller, delete it and download a fresh copy.

TDSSKiller

Download tdsskiller.exe and save it to your desktop

  • Double click TDSSKiller.exe to run it.
  • Click Change parameters
  • Under Objects to scan check Loaded modules
  • Click Reboot now when prompted.
  • After reboot when TDSSKiller has re-loaded, click Start scan and allow it to scan for Malicious objects.

    • If Malicious objects are detected, the default action will be Cure, ensure Cure is selected then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected then click Continue

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  • A log will be created on your root (usually C:) drive. The log is like UtilityName.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  • If no reboot is required, click on Report. A log file should appear.
  • Please post the contents in your next reply
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser does not go where I want it to

Unread postby punkpal » February 13th, 2013, 7:33 pm

Followed steps but no log popped up, where might I find it?
:pale:

Edit: I think I found it duh ('full report')
(had to split it up because of character limit)

18:22:59.0697 3792 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:23:00.0758 3792 ============================================================
18:23:00.0758 3792 Current date / time: 2013/02/13 18:23:00.0758
18:23:00.0758 3792 SystemInfo:
18:23:00.0758 3792
18:23:00.0758 3792 OS Version: 6.1.7601 ServicePack: 1.0
18:23:00.0758 3792 Product type: Workstation
18:23:00.0758 3792 ComputerName: CHRISCROSS-PC
18:23:00.0758 3792 UserName: owner
18:23:00.0758 3792 Windows directory: C:\Windows
18:23:00.0758 3792 System windows directory: C:\Windows
18:23:00.0758 3792 Running under WOW64
18:23:00.0758 3792 Processor architecture: Intel x64
18:23:00.0758 3792 Number of processors: 3
18:23:00.0758 3792 Page size: 0x1000
18:23:00.0774 3792 Boot type: Normal boot
18:23:00.0774 3792 ============================================================
18:23:03.0944 3792 BG loaded
18:23:05.0419 3792 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
18:23:05.0419 3792 ============================================================
18:23:05.0419 3792 \Device\Harddisk0\DR0:
18:23:05.0466 3792 MBR partitions:
18:23:05.0466 3792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2713B60, BlocksNum 0xE8E3E70
18:23:05.0513 3792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10FF7A0F, BlocksNum 0x2938CE81
18:23:05.0513 3792 ============================================================
18:23:05.0638 3792 C: <-> \Device\Harddisk0\DR0\Partition1
18:23:05.0700 3792 D: <-> \Device\Harddisk0\DR0\Partition2
18:23:05.0700 3792 ============================================================
18:23:05.0700 3792 Initialize success
18:23:05.0700 3792 ============================================================
18:23:19.0304 4384 ============================================================
18:23:19.0304 4384 Scan started
18:23:19.0304 4384 Mode: Manual;
18:23:19.0304 4384 ============================================================
18:23:20.0942 4384 ================ Scan system memory ========================
18:23:20.0942 4384 System memory - ok
18:23:20.0942 4384 ================ Scan services =============================
18:23:21.0754 4384 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:23:21.0769 4384 1394ohci - ok
18:23:21.0832 4384 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:23:21.0863 4384 ACPI - ok
18:23:21.0910 4384 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:23:21.0925 4384 AcpiPmi - ok
18:23:22.0128 4384 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:23:22.0128 4384 AdobeARMservice - ok
18:23:22.0783 4384 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:23:22.0799 4384 AdobeFlashPlayerUpdateSvc - ok
18:23:22.0908 4384 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:23:22.0955 4384 adp94xx - ok
18:23:23.0033 4384 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:23:23.0048 4384 adpahci - ok
18:23:23.0111 4384 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:23:23.0111 4384 adpu320 - ok
18:23:23.0173 4384 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:23:23.0173 4384 AeLookupSvc - ok
18:23:23.0314 4384 [ 2D00D3DADC1D3326BA788EB071F2726E ] AFBAgent C:\Windows\system32\FBAgent.exe
18:23:23.0329 4384 AFBAgent - ok
18:23:23.0423 4384 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:23:23.0423 4384 AFD - ok
18:23:23.0516 4384 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:23:23.0532 4384 agp440 - ok
18:23:23.0579 4384 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:23:23.0579 4384 ALG - ok
18:23:23.0672 4384 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:23:23.0688 4384 aliide - ok
18:23:23.0766 4384 [ 91DA5A257B800C21CC3B6674E579CF90 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:23:23.0766 4384 AMD External Events Utility - ok
18:23:23.0860 4384 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:23:23.0875 4384 amdide - ok
18:23:23.0953 4384 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:23:23.0984 4384 AmdK8 - ok
18:23:24.0780 4384 [ B64724CA6C9F3D8325F0F1A02C6ADFAF ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:23:24.0905 4384 amdkmdag - ok
18:23:24.0967 4384 [ 18F03BE6118BA9D8A9DC0B98997DC98E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:23:24.0983 4384 amdkmdap - ok
18:23:25.0030 4384 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:23:25.0030 4384 AmdPPM - ok
18:23:25.0061 4384 [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
18:23:25.0076 4384 amdsata - ok
18:23:25.0108 4384 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:23:25.0108 4384 amdsbs - ok
18:23:25.0139 4384 [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
18:23:25.0139 4384 amdxata - ok
18:23:25.0186 4384 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
18:23:25.0186 4384 amd_sata - ok
18:23:25.0248 4384 [ A2D8977623E13591B15F6370C6CC37B0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
18:23:25.0248 4384 amd_xata - ok
18:23:25.0326 4384 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:23:25.0342 4384 AppID - ok
18:23:25.0404 4384 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:23:25.0404 4384 AppIDSvc - ok
18:23:25.0466 4384 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:23:25.0466 4384 Appinfo - ok
18:23:25.0607 4384 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:23:25.0622 4384 Apple Mobile Device - ok
18:23:25.0716 4384 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:23:25.0732 4384 arc - ok
18:23:25.0747 4384 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:23:25.0763 4384 arcsas - ok
18:23:25.0856 4384 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
18:23:25.0856 4384 ASLDRService - ok
18:23:25.0934 4384 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
18:23:25.0934 4384 ASMMAP64 - ok
18:23:25.0966 4384 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:23:25.0981 4384 AsyncMac - ok
18:23:26.0044 4384 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:23:26.0059 4384 atapi - ok
18:23:26.0496 4384 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:23:26.0543 4384 athr - ok
18:23:26.0621 4384 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:23:26.0636 4384 AtiHDAudioService - ok
18:23:26.0683 4384 [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
18:23:26.0714 4384 AtiHdmiService - ok
18:23:26.0777 4384 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
18:23:26.0792 4384 AtiPcie - ok
18:23:26.0824 4384 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
18:23:26.0824 4384 ATKGFNEXSrv - ok
18:23:26.0902 4384 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:23:26.0917 4384 AudioEndpointBuilder - ok
18:23:26.0948 4384 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:23:26.0964 4384 AudioSrv - ok
18:23:27.0026 4384 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:23:27.0042 4384 AxInstSV - ok
18:23:27.0182 4384 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:23:27.0198 4384 b06bdrv - ok
18:23:27.0292 4384 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:23:27.0307 4384 b57nd60a - ok
18:23:27.0385 4384 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:23:27.0385 4384 BDESVC - ok
18:23:27.0448 4384 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:23:27.0448 4384 Beep - ok
18:23:27.0572 4384 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:23:27.0572 4384 BFE - ok
18:23:27.0635 4384 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
18:23:27.0650 4384 BITS - ok
18:23:27.0682 4384 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:23:27.0697 4384 blbdrive - ok
18:23:27.0884 4384 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:23:27.0884 4384 Bonjour Service - ok
18:23:27.0947 4384 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:23:27.0947 4384 bowser - ok
18:23:27.0994 4384 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:23:28.0009 4384 BrFiltLo - ok
18:23:28.0025 4384 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:23:28.0040 4384 BrFiltUp - ok
18:23:28.0072 4384 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:23:28.0072 4384 BridgeMP - ok
18:23:28.0103 4384 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:23:28.0118 4384 Browser - ok
18:23:28.0196 4384 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:23:28.0228 4384 Brserid - ok
18:23:28.0274 4384 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:23:28.0290 4384 BrSerWdm - ok
18:23:28.0337 4384 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:23:28.0352 4384 BrUsbMdm - ok
18:23:28.0384 4384 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:23:28.0384 4384 BrUsbSer - ok
18:23:28.0462 4384 [ 75768CE56DC58BA38EAE38BA4741AF6E ] BS_DEF C:\Windows\BS_DEF.sys
18:23:28.0462 4384 BS_DEF - ok
18:23:28.0540 4384 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:23:28.0540 4384 BTHMODEM - ok
18:23:28.0618 4384 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:23:28.0618 4384 bthserv - ok
18:23:28.0680 4384 catchme - ok
18:23:28.0758 4384 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:23:28.0758 4384 cdfs - ok
18:23:28.0852 4384 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:23:28.0852 4384 cdrom - ok
18:23:28.0930 4384 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:23:28.0930 4384 CertPropSvc - ok
18:23:29.0008 4384 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:23:29.0023 4384 circlass - ok
18:23:29.0101 4384 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:23:29.0117 4384 CLFS - ok
18:23:29.0210 4384 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:23:29.0226 4384 clr_optimization_v2.0.50727_32 - ok
18:23:29.0320 4384 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:23:29.0320 4384 clr_optimization_v2.0.50727_64 - ok
18:23:29.0444 4384 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:23:29.0491 4384 clr_optimization_v4.0.30319_32 - ok
18:23:29.0600 4384 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:23:29.0600 4384 clr_optimization_v4.0.30319_64 - ok
18:23:29.0663 4384 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:23:29.0663 4384 CmBatt - ok
18:23:29.0678 4384 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:23:29.0678 4384 cmdide - ok
18:23:29.0725 4384 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:23:29.0725 4384 CNG - ok
18:23:29.0772 4384 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:23:29.0772 4384 Compbatt - ok
18:23:29.0803 4384 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:23:29.0803 4384 CompositeBus - ok
18:23:29.0834 4384 COMSysApp - ok
18:23:29.0866 4384 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:23:29.0881 4384 crcdisk - ok
18:23:29.0928 4384 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:23:29.0928 4384 CryptSvc - ok
18:23:29.0990 4384 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
18:23:29.0990 4384 dc3d - ok
18:23:30.0053 4384 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:23:30.0053 4384 DcomLaunch - ok
18:23:30.0115 4384 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:23:30.0115 4384 defragsvc - ok
18:23:30.0146 4384 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:23:30.0162 4384 DfsC - ok
18:23:30.0209 4384 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:23:30.0224 4384 Dhcp - ok
18:23:30.0256 4384 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:23:30.0256 4384 discache - ok
18:23:30.0287 4384 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:23:30.0287 4384 Disk - ok
18:23:30.0334 4384 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:23:30.0334 4384 Dnscache - ok
18:23:30.0380 4384 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:23:30.0380 4384 dot3svc - ok
18:23:30.0412 4384 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:23:30.0427 4384 DPS - ok
18:23:30.0458 4384 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:23:30.0474 4384 drmkaud - ok
18:23:30.0599 4384 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:23:30.0614 4384 DXGKrnl - ok
18:23:30.0646 4384 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:23:30.0646 4384 EapHost - ok
18:23:30.0864 4384 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:23:30.0973 4384 ebdrv - ok
18:23:31.0004 4384 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:23:31.0004 4384 EFS - ok
18:23:31.0098 4384 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:23:31.0114 4384 ehRecvr - ok
18:23:31.0160 4384 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:23:31.0160 4384 ehSched - ok
18:23:31.0254 4384 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:23:31.0254 4384 elxstor - ok
18:23:31.0301 4384 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:23:31.0316 4384 ErrDev - ok
18:23:31.0363 4384 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
18:23:31.0363 4384 ETD - ok
18:23:31.0410 4384 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:23:31.0426 4384 EventSystem - ok
18:23:31.0457 4384 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:23:31.0457 4384 exfat - ok
18:23:31.0488 4384 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:23:31.0488 4384 fastfat - ok
18:23:31.0550 4384 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:23:31.0566 4384 Fax - ok
18:23:31.0582 4384 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:23:31.0597 4384 fdc - ok
18:23:31.0628 4384 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:23:31.0628 4384 fdPHost - ok
18:23:31.0644 4384 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:23:31.0644 4384 FDResPub - ok
18:23:31.0675 4384 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:23:31.0691 4384 FileInfo - ok
18:23:31.0706 4384 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:23:31.0706 4384 Filetrace - ok
18:23:31.0753 4384 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:23:31.0769 4384 flpydisk - ok
18:23:31.0800 4384 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:23:31.0816 4384 FltMgr - ok
18:23:31.0909 4384 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:23:31.0925 4384 FontCache - ok
18:23:31.0987 4384 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:23:31.0987 4384 FontCache3.0.0.0 - ok
18:23:32.0034 4384 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:23:32.0034 4384 FsDepends - ok
18:23:32.0081 4384 [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:23:32.0096 4384 fssfltr - ok
18:23:32.0237 4384 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:23:32.0268 4384 fsssvc - ok
18:23:32.0299 4384 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:23:32.0315 4384 Fs_Rec - ok
18:23:32.0362 4384 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:23:32.0377 4384 fvevol - ok
18:23:32.0424 4384 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:23:32.0424 4384 gagp30kx - ok
18:23:32.0502 4384 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:23:32.0502 4384 GEARAspiWDM - ok
18:23:32.0564 4384 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:23:32.0580 4384 gpsvc - ok
18:23:32.0627 4384 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:23:32.0642 4384 hamachi - ok
18:23:32.0674 4384 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:23:32.0689 4384 hcw85cir - ok
18:23:32.0767 4384 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:23:32.0783 4384 HdAudAddService - ok
18:23:32.0814 4384 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:23:32.0814 4384 HDAudBus - ok
18:23:32.0845 4384 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:23:32.0845 4384 HidBatt - ok
18:23:32.0876 4384 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:23:32.0876 4384 HidBth - ok
18:23:32.0908 4384 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:23:32.0923 4384 HidIr - ok
18:23:32.0970 4384 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
18:23:32.0970 4384 hidserv - ok
18:23:33.0032 4384 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:23:33.0032 4384 HidUsb - ok
18:23:33.0064 4384 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:23:33.0079 4384 hkmsvc - ok
18:23:33.0126 4384 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:23:33.0126 4384 HomeGroupListener - ok
18:23:33.0173 4384 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:23:33.0173 4384 HomeGroupProvider - ok
18:23:33.0220 4384 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:23:33.0220 4384 HpSAMD - ok
18:23:33.0329 4384 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:23:33.0329 4384 HTTP - ok
18:23:33.0360 4384 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:23:33.0376 4384 hwpolicy - ok
18:23:33.0438 4384 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:23:33.0438 4384 i8042prt - ok
18:23:33.0547 4384 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:23:33.0563 4384 iaStorV - ok
18:23:33.0734 4384 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:23:33.0750 4384 idsvc - ok
18:23:33.0781 4384 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:23:33.0797 4384 iirsp - ok
18:23:33.0875 4384 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:23:33.0890 4384 IKEEXT - ok
18:23:34.0093 4384 [ 6E4CCB3AFF07E2B9F2A937385C84B573 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:23:34.0140 4384 IntcAzAudAddService - ok
18:23:34.0171 4384 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:23:34.0187 4384 intelide - ok
18:23:34.0234 4384 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:23:34.0249 4384 intelppm - ok
18:23:34.0280 4384 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:23:34.0280 4384 IPBusEnum - ok
18:23:34.0327 4384 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:23:34.0327 4384 IpFilterDriver - ok
18:23:34.0405 4384 [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
18:23:34.0421 4384 IpHlpSvc - ok
18:23:34.0452 4384 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:23:34.0452 4384 IPMIDRV - ok
18:23:34.0499 4384 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:23:34.0514 4384 IPNAT - ok
18:23:34.0639 4384 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:23:34.0655 4384 iPod Service - ok
18:23:34.0702 4384 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:23:34.0717 4384 IRENUM - ok
18:23:34.0748 4384 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:23:34.0764 4384 isapnp - ok
18:23:34.0811 4384 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:23:34.0826 4384 iScsiPrt - ok
18:23:34.0889 4384 [ DB917B998CBC15A153C00DD6EFC34C13 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
18:23:34.0889 4384 JMCR - ok
18:23:34.0982 4384 [ 8ADAAFCD2B8C259DEBF6C8DFD9727889 ] JME C:\Windows\system32\DRIVERS\JME.sys
18:23:34.0982 4384 JME - ok
18:23:35.0029 4384 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:23:35.0029 4384 kbdclass - ok
18:23:35.0060 4384 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:23:35.0060 4384 kbdhid - ok
18:23:35.0107 4384 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
18:23:35.0107 4384 kbfiltr - ok
18:23:35.0138 4384 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:23:35.0138 4384 KeyIso - ok
18:23:35.0170 4384 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:23:35.0185 4384 KSecDD - ok
18:23:35.0216 4384 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:23:35.0216 4384 KSecPkg - ok
18:23:35.0263 4384 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:23:35.0279 4384 ksthunk - ok
18:23:35.0341 4384 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:23:35.0357 4384 KtmRm - ok
18:23:35.0450 4384 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:23:35.0450 4384 LanmanServer - ok
18:23:35.0497 4384 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:23:35.0497 4384 LanmanWorkstation - ok
18:23:35.0544 4384 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:23:35.0544 4384 lltdio - ok
18:23:35.0591 4384 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:23:35.0606 4384 lltdsvc - ok
18:23:35.0622 4384 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:23:35.0622 4384 lmhosts - ok
18:23:35.0653 4384 lmimirr - ok
18:23:35.0716 4384 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:23:35.0731 4384 LSI_FC - ok
18:23:35.0747 4384 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:23:35.0762 4384 LSI_SAS - ok
18:23:35.0809 4384 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:23:35.0825 4384 LSI_SAS2 - ok
18:23:35.0856 4384 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:23:35.0856 4384 LSI_SCSI - ok
18:23:35.0903 4384 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:23:35.0903 4384 luafv - ok
18:23:35.0934 4384 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
18:23:35.0934 4384 lullaby - ok
18:23:35.0965 4384 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:23:35.0981 4384 Mcx2Svc - ok
18:23:35.0996 4384 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:23:36.0012 4384 megasas - ok
18:23:36.0059 4384 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:23:36.0074 4384 MegaSR - ok
18:23:36.0121 4384 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:23:36.0121 4384 MMCSS - ok
18:23:36.0137 4384 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:23:36.0152 4384 Modem - ok
18:23:36.0199 4384 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:23:36.0199 4384 monitor - ok
18:23:36.0230 4384 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:23:36.0230 4384 mouclass - ok
18:23:36.0262 4384 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:23:36.0262 4384 mouhid - ok
18:23:36.0324 4384 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:23:36.0324 4384 mountmgr - ok
18:23:36.0402 4384 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:23:36.0402 4384 MpFilter - ok
18:23:36.0449 4384 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:23:36.0449 4384 mpio - ok
18:23:36.0480 4384 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:23:36.0480 4384 mpsdrv - ok
18:23:36.0605 4384 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:23:36.0620 4384 MpsSvc - ok
18:23:36.0667 4384 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:23:36.0667 4384 MRxDAV - ok
18:23:36.0698 4384 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:23:36.0698 4384 mrxsmb - ok
18:23:36.0792 4384 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:23:36.0792 4384 mrxsmb10 - ok
18:23:36.0839 4384 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:23:36.0839 4384 mrxsmb20 - ok
18:23:36.0870 4384 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:23:36.0870 4384 msahci - ok
18:23:36.0964 4384 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:23:36.0964 4384 msdsm - ok
18:23:37.0042 4384 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:23:37.0042 4384 MSDTC - ok
18:23:37.0088 4384 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:23:37.0088 4384 Msfs - ok
18:23:37.0120 4384 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:23:37.0120 4384 mshidkmdf - ok
18:23:37.0135 4384 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:23:37.0135 4384 msisadrv - ok
18:23:37.0244 4384 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:23:37.0244 4384 MSiSCSI - ok
18:23:37.0260 4384 msiserver - ok
18:23:37.0322 4384 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:23:37.0338 4384 MSKSSRV - ok
18:23:37.0416 4384 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:23:37.0416 4384 MsMpSvc - ok
18:23:37.0447 4384 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:23:37.0447 4384 MSPCLOCK - ok
18:23:37.0463 4384 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:23:37.0463 4384 MSPQM - ok
18:23:37.0494 4384 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:23:37.0494 4384 MsRPC - ok
18:23:37.0525 4384 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:23:37.0525 4384 mssmbios - ok
18:23:37.0556 4384 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:23:37.0572 4384 MSTEE - ok
18:23:37.0572 4384 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:23:37.0588 4384 MTConfig - ok
18:23:37.0619 4384 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
18:23:37.0619 4384 MTsensor - ok
18:23:37.0650 4384 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:23:37.0650 4384 Mup - ok
18:23:37.0681 4384 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:23:37.0681 4384 napagent - ok
18:23:37.0728 4384 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:23:37.0744 4384 NativeWifiP - ok
18:23:37.0775 4384 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:23:37.0790 4384 NDIS - ok
18:23:37.0806 4384 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:23:37.0806 4384 NdisCap - ok
18:23:37.0837 4384 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:23:37.0837 4384 NdisTapi - ok
18:23:37.0853 4384 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:23:37.0868 4384 Ndisuio - ok
18:23:37.0884 4384 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:23:37.0884 4384 NdisWan - ok
18:23:37.0915 4384 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:23:37.0915 4384 NDProxy - ok
18:23:37.0931 4384 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:23:37.0931 4384 NetBIOS - ok
18:23:37.0962 4384 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:23:37.0962 4384 NetBT - ok
18:23:37.0978 4384 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:23:37.0978 4384 Netlogon - ok
18:23:38.0009 4384 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:23:38.0024 4384 Netman - ok
18:23:38.0040 4384 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:23:38.0056 4384 netprofm - ok
18:23:38.0071 4384 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:23:38.0071 4384 NetTcpPortSharing - ok
18:23:38.0102 4384 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:23:38.0102 4384 nfrd960 - ok
18:23:38.0149 4384 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:23:38.0149 4384 NisDrv - ok
18:23:38.0180 4384 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
18:23:38.0180 4384 NisSrv - ok
18:23:38.0212 4384 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:23:38.0212 4384 NlaSvc - ok
18:23:38.0243 4384 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:23:38.0243 4384 Npfs - ok
18:23:38.0274 4384 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:23:38.0274 4384 nsi - ok
18:23:38.0290 4384 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:23:38.0290 4384 nsiproxy - ok
18:23:38.0399 4384 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:23:38.0430 4384 Ntfs - ok
18:23:38.0461 4384 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:23:38.0461 4384 Null - ok
18:23:38.0524 4384 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:23:38.0524 4384 nvraid - ok
18:23:38.0555 4384 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:23:38.0555 4384 nvstor - ok
18:23:38.0586 4384 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:23:38.0586 4384 nv_agp - ok
18:23:38.0617 4384 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:23:38.0617 4384 ohci1394 - ok
18:23:38.0648 4384 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:23:38.0648 4384 p2pimsvc - ok
18:23:38.0680 4384 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:23:38.0695 4384 p2psvc - ok
18:23:38.0726 4384 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:23:38.0726 4384 Parport - ok
18:23:38.0742 4384 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:23:38.0758 4384 partmgr - ok
18:23:38.0773 4384 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:23:38.0789 4384 PcaSvc - ok
18:23:38.0804 4384 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:23:38.0804 4384 pci - ok
18:23:38.0836 4384 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:23:38.0836 4384 pciide - ok
18:23:38.0867 4384 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:23:38.0867 4384 pcmcia - ok
18:23:38.0882 4384 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:23:38.0882 4384 pcw - ok
18:23:38.0914 4384 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:23:38.0929 4384 PEAUTH - ok
18:23:38.0992 4384 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:23:39.0007 4384 PerfHost - ok
18:23:39.0054 4384 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:23:39.0085 4384 pla - ok
18:23:39.0101 4384 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:23:39.0116 4384 PlugPlay - ok
18:23:39.0210 4384 [ E9605A180001A6B5551112D91DE92CA1 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
18:23:39.0241 4384 PMBDeviceInfoProvider - ok
18:23:39.0272 4384 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:23:39.0272 4384 PNRPAutoReg - ok
18:23:39.0304 4384 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:23:39.0319 4384 PNRPsvc - ok
18:23:39.0350 4384 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
18:23:39.0350 4384 Point64 - ok
18:23:39.0382 4384 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:23:39.0382 4384 PolicyAgent - ok
18:23:39.0428 4384 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:23:39.0428 4384 Power - ok
18:23:39.0444 4384 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:23:39.0444 4384 PptpMiniport - ok
18:23:39.0475 4384 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:23:39.0475 4384 Processor - ok
18:23:39.0506 4384 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:23:39.0522 4384 ProfSvc - ok
18:23:39.0522 4384 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:23:39.0522 4384 ProtectedStorage - ok
18:23:39.0553 4384 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:23:39.0553 4384 Psched - ok
18:23:39.0600 4384 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:23:39.0616 4384 ql2300 - ok
18:23:39.0647 4384 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:23:39.0662 4384 ql40xx - ok
18:23:39.0678 4384 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:23:39.0694 4384 QWAVE - ok
18:23:39.0709 4384 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:23:39.0709 4384 QWAVEdrv - ok
18:23:39.0725 4384 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:23:39.0725 4384 RasAcd - ok
18:23:39.0756 4384 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:23:39.0756 4384 RasAgileVpn - ok
18:23:39.0772 4384 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:23:39.0787 4384 RasAuto - ok
18:23:39.0803 4384 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:23:39.0803 4384 Rasl2tp - ok
18:23:39.0834 4384 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:23:39.0834 4384 RasMan - ok
18:23:39.0850 4384 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:23:39.0850 4384 RasPppoe - ok
18:23:39.0881 4384 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:23:39.0881 4384 RasSstp - ok
18:23:39.0912 4384 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:23:39.0912 4384 rdbss - ok
18:23:39.0943 4384 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:23:39.0943 4384 rdpbus - ok
18:23:39.0959 4384 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:23:39.0959 4384 RDPCDD - ok
18:23:39.0974 4384 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:23:39.0974 4384 RDPENCDD - ok
18:23:40.0006 4384 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:23:40.0006 4384 RDPREFMP - ok
18:23:40.0037 4384 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:23:40.0037 4384 RDPWD - ok
18:23:40.0084 4384 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:23:40.0084 4384 rdyboost - ok
18:23:40.0099 4384 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:23:40.0099 4384 RemoteAccess - ok
18:23:40.0146 4384 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:23:40.0146 4384 RemoteRegistry - ok
18:23:40.0177 4384 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:23:40.0177 4384 RpcEptMapper - ok
18:23:40.0208 4384 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:23:40.0208 4384 RpcLocator - ok
18:23:40.0240 4384 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
18:23:40.0240 4384 RpcSs - ok
18:23:40.0286 4384 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:23:40.0286 4384 rspndr - ok
18:23:40.0302 4384 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:23:40.0302 4384 SamSs - ok
18:23:40.0333 4384 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:23:40.0333 4384 sbp2port - ok
18:23:40.0364 4384 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:23:40.0364 4384 SCardSvr - ok
18:23:40.0396 4384 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:23:40.0411 4384 scfilter - ok
18:23:40.0442 4384 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:23:40.0458 4384 Schedule - ok
18:23:40.0505 4384 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:23:40.0505 4384 SCPolicySvc - ok
18:23:40.0536 4384 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
18:23:40.0536 4384 sdbus - ok
18:23:40.0552 4384 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:23:40.0567 4384 SDRSVC - ok
18:23:40.0598 4384 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:23:40.0598 4384 secdrv - ok
18:23:40.0614 4384 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:23:40.0614 4384 seclogon - ok
18:23:40.0630 4384 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
18:23:40.0630 4384 SENS - ok
18:23:40.0661 4384 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:23:40.0661 4384 SensrSvc - ok
18:23:40.0692 4384 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:23:40.0692 4384 Serenum - ok
18:23:40.0723 4384 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:23:40.0723 4384 Serial - ok
18:23:40.0739 4384 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:23:40.0754 4384 sermouse - ok
18:23:40.0786 4384 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:23:40.0786 4384 SessionEnv - ok
18:23:40.0817 4384 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:23:40.0817 4384 sffdisk - ok
18:23:40.0832 4384 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:23:40.0832 4384 sffp_mmc - ok
18:23:40.0848 4384 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:23:40.0848 4384 sffp_sd - ok
18:23:40.0879 4384 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:23:40.0879 4384 sfloppy - ok
18:23:40.0910 4384 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:23:40.0910 4384 SharedAccess - ok
18:23:40.0942 4384 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:23:40.0942 4384 ShellHWDetection - ok
18:23:40.0973 4384 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
18:23:40.0973 4384 SiSGbeLH - ok
18:23:40.0988 4384 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:23:40.0988 4384 SiSRaid2 - ok
18:23:41.0020 4384 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:23:41.0020 4384 SiSRaid4 - ok
18:23:41.0082 4384 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:23:41.0082 4384 SkypeUpdate - ok
18:23:41.0113 4384 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:23:41.0113 4384 Smb - ok
18:23:41.0144 4384 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:23:41.0144 4384 SNMPTRAP - ok
18:23:41.0207 4384 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
18:23:41.0222 4384 SNP2UVC - ok
18:23:41.0254 4384 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
18:23:41.0285 4384 speedfan - ok
18:23:41.0316 4384 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:23:41.0316 4384 spldr - ok
18:23:41.0347 4384 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:23:41.0347 4384 Spooler - ok
18:23:41.0441 4384 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:23:41.0488 4384 sppsvc - ok
18:23:41.0503 4384 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:23:41.0503 4384 sppuinotify - ok
18:23:41.0550 4384 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:23:41.0550 4384 srv - ok
18:23:41.0566 4384 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:23:41.0566 4384 srv2 - ok
18:23:41.0581 4384 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:23:41.0597 4384 srvnet - ok
18:23:41.0628 4384 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:23:41.0628 4384 SSDPSRV - ok
18:23:41.0644 4384 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:23:41.0644 4384 SstpSvc - ok
18:23:41.0675 4384 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:23:41.0675 4384 stexstor - ok
18:23:41.0722 4384 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:23:41.0722 4384 stisvc - ok
18:23:41.0753 4384 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:23:41.0753 4384 swenum - ok
18:23:41.0784 4384 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:23:41.0800 4384 swprv - ok
18:23:41.0846 4384 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:23:41.0878 4384 SysMain - ok
18:23:41.0909 4384 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:23:41.0909 4384 TabletInputService - ok
18:23:41.0940 4384 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:23:41.0956 4384 TapiSrv - ok
18:23:41.0971 4384 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:23:41.0987 4384 TBS - ok
18:23:42.0034 4384 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:23:42.0065 4384 Tcpip - ok
18:23:42.0112 4384 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:23:42.0127 4384 TCPIP6 - ok
18:23:42.0143 4384 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:23:42.0143 4384 tcpipreg - ok
18:23:42.0174 4384 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:23:42.0174 4384 TDPIPE - ok
18:23:42.0205 4384 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:23:42.0205 4384 TDTCP - ok
18:23:42.0236 4384 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:23:42.0236 4384 tdx - ok
18:23:42.0252 4384 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:23:42.0252 4384 TermDD - ok
18:23:42.0283 4384 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:23:42.0299 4384 TermService - ok
18:23:42.0314 4384 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:23:42.0330 4384 Themes - ok
18:23:42.0330 4384 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:23:42.0346 4384 THREADORDER - ok
18:23:42.0377 4384 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:23:42.0377 4384 TrkWks - ok
18:23:42.0424 4384 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:23:42.0424 4384 TrustedInstaller - ok
18:23:42.0486 4384 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:23:42.0486 4384 tssecsrv - ok
18:23:42.0517 4384 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:23:42.0533 4384 TsUsbFlt - ok
18:23:42.0564 4384 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:23:42.0564 4384 tunnel - ok
18:23:42.0595 4384 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:23:42.0595 4384 uagp35 - ok
18:23:42.0626 4384 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:23:42.0626 4384 udfs - ok
18:23:42.0658 4384 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:23:42.0658 4384 UI0Detect - ok
18:23:42.0689 4384 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:23:42.0689 4384 uliagpkx - ok
18:23:42.0704 4384 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:23:42.0704 4384 umbus - ok
18:23:42.0736 4384 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:23:42.0736 4384 UmPass - ok
18:23:42.0751 4384 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:23:42.0767 4384 upnphost - ok
18:23:42.0798 4384 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:23:42.0798 4384 USBAAPL64 - ok
18:23:42.0814 4384 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:23:42.0829 4384 usbccgp - ok
18:23:42.0860 4384 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:23:42.0860 4384 usbcir - ok
18:23:42.0876 4384 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:23:42.0876 4384 usbehci - ok
18:23:42.0923 4384 [ DC2B306861F42EEEB92EF525F4119F08 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
18:23:42.0923 4384 usbfilter - ok
18:23:42.0938 4384 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:23:42.0954 4384 usbhub - ok
18:23:42.0985 4384 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:23:42.0985 4384 usbohci - ok
18:23:43.0016 4384 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:23:43.0016 4384 usbprint - ok
18:23:43.0032 4384 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:23:43.0048 4384 usbscan - ok
18:23:43.0063 4384 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
18:23:43.0063 4384 USBSTOR - ok
18:23:43.0110 4384 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:23:43.0126 4384 usbuhci - ok
18:23:43.0204 4384 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:23:43.0204 4384 usbvideo - ok
18:23:43.0235 4384 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:23:43.0235 4384 UxSms - ok
18:23:43.0250 4384 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:23:43.0250 4384 VaultSvc - ok
18:23:43.0282 4384 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:23:43.0282 4384 vdrvroot - ok
18:23:43.0360 4384 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:23:43.0360 4384 vds - ok
18:23:43.0406 4384 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:23:43.0406 4384 vga - ok
18:23:43.0422 4384 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:23:43.0422 4384 VgaSave - ok
18:23:43.0453 4384 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:23:43.0453 4384 vhdmp - ok
18:23:43.0484 4384 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:23:43.0484 4384 viaide - ok
18:23:43.0500 4384 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:23:43.0500 4384 volmgr - ok
18:23:43.0531 4384 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:23:43.0531 4384 volmgrx - ok
18:23:43.0562 4384 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:23:43.0562 4384 volsnap - ok
18:23:43.0594 4384 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:23:43.0594 4384 vsmraid - ok
18:23:43.0656 4384 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:23:43.0672 4384 VSS - ok
18:23:43.0687 4384 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:23:43.0687 4384 vwifibus - ok
18:23:43.0703 4384 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:23:43.0718 4384 vwififlt - ok
18:23:43.0750 4384 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:23:43.0750 4384 W32Time - ok
18:23:43.0765 4384 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:23:43.0781 4384 WacomPen - ok
18:23:43.0812 4384 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:23:43.0812 4384 WANARP - ok
18:23:43.0828 4384 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:23:43.0828 4384 Wanarpv6 - ok
18:23:43.0890 4384 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:23:43.0906 4384 WatAdminSvc - ok
18:23:43.0952 4384 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:23:43.0968 4384 wbengine - ok
18:23:43.0999 4384 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:23:44.0015 4384 WbioSrvc - ok
18:23:44.0046 4384 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:23:44.0062 4384 wcncsvc - ok
18:23:44.0077 4384 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:23:44.0077 4384 WcsPlugInService - ok
18:23:44.0093 4384 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:23:44.0108 4384 Wd - ok
18:23:44.0140 4384 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:23:44.0155 4384 Wdf01000 - ok
18:23:44.0171 4384 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:23:44.0186 4384 WdiServiceHost - ok
18:23:44.0186 4384 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:23:44.0186 4384 WdiSystemHost - ok
18:23:44.0218 4384 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:23:44.0233 4384 WebClient - ok
18:23:44.0249 4384 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:23:44.0264 4384 Wecsvc - ok
18:23:44.0264 4384 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:23:44.0280 4384 wercplsupport - ok
18:23:44.0311 4384 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:23:44.0327 4384 WerSvc - ok
18:23:44.0358 4384 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:23:44.0358 4384 WfpLwf - ok
18:23:44.0389 4384 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
18:23:44.0389 4384 WimFltr - ok
18:23:44.0405 4384 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:23:44.0405 4384 WIMMount - ok
18:23:44.0420 4384 WinDefend - ok
18:23:44.0436 4384 WinHttpAutoProxySvc - ok
18:23:44.0498 4384 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:23:44.0498 4384 Winmgmt - ok
18:23:44.0561 4384 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:23:44.0592 4384 WinRM - ok
18:23:44.0639 4384 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:23:44.0654 4384 Wlansvc - ok
18:23:44.0764 4384 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:23:44.0795 4384 wlidsvc - ok
18:23:44.0810 4384 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:23:44.0810 4384 WmiAcpi - ok
18:23:44.0842 4384 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:23:44.0842 4384 wmiApSrv - ok
18:23:44.0873 4384 WMPNetworkSvc - ok
18:23:44.0888 4384 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:23:44.0888 4384 WPCSvc - ok
18:23:44.0920 4384 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:23:44.0920 4384 WPDBusEnum - ok
18:23:44.0935 4384 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:23:44.0935 4384 ws2ifsl - ok
18:23:44.0966 4384 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
18:23:44.0966 4384 wscsvc - ok
18:23:44.0982 4384 WSearch - ok
18:23:45.0076 4384 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:23:45.0107 4384 wuauserv - ok
18:23:45.0122 4384 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:23:45.0122 4384 WudfPf - ok
18:23:45.0154 4384 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:23:45.0154 4384 WUDFRd - ok
18:23:45.0169 4384 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:23:45.0185 4384 wudfsvc - ok
18:23:45.0216 4384 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:23:45.0216 4384 WwanSvc - ok
18:23:45.0247 4384 ================ Scan global ===============================
18:23:45.0263 4384 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:23:45.0278 4384 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
18:23:45.0294 4384 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
18:23:45.0325 4384 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:23:45.0403 4384 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:23:45.0403 4384 [Global] - ok
18:23:45.0403 4384 ================ Scan MBR ==================================
18:23:45.0419 4384 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:23:45.0762 4384 \Device\Harddisk0\DR0 - ok
18:23:45.0762 4384 ================ Scan VBR ==================================
18:23:45.0762 4384 [ 04298966B171CBAB62BB40BC5206F979 ] \Device\Harddisk0\DR0\Partition1
18:23:45.0762 4384 \Device\Harddisk0\DR0\Partition1 - ok
18:23:45.0793 4384 [ 7122FC2799536B882C390058CC3815FF ] \Device\Harddisk0\DR0\Partition2
18:23:45.0793 4384 \Device\Harddisk0\DR0\Partition2 - ok
18:23:45.0793 4384 ================ Scan active images ========================
18:23:45.0793 4384 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
18:23:45.0793 4384 C:\Windows\System32\drivers\crashdmp.sys - ok
18:23:45.0809 4384 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] C:\Windows\System32\drivers\amd_sata.sys
18:23:45.0809 4384 C:\Windows\System32\drivers\amd_sata.sys - ok
18:23:45.0824 4384 [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
18:23:45.0824 4384 C:\Windows\System32\drivers\Diskdump.sys - ok
18:23:45.0824 4384 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
18:23:45.0824 4384 C:\Windows\System32\drivers\dumpfve.sys - ok
18:23:45.0840 4384 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
18:23:45.0840 4384 C:\Windows\System32\drivers\beep.sys - ok
18:23:45.0856 4384 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
18:23:45.0856 4384 C:\Windows\System32\drivers\cdrom.sys - ok
18:23:45.0871 4384 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
18:23:45.0871 4384 C:\Windows\System32\drivers\null.sys - ok
18:23:45.0871 4384 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
18:23:45.0871 4384 C:\Windows\System32\drivers\vga.sys - ok
18:23:45.0887 4384 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
18:23:45.0887 4384 C:\Windows\System32\drivers\videoprt.sys - ok
18:23:45.0902 4384 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
18:23:45.0902 4384 C:\Windows\System32\drivers\watchdog.sys - ok
18:23:45.0902 4384 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
18:23:45.0902 4384 C:\Windows\System32\drivers\RDPCDD.sys - ok
18:23:45.0918 4384 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
18:23:45.0918 4384 C:\Windows\System32\drivers\RDPENCDD.sys - ok
18:23:45.0934 4384 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
18:23:45.0934 4384 C:\Windows\System32\drivers\msfs.sys - ok
18:23:45.0934 4384 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
18:23:45.0934 4384 C:\Windows\System32\drivers\npfs.sys - ok
18:23:45.0949 4384 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
18:23:45.0949 4384 C:\Windows\System32\drivers\RDPREFMP.sys - ok
18:23:45.0965 4384 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
18:23:45.0965 4384 C:\Windows\System32\drivers\tdi.sys - ok
18:23:45.0980 4384 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
18:23:45.0980 4384 C:\Windows\System32\drivers\tdx.sys - ok
18:23:45.0980 4384 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
18:23:45.0980 4384 C:\Windows\System32\drivers\afd.sys - ok
18:23:45.0996 4384 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
18:23:45.0996 4384 C:\Windows\System32\drivers\netbt.sys - ok
18:23:46.0012 4384 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
18:23:46.0012 4384 C:\Windows\System32\drivers\wfplwf.sys - ok
18:23:46.0012 4384 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
18:23:46.0027 4384 C:\Windows\System32\drivers\ws2ifsl.sys - ok
18:23:46.0027 4384 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
18:23:46.0027 4384 C:\Windows\System32\drivers\pacer.sys - ok
18:23:46.0043 4384 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
18:23:46.0043 4384 C:\Windows\System32\drivers\vwififlt.sys - ok
18:23:46.0043 4384 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
18:23:46.0043 4384 C:\Windows\System32\drivers\netbios.sys - ok
18:23:46.0058 4384 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
18:23:46.0058 4384 C:\Windows\System32\drivers\wanarp.sys - ok
18:23:46.0058 4384 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
18:23:46.0058 4384 C:\Windows\System32\drivers\termdd.sys - ok
18:23:46.0074 4384 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
18:23:46.0074 4384 C:\Windows\System32\drivers\mssmbios.sys - ok
18:23:46.0074 4384 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
18:23:46.0074 4384 C:\Windows\System32\drivers\nsiproxy.sys - ok
18:23:46.0090 4384 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
18:23:46.0090 4384 C:\Windows\System32\drivers\rdbss.sys - ok
18:23:46.0090 4384 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
18:23:46.0090 4384 C:\Windows\System32\drivers\discache.sys - ok
18:23:46.0105 4384 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
18:23:46.0105 4384 C:\Windows\System32\drivers\dfsc.sys - ok
18:23:46.0105 4384 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
18:23:46.0105 4384 C:\Windows\System32\drivers\blbdrive.sys - ok
18:23:46.0121 4384 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
18:23:46.0121 4384 C:\Windows\System32\drivers\tunnel.sys - ok
18:23:46.0121 4384 [ 18F03BE6118BA9D8A9DC0B98997DC98E ] C:\Windows\System32\drivers\atikmpag.sys
18:23:46.0121 4384 C:\Windows\System32\drivers\atikmpag.sys - ok
18:23:46.0136 4384 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
18:23:46.0136 4384 C:\Windows\System32\ntdll.dll - ok
18:23:46.0136 4384 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
18:23:46.0136 4384 C:\Windows\System32\smss.exe - ok
18:23:46.0152 4384 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
18:23:46.0152 4384 C:\Windows\System32\autochk.exe - ok
18:23:46.0152 4384 [ B64724CA6C9F3D8325F0F1A02C6ADFAF ] C:\Windows\System32\drivers\atikmdag.sys
18:23:46.0152 4384 C:\Windows\System32\drivers\atikmdag.sys - ok
18:23:46.0168 4384 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
18:23:46.0168 4384 C:\Windows\System32\drivers\dxgkrnl.sys - ok
18:23:46.0168 4384 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
18:23:46.0168 4384 C:\Windows\System32\drivers\dxgmms1.sys - ok
18:23:46.0183 4384 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
18:23:46.0183 4384 C:\Windows\System32\drivers\hdaudbus.sys - ok
18:23:46.0183 4384 [ A5E770426D18F8EF332A593F3289DA91 ] C:\Windows\System32\drivers\athrx.sys
18:23:46.0183 4384 C:\Windows\System32\drivers\athrx.sys - ok
18:23:46.0199 4384 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
18:23:46.0199 4384 C:\Windows\System32\drivers\vwifibus.sys - ok
18:23:46.0199 4384 [ DB917B998CBC15A153C00DD6EFC34C13 ] C:\Windows\System32\drivers\jmcr.sys
18:23:46.0199 4384 C:\Windows\System32\drivers\jmcr.sys - ok
18:23:46.0214 4384 [ 8ADAAFCD2B8C259DEBF6C8DFD9727889 ] C:\Windows\System32\drivers\JME.sys
18:23:46.0214 4384 C:\Windows\System32\drivers\JME.sys - ok
18:23:46.0214 4384 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
18:23:46.0214 4384 C:\Windows\System32\drivers\scsiport.sys - ok
18:23:46.0230 4384 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
18:23:46.0230 4384 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
18:23:46.0246 4384 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
18:23:46.0246 4384 C:\Windows\System32\drivers\usbohci.sys - ok
18:23:46.0246 4384 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
18:23:46.0246 4384 C:\Windows\System32\drivers\usbport.sys - ok
18:23:46.0261 4384 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
18:23:46.0261 4384 C:\Windows\System32\drivers\i8042prt.sys - ok
18:23:46.0261 4384 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
18:23:46.0261 4384 C:\Windows\System32\drivers\usbehci.sys - ok
18:23:46.0277 4384 [ DC2B306861F42EEEB92EF525F4119F08 ] C:\Windows\System32\drivers\usbfilter.sys
18:23:46.0277 4384 C:\Windows\System32\drivers\usbfilter.sys - ok
18:23:46.0277 4384 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] C:\Windows\System32\drivers\ETD.sys
18:23:46.0277 4384 C:\Windows\System32\drivers\ETD.sys - ok
18:23:46.0292 4384 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
18:23:46.0292 4384 C:\Windows\System32\drivers\mouclass.sys - ok
18:23:46.0292 4384 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
18:23:46.0292 4384 C:\Windows\System32\drivers\CmBatt.sys - ok
18:23:46.0308 4384 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
18:23:46.0308 4384 C:\Windows\System32\drivers\kbdclass.sys - ok
18:23:46.0308 4384 [ E63EF8C3271D014F14E2469CE75FECB4 ] C:\Windows\System32\drivers\kbfiltr.sys
18:23:46.0308 4384 C:\Windows\System32\drivers\kbfiltr.sys - ok
18:23:46.0324 4384 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
18:23:46.0324 4384 C:\Windows\System32\drivers\amdppm.sys - ok
18:23:46.0324 4384 [ 032D35C996F21D19A205A7C8F0B76F3C ] C:\Windows\System32\drivers\ATK64AMD.sys
18:23:46.0324 4384 C:\Windows\System32\drivers\ATK64AMD.sys - ok
18:23:46.0339 4384 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
18:23:46.0339 4384 C:\Windows\System32\drivers\CompositeBus.sys - ok
18:23:46.0339 4384 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
18:23:46.0339 4384 C:\Windows\System32\drivers\agilevpn.sys - ok
18:23:46.0355 4384 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
18:23:46.0355 4384 C:\Windows\System32\drivers\rasl2tp.sys - ok
18:23:46.0355 4384 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
18:23:46.0355 4384 C:\Windows\System32\drivers\ndistapi.sys - ok
18:23:46.0370 4384 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
18:23:46.0370 4384 C:\Windows\System32\drivers\ndiswan.sys - ok
18:23:46.0370 4384 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
18:23:46.0370 4384 C:\Windows\System32\drivers\raspppoe.sys - ok
18:23:46.0386 4384 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
18:23:46.0386 4384 C:\Windows\System32\drivers\raspptp.sys - ok
18:23:46.0386 4384 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
18:23:46.0386 4384 C:\Windows\System32\drivers\rassstp.sys - ok
18:23:46.0402 4384 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
18:23:46.0402 4384 C:\Windows\System32\drivers\ks.sys - ok
18:23:46.0402 4384 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
18:23:46.0402 4384 C:\Windows\System32\drivers\swenum.sys - ok
18:23:46.0417 4384 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
18:23:46.0417 4384 C:\Windows\System32\drivers\umbus.sys - ok
18:23:46.0417 4384 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
18:23:46.0417 4384 C:\Windows\System32\iertutil.dll - ok
18:23:46.0433 4384 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
18:23:46.0448 4384 C:\Windows\System32\drivers\usbhub.sys - ok
18:23:46.0464 4384 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
18:23:46.0464 4384 C:\Windows\System32\urlmon.dll - ok
18:23:46.0464 4384 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
18:23:46.0464 4384 C:\Windows\System32\gdi32.dll - ok
18:23:46.0480 4384 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
18:23:46.0480 4384 C:\Windows\System32\normaliz.dll - ok
18:23:46.0480 4384 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
18:23:46.0480 4384 C:\Windows\System32\msctf.dll - ok
18:23:46.0495 4384 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
18:23:46.0495 4384 C:\Windows\System32\ole32.dll - ok
18:23:46.0495 4384 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
18:23:46.0495 4384 C:\Windows\System32\drivers\ndproxy.sys - ok
18:23:46.0511 4384 [ E02B26650ACC2F4901342D4A66774AD7 ] C:\Windows\System32\drivers\AtihdW76.sys
18:23:46.0511 4384 C:\Windows\System32\drivers\AtihdW76.sys - ok
18:23:46.0511 4384 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
18:23:46.0511 4384 C:\Windows\System32\drivers\drmk.sys - ok
18:23:46.0526 4384 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
18:23:46.0526 4384 C:\Windows\System32\drivers\portcls.sys - ok
18:23:46.0526 4384 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
18:23:46.0526 4384 C:\Windows\System32\drivers\ksthunk.sys - ok
18:23:46.0542 4384 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
18:23:46.0542 4384 C:\Windows\System32\ws2_32.dll - ok
18:23:46.0542 4384 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
18:23:46.0542 4384 C:\Windows\System32\psapi.dll - ok
18:23:46.0558 4384 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
18:23:46.0558 4384 C:\Windows\System32\wininet.dll - ok
18:23:46.0558 4384 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
18:23:46.0558 4384 C:\Windows\System32\kernel32.dll - ok
18:23:46.0573 4384 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
18:23:46.0573 4384 C:\Windows\System32\comdlg32.dll - ok
18:23:46.0573 4384 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
18:23:46.0573 4384 C:\Windows\System32\sechost.dll - ok
18:23:46.0589 4384 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
18:23:46.0589 4384 C:\Windows\System32\Wldap32.dll - ok
18:23:46.0589 4384 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
18:23:46.0589 4384 C:\Windows\System32\clbcatq.dll - ok
18:23:46.0604 4384 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
18:23:46.0604 4384 C:\Windows\System32\msvcrt.dll - ok
18:23:46.0604 4384 [ 6E4CCB3AFF07E2B9F2A937385C84B573 ] C:\Windows\System32\drivers\RTKVHD64.sys
18:23:46.0604 4384 C:\Windows\System32\drivers\RTKVHD64.sys - ok
18:23:46.0620 4384 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
18:23:46.0620 4384 C:\Windows\System32\shell32.dll - ok
18:23:46.0620 4384 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
18:23:46.0620 4384 C:\Windows\System32\nsi.dll - ok
18:23:46.0636 4384 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
18:23:46.0636 4384 C:\Windows\System32\user32.dll - ok
18:23:46.0636 4384 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
18:23:46.0636 4384 C:\Windows\System32\lpk.dll - ok
18:23:46.0651 4384 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
18:23:46.0651 4384 C:\Windows\System32\shlwapi.dll - ok
18:23:46.0651 4384 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
18:23:46.0651 4384 C:\Windows\System32\usp10.dll - ok
18:23:46.0667 4384 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
18:23:46.0667 4384 C:\Windows\System32\imagehlp.dll - ok
18:23:46.0667 4384 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
18:23:46.0667 4384 C:\Windows\System32\oleaut32.dll - ok
18:23:46.0682 4384 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
18:23:46.0682 4384 C:\Windows\System32\rpcrt4.dll - ok
18:23:46.0682 4384 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
18:23:46.0682 4384 C:\Windows\System32\setupapi.dll - ok
18:23:46.0698 4384 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
18:23:46.0698 4384 C:\Windows\System32\advapi32.dll - ok
18:23:46.0698 4384 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
18:23:46.0698 4384 C:\Windows\System32\imm32.dll - ok
18:23:46.0714 4384 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
18:23:46.0714 4384 C:\Windows\System32\difxapi.dll - ok
18:23:46.0714 4384 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
18:23:46.0714 4384 C:\Windows\System32\comctl32.dll - ok
18:23:46.0729 4384 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
18:23:46.0729 4384 C:\Windows\System32\cfgmgr32.dll - ok
18:23:46.0729 4384 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
18:23:46.0729 4384 C:\Windows\System32\crypt32.dll - ok
18:23:46.0745 4384 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
18:23:46.0745 4384 C:\Windows\System32\drivers\usbccgp.sys - ok
18:23:46.0745 4384 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
18:23:46.0745 4384 C:\Windows\System32\drivers\usbd.sys - ok
18:23:46.0760 4384 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
18:23:46.0760 4384 C:\Windows\System32\KernelBase.dll - ok
18:23:46.0760 4384 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
18:23:46.0760 4384 C:\Windows\System32\wintrust.dll - ok
18:23:46.0776 4384 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
18:23:46.0776 4384 C:\Windows\System32\devobj.dll - ok
18:23:46.0776 4384 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
18:23:46.0776 4384 C:\Windows\System32\msasn1.dll - ok
18:23:46.0792 4384 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
18:23:46.0792 4384 C:\Windows\SysWOW64\normaliz.dll - ok
18:23:46.0792 4384 [ 1CA90212A99DB6975C344826D11055C9 ] C:\Windows\System32\drivers\dc3d.sys
18:23:46.0792 4384 C:\Windows\System32\drivers\dc3d.sys - ok
18:23:46.0807 4384 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
18:23:46.0807 4384 C:\Windows\System32\drivers\hidparse.sys - ok
18:23:46.0807 4384 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
18:23:46.0807 4384 C:\Windows\System32\drivers\hidclass.sys - ok
18:23:46.0823 4384 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
18:23:46.0823 4384 C:\Windows\System32\drivers\hidusb.sys - ok
18:23:46.0823 4384 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
18:23:46.0823 4384 C:\Windows\System32\drivers\dxapi.sys - ok
18:23:46.0838 4384 [ 523B9B64F2B6C630A2E0A87116C05F12 ] C:\Windows\System32\win32k.sys
18:23:46.0838 4384 C:\Windows\System32\win32k.sys - ok
18:23:46.0838 4384 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
18:23:46.0838 4384 C:\Windows\System32\drivers\kbdhid.sys - ok
18:23:46.0854 4384 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
18:23:46.0854 4384 C:\Windows\System32\drivers\mouhid.sys - ok
18:23:46.0854 4384 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
18:23:46.0854 4384 C:\Windows\System32\basesrv.dll - ok
18:23:46.0870 4384 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
18:23:46.0870 4384 C:\Windows\System32\csrsrv.dll - ok
18:23:46.0870 4384 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
18:23:46.0870 4384 C:\Windows\System32\csrss.exe - ok
18:23:46.0885 4384 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] C:\Windows\System32\drivers\point64.sys
18:23:46.0885 4384 C:\Windows\System32\drivers\point64.sys - ok
18:23:46.0885 4384 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\System32\winsrv.dll
18:23:46.0885 4384 C:\Windows\System32\winsrv.dll - ok
18:23:46.0901 4384 [ 001CC10FA5E71AE1119115E126C8750D ] C:\Windows\System32\drivers\stream.sys
18:23:46.0901 4384 C:\Windows\System32\drivers\stream.sys - ok
18:23:46.0901 4384 [ 19D8F6FF8344C47872BA351D04A190DD ] C:\Windows\System32\drivers\sncduvc.sys
18:23:46.0901 4384 C:\Windows\System32\drivers\sncduvc.sys - ok
18:23:46.0916 4384 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] C:\Windows\System32\drivers\snp2uvc.sys
18:23:46.0916 4384 C:\Windows\System32\drivers\snp2uvc.sys - ok
18:23:46.0932 4384 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
18:23:46.0932 4384 C:\Windows\System32\drivers\monitor.sys - ok
18:23:46.0932 4384 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
18:23:46.0932 4384 C:\Windows\System32\sxssrv.dll - ok
18:23:46.0932 4384 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
18:23:46.0932 4384 C:\Windows\System32\tsddd.dll - ok
18:23:46.0948 4384 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
18:23:46.0948 4384 C:\Windows\System32\wininit.exe - ok
18:23:46.0948 4384 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
18:23:46.0948 4384 C:\Windows\System32\profapi.dll - ok
18:23:46.0963 4384 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
18:23:46.0963 4384 C:\Windows\System32\RpcRtRemote.dll - ok
18:23:46.0963 4384 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
18:23:46.0963 4384 C:\Windows\System32\cdd.dll - ok
18:23:46.0979 4384 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
18:23:46.0979 4384 C:\Windows\System32\KBDUS.DLL - ok
18:23:46.0979 4384 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
18:23:46.0979 4384 C:\Windows\System32\WlS0WndH.dll - ok
18:23:46.0994 4384 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
18:23:46.0994 4384 C:\Windows\System32\sxs.dll - ok
18:23:46.0994 4384 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
18:23:46.0994 4384 C:\Windows\System32\cryptbase.dll - ok
18:23:47.0010 4384 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
18:23:47.0010 4384 C:\Windows\System32\apphelp.dll - ok
18:23:47.0026 4384 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
18:23:47.0026 4384 C:\Windows\System32\services.exe - ok
18:23:47.0026 4384 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
18:23:47.0026 4384 C:\Windows\System32\lsasrv.dll - ok
18:23:47.0041 4384 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
18:23:47.0041 4384 C:\Windows\System32\lsass.exe - ok
18:23:47.0041 4384 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
18:23:47.0041 4384 C:\Windows\System32\lsm.exe - ok
18:23:47.0057 4384 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
18:23:47.0057 4384 C:\Windows\System32\sspicli.dll - ok
18:23:47.0057 4384 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
18:23:47.0057 4384 C:\Windows\System32\sspisrv.dll - ok
18:23:47.0072 4384 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
18:23:47.0072 4384 C:\Windows\System32\sysntfy.dll - ok
18:23:47.0072 4384 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
18:23:47.0072 4384 C:\Windows\System32\wmsgapi.dll - ok
18:23:47.0088 4384 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
18:23:47.0088 4384 C:\Windows\System32\scesrv.dll - ok
18:23:47.0088 4384 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
18:23:47.0088 4384 C:\Windows\System32\scext.dll - ok
18:23:47.0104 4384 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
18:23:47.0104 4384 C:\Windows\System32\secur32.dll - ok
18:23:47.0104 4384 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
18:23:47.0104 4384 C:\Windows\System32\samsrv.dll - ok
18:23:47.0119 4384 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
18:23:47.0119 4384 C:\Windows\System32\srvcli.dll - ok
18:23:47.0119 4384 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
18:23:47.0119 4384 C:\Windows\System32\cryptdll.dll - ok
18:23:47.0135 4384 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
18:23:47.0135 4384 C:\Windows\System32\wevtapi.dll - ok
18:23:47.0135 4384 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
18:23:47.0135 4384 C:\Windows\System32\cngaudit.dll - ok
18:23:47.0150 4384 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
18:23:47.0150 4384 C:\Windows\System32\authz.dll - ok
18:23:47.0150 4384 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
18:23:47.0150 4384 C:\Windows\System32\bcrypt.dll - ok
18:23:47.0166 4384 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
18:23:47.0166 4384 C:\Windows\System32\ncrypt.dll - ok
18:23:47.0166 4384 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
18:23:47.0166 4384 C:\Windows\System32\msprivs.dll - ok
18:23:47.0182 4384 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
18:23:47.0182 4384 C:\Windows\System32\netjoin.dll - ok
18:23:47.0182 4384 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
18:23:47.0182 4384 C:\Windows\System32\atmfd.dll - ok
18:23:47.0197 4384 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
18:23:47.0197 4384 C:\Windows\System32\negoexts.dll - ok
18:23:47.0197 4384 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
18:23:47.0197 4384 C:\Windows\System32\kerberos.dll - ok
18:23:47.0197 4384 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
18:23:47.0197 4384 C:\Windows\System32\cryptsp.dll - ok
18:23:47.0213 4384 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
18:23:47.0213 4384 C:\Windows\System32\mswsock.dll - ok
18:23:47.0213 4384 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
18:23:47.0213 4384 C:\Windows\System32\msv1_0.dll - ok
18:23:47.0228 4384 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
18:23:47.0228 4384 C:\Windows\System32\netlogon.dll - ok
18:23:47.0228 4384 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
18:23:47.0228 4384 C:\Windows\System32\wship6.dll - ok
18:23:47.0244 4384 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
18:23:47.0244 4384 C:\Windows\System32\dnsapi.dll - ok
18:23:47.0244 4384 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
18:23:47.0244 4384 C:\Windows\System32\logoncli.dll - ok
18:23:47.0260 4384 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
18:23:47.0260 4384 C:\Windows\System32\schannel.dll - ok
18:23:47.0260 4384 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
18:23:47.0260 4384 C:\Windows\System32\wdigest.dll - ok
18:23:47.0275 4384 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
18:23:47.0275 4384 C:\Windows\System32\rsaenh.dll - ok
18:23:47.0275 4384 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
18:23:47.0275 4384 C:\Windows\System32\TSpkg.dll - ok
Last edited by punkpal on February 13th, 2013, 7:52 pm, edited 1 time in total.
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm

Re: Browser does not go where I want it to

Unread postby punkpal » February 13th, 2013, 7:48 pm

18:23:47.0291 4384 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
18:23:47.0291 4384 C:\Windows\System32\pku2u.dll - ok
18:23:47.0291 4384 [ 94AA2DFFF94DF789AAA0081333A6CADA ] C:\Windows\System32\LIVESSP.DLL
18:23:47.0291 4384 C:\Windows\System32\LIVESSP.DLL - ok
18:23:47.0306 4384 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
18:23:47.0306 4384 C:\Windows\System32\bcryptprimitives.dll - ok
18:23:47.0306 4384 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
18:23:47.0306 4384 C:\Windows\System32\credssp.dll - ok
18:23:47.0322 4384 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
18:23:47.0322 4384 C:\Windows\System32\efslsaext.dll - ok
18:23:47.0322 4384 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
18:23:47.0322 4384 C:\Windows\System32\scecli.dll - ok
18:23:47.0338 4384 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
18:23:47.0338 4384 C:\Windows\System32\ubpm.dll - ok
18:23:47.0338 4384 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
18:23:47.0338 4384 C:\Windows\System32\svchost.exe - ok
18:23:47.0353 4384 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
18:23:47.0353 4384 C:\Windows\System32\winsta.dll - ok
18:23:47.0353 4384 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
18:23:47.0353 4384 C:\Windows\System32\umpnpmgr.dll - ok
18:23:47.0369 4384 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
18:23:47.0369 4384 C:\Windows\System32\SPInf.dll - ok
18:23:47.0369 4384 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
18:23:47.0369 4384 C:\Windows\System32\devrtl.dll - ok
18:23:47.0384 4384 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
18:23:47.0384 4384 C:\Windows\System32\userenv.dll - ok
18:23:47.0384 4384 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
18:23:47.0384 4384 C:\Windows\System32\gpapi.dll - ok
18:23:47.0400 4384 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
18:23:47.0400 4384 C:\Windows\System32\pcwum.dll - ok
18:23:47.0400 4384 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
18:23:47.0400 4384 C:\Windows\System32\umpo.dll - ok
18:23:47.0416 4384 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
18:23:47.0416 4384 C:\Windows\System32\powrprof.dll - ok
18:23:47.0416 4384 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
18:23:47.0416 4384 C:\Windows\System32\drivers\WUDFPf.sys - ok
18:23:47.0431 4384 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
18:23:47.0431 4384 C:\Windows\System32\rpcss.dll - ok
18:23:47.0431 4384 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
18:23:47.0431 4384 C:\Windows\System32\RpcEpMap.dll - ok
18:23:47.0447 4384 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
18:23:47.0447 4384 C:\Windows\System32\wshqos.dll - ok
18:23:47.0447 4384 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
18:23:47.0447 4384 C:\Windows\System32\WSHTCPIP.DLL - ok
18:23:47.0462 4384 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:23:47.0462 4384 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
18:23:47.0462 4384 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
18:23:47.0462 4384 C:\Windows\System32\FirewallAPI.dll - ok
18:23:47.0478 4384 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
18:23:47.0478 4384 C:\Windows\System32\version.dll - ok
18:23:47.0478 4384 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
18:23:47.0478 4384 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
18:23:47.0494 4384 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
18:23:47.0494 4384 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
18:23:47.0494 4384 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
18:23:47.0494 4384 C:\Windows\System32\wtsapi32.dll - ok
18:23:47.0509 4384 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
18:23:47.0509 4384 C:\Windows\System32\ntmarta.dll - ok
18:23:47.0509 4384 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
18:23:47.0509 4384 C:\Windows\System32\winlogon.exe - ok
18:23:47.0525 4384 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
18:23:47.0525 4384 C:\Windows\System32\LogonUI.exe - ok
18:23:47.0525 4384 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
18:23:47.0525 4384 C:\Windows\System32\authui.dll - ok
18:23:47.0540 4384 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
18:23:47.0540 4384 C:\Windows\System32\cryptui.dll - ok
18:23:47.0540 4384 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
18:23:47.0540 4384 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
18:23:47.0556 4384 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
18:23:47.0556 4384 C:\Windows\System32\samlib.dll - ok
18:23:47.0556 4384 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
18:23:47.0556 4384 C:\Windows\System32\shacct.dll - ok
18:23:47.0572 4384 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
18:23:47.0572 4384 C:\Windows\System32\propsys.dll - ok
18:23:47.0572 4384 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
18:23:47.0572 4384 C:\Windows\System32\uxtheme.dll - ok
18:23:47.0587 4384 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
18:23:47.0587 4384 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
18:23:47.0587 4384 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
18:23:47.0587 4384 C:\Windows\System32\dui70.dll - ok
18:23:47.0603 4384 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
18:23:47.0603 4384 C:\Windows\System32\duser.dll - ok
18:23:47.0603 4384 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
18:23:47.0603 4384 C:\Windows\System32\SndVolSSO.dll - ok
18:23:47.0618 4384 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
18:23:47.0618 4384 C:\Windows\System32\hid.dll - ok
18:23:47.0618 4384 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
18:23:47.0618 4384 C:\Windows\System32\MMDevAPI.dll - ok
18:23:47.0634 4384 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
18:23:47.0634 4384 C:\Windows\System32\dwmapi.dll - ok
18:23:47.0634 4384 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
18:23:47.0634 4384 C:\Windows\System32\xmllite.dll - ok
18:23:47.0650 4384 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
18:23:47.0650 4384 C:\Windows\System32\WindowsCodecs.dll - ok
18:23:47.0650 4384 [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
18:23:47.0650 4384 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
18:23:47.0665 4384 [ 91DA5A257B800C21CC3B6674E579CF90 ] C:\Windows\System32\atiesrxx.exe
18:23:47.0665 4384 C:\Windows\System32\atiesrxx.exe - ok
18:23:47.0665 4384 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
18:23:47.0665 4384 C:\Windows\System32\winbrand.dll - ok
18:23:47.0681 4384 [ 0DD5E2549322A029BEAFCD99A7465F8B ] C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll
18:23:47.0681 4384 C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll - ok
18:23:47.0681 4384 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
18:23:47.0681 4384 C:\Windows\System32\netapi32.dll - ok
18:23:47.0696 4384 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
18:23:47.0696 4384 C:\Windows\System32\netutils.dll - ok
18:23:47.0696 4384 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
18:23:47.0696 4384 C:\Windows\System32\wkscli.dll - ok
18:23:47.0712 4384 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
18:23:47.0712 4384 C:\Windows\System32\samcli.dll - ok
18:23:47.0712 4384 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
18:23:47.0712 4384 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
18:23:47.0728 4384 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
18:23:47.0728 4384 C:\Windows\System32\VaultCredProvider.dll - ok
18:23:47.0728 4384 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
18:23:47.0728 4384 C:\Windows\System32\BioCredProv.dll - ok
18:23:47.0743 4384 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
18:23:47.0743 4384 C:\Windows\System32\credui.dll - ok
18:23:47.0743 4384 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
18:23:47.0743 4384 C:\Windows\System32\winbio.dll - ok
18:23:47.0759 4384 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
18:23:47.0759 4384 C:\Windows\System32\vaultcli.dll - ok
18:23:47.0759 4384 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
18:23:47.0759 4384 C:\Windows\System32\certCredProvider.dll - ok
18:23:47.0774 4384 [ 1ECB3FFBF22B8A7C958CCF8F96119FC0 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
18:23:47.0774 4384 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
18:23:47.0774 4384 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
18:23:47.0774 4384 C:\Windows\System32\rasplap.dll - ok
18:23:47.0790 4384 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
18:23:47.0790 4384 C:\Windows\System32\rasapi32.dll - ok
18:23:47.0790 4384 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
18:23:47.0790 4384 C:\Windows\System32\rasman.dll - ok
18:23:47.0806 4384 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
18:23:47.0806 4384 C:\Windows\System32\rtutils.dll - ok
18:23:47.0806 4384 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
18:23:47.0806 4384 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
18:23:47.0821 4384 [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
18:23:47.0821 4384 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
18:23:47.0821 4384 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
18:23:47.0821 4384 C:\Windows\System32\fltLib.dll - ok
18:23:47.0837 4384 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
18:23:47.0837 4384 C:\Windows\System32\drivers\MpFilter.sys - ok
18:23:47.0837 4384 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
18:23:47.0837 4384 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
18:23:47.0852 4384 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
18:23:47.0852 4384 C:\Windows\System32\wevtsvc.dll - ok
18:23:47.0852 4384 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
18:23:47.0852 4384 C:\Windows\System32\audiosrv.dll - ok
18:23:47.0868 4384 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
18:23:47.0868 4384 C:\Windows\System32\avrt.dll - ok
18:23:47.0868 4384 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
18:23:47.0868 4384 C:\Windows\System32\mmcss.dll - ok
18:23:47.0884 4384 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
18:23:47.0884 4384 C:\Windows\System32\wlansvc.dll - ok
18:23:47.0899 4384 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
18:23:47.0899 4384 C:\Windows\System32\adtschema.dll - ok
18:23:47.0899 4384 [ 30042487E83BF3B518DD9B92A2F52F42 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA880545-F2A6-4409-AF2D-F47B674D4BB4}\mpengine.dll
18:23:47.0899 4384 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA880545-F2A6-4409-AF2D-F47B674D4BB4}\mpengine.dll - ok
18:23:47.0915 4384 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
18:23:47.0915 4384 C:\Windows\System32\audiodg.exe - ok
18:23:47.0915 4384 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
18:23:47.0915 4384 C:\Windows\System32\netprofm.dll - ok
18:23:47.0930 4384 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
18:23:47.0930 4384 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
18:23:47.0930 4384 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
18:23:47.0946 4384 C:\Windows\System32\drivers\fltMgr.sys - ok
18:23:47.0946 4384 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
18:23:47.0946 4384 C:\Windows\System32\PSHED.DLL - ok
18:23:47.0946 4384 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
18:23:47.0962 4384 C:\Windows\System32\MPSSVC.dll - ok
18:23:47.0962 4384 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
18:23:47.0962 4384 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
18:23:47.0977 4384 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
18:23:47.0977 4384 C:\Windows\System32\gpsvc.dll - ok
18:23:47.0977 4384 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
18:23:47.0977 4384 C:\Windows\System32\nlaapi.dll - ok
18:23:47.0993 4384 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
18:23:47.0993 4384 C:\Windows\System32\profsvc.dll - ok
18:23:47.0993 4384 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
18:23:47.0993 4384 C:\Windows\System32\themeservice.dll - ok
18:23:47.0993 4384 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
18:23:47.0993 4384 C:\Windows\System32\atl.dll - ok
18:23:48.0008 4384 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
18:23:48.0008 4384 C:\Windows\System32\dsrole.dll - ok
18:23:48.0008 4384 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
18:23:48.0008 4384 C:\Windows\System32\slc.dll - ok
18:23:48.0024 4384 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
18:23:48.0024 4384 C:\Windows\System32\es.dll - ok
18:23:48.0024 4384 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
18:23:48.0024 4384 C:\Windows\System32\comres.dll - ok
18:23:48.0040 4384 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
18:23:48.0040 4384 C:\Windows\System32\Sens.dll - ok
18:23:48.0040 4384 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
18:23:48.0040 4384 C:\Windows\System32\uxsms.dll - ok
18:23:48.0055 4384 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
18:23:48.0055 4384 C:\Windows\System32\UXInit.dll - ok
18:23:48.0055 4384 [ 7946773441F48681E5F296E716ACCBD2 ] C:\Windows\System32\atieclxx.exe
18:23:48.0055 4384 C:\Windows\System32\atieclxx.exe - ok
18:23:48.0071 4384 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
18:23:48.0071 4384 C:\Windows\System32\WUDFSvc.dll - ok
18:23:48.0071 4384 [ 1EDB169BB6B0A8023F37C59F29CD7D12 ] C:\Windows\System32\atiadlxx.dll
18:23:48.0071 4384 C:\Windows\System32\atiadlxx.dll - ok
18:23:48.0086 4384 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
18:23:48.0086 4384 C:\Windows\System32\winmm.dll - ok
18:23:48.0086 4384 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
18:23:48.0086 4384 C:\Windows\System32\wdmaud.drv - ok
18:23:48.0102 4384 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
18:23:48.0102 4384 C:\Windows\System32\ksuser.dll - ok
18:23:48.0102 4384 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
18:23:48.0102 4384 C:\Windows\System32\AudioSes.dll - ok
18:23:48.0118 4384 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
18:23:48.0118 4384 C:\Windows\System32\msacm32.dll - ok
18:23:48.0118 4384 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
18:23:48.0118 4384 C:\Windows\System32\msacm32.drv - ok
18:23:48.0133 4384 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
18:23:48.0133 4384 C:\Windows\System32\midimap.dll - ok
18:23:48.0133 4384 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
18:23:48.0133 4384 C:\Windows\System32\AudioEng.dll - ok
18:23:48.0149 4384 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
18:23:48.0149 4384 C:\Windows\System32\WUDFPlatform.dll - ok
18:23:48.0149 4384 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
18:23:48.0149 4384 C:\Windows\System32\AUDIOKSE.dll - ok
18:23:48.0164 4384 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
18:23:48.0164 4384 C:\Windows\System32\drivers\lltdio.sys - ok
18:23:48.0164 4384 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
18:23:48.0164 4384 C:\Windows\System32\drivers\nwifi.sys - ok
18:23:48.0180 4384 [ 356DE36D8B9075806FA2C52C7C85F3CA ] C:\Windows\System32\RtkAPO64.dll
18:23:48.0180 4384 C:\Windows\System32\RtkAPO64.dll - ok
18:23:48.0196 4384 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
18:23:48.0196 4384 C:\Windows\System32\drivers\ndisuio.sys - ok
18:23:48.0196 4384 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
18:23:48.0196 4384 C:\Windows\System32\WMALFXGFXDSP.dll - ok
18:23:48.0211 4384 [ D052EC94EA0E8603B79D91B74F3B7BD6 ] C:\Windows\System32\atimuixx.dll
18:23:48.0211 4384 C:\Windows\System32\atimuixx.dll - ok
18:23:48.0211 4384 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
18:23:48.0211 4384 C:\Windows\System32\mfplat.dll - ok
18:23:48.0227 4384 [ CD76E59F58EB6E69C80148F682A3F634 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll
18:23:48.0227 4384 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll - ok
18:23:48.0227 4384 [ B809D62A3C0670F06092AFEB9B492D19 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll
18:23:48.0227 4384 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll - ok
18:23:48.0242 4384 [ FFAF216AFD913E48180BC0B7270DA66E ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll
18:23:48.0242 4384 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll - ok
18:23:48.0242 4384 [ 7CF8E97FFB8746598D87E4F2117FED94 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slInit64.dll
18:23:48.0242 4384 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slInit64.dll - ok
18:23:48.0258 4384 [ 3226A4C05E4FB1A42830743A0BC1E594 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slmaxv64.dll
18:23:48.0258 4384 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slmaxv64.dll - ok
18:23:48.0258 4384 [ D96A1F785501D7A8062C4CF8A7413825 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll
18:23:48.0258 4384 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll - ok
18:23:48.0274 4384 [ E4B976BBA2661E8FCA283FC48F7EFBEE ] C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
18:23:48.0274 4384 C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - ok
18:23:48.0274 4384 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
18:23:48.0274 4384 C:\Windows\System32\drivers\rspndr.sys - ok
18:23:48.0289 4384 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
18:23:48.0289 4384 C:\Windows\System32\lmhsvc.dll - ok
18:23:48.0289 4384 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
18:23:48.0289 4384 C:\Windows\System32\nsisvc.dll - ok
18:23:48.0305 4384 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
18:23:48.0305 4384 C:\Windows\System32\keyiso.dll - ok
18:23:48.0305 4384 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
18:23:48.0305 4384 C:\Windows\System32\eapsvc.dll - ok
18:23:48.0320 4384 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
18:23:48.0320 4384 C:\Windows\System32\imageres.dll - ok
18:23:48.0320 4384 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
18:23:48.0320 4384 C:\Windows\System32\IPHLPAPI.DLL - ok
18:23:48.0336 4384 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
18:23:48.0336 4384 C:\Windows\System32\dhcpcore.dll - ok
18:23:48.0336 4384 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
18:23:48.0336 4384 C:\Windows\System32\nrpsrv.dll - ok
18:23:48.0352 4384 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
18:23:48.0352 4384 C:\Windows\System32\winnsi.dll - ok
18:23:48.0352 4384 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
18:23:48.0352 4384 C:\Windows\System32\dnsrslvr.dll - ok
18:23:48.0367 4384 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
18:23:48.0367 4384 C:\Windows\System32\dhcpcore6.dll - ok
18:23:48.0367 4384 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
18:23:48.0367 4384 C:\Windows\System32\eapphost.dll - ok
18:23:48.0383 4384 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
18:23:48.0383 4384 C:\Windows\System32\FWPUCLNT.DLL - ok
18:23:48.0383 4384 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
18:23:48.0383 4384 C:\Windows\System32\dnsext.dll - ok
18:23:48.0398 4384 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
18:23:48.0398 4384 C:\Windows\System32\dhcpcsvc.dll - ok
18:23:48.0398 4384 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
18:23:48.0398 4384 C:\Windows\System32\dhcpcsvc6.dll - ok
18:23:48.0414 4384 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
18:23:48.0414 4384 C:\Windows\System32\umb.dll - ok
18:23:48.0414 4384 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
18:23:48.0414 4384 C:\Windows\System32\wlanmsm.dll - ok
18:23:48.0430 4384 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
18:23:48.0430 4384 C:\Windows\SysWOW64\ntdll.dll - ok
18:23:48.0430 4384 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
18:23:48.0430 4384 C:\Windows\System32\wow64.dll - ok
18:23:48.0445 4384 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
18:23:48.0445 4384 C:\Windows\System32\wow64win.dll - ok
18:23:48.0445 4384 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
18:23:48.0461 4384 C:\Windows\System32\wow64cpu.dll - ok
18:23:48.0461 4384 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
18:23:48.0461 4384 C:\Windows\SysWOW64\kernel32.dll - ok
18:23:48.0476 4384 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
18:23:48.0476 4384 C:\Windows\SysWOW64\KernelBase.dll - ok
18:23:48.0476 4384 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
18:23:48.0476 4384 C:\Windows\SysWOW64\user32.dll - ok
18:23:48.0492 4384 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
18:23:48.0492 4384 C:\Windows\SysWOW64\gdi32.dll - ok
18:23:48.0492 4384 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
18:23:48.0492 4384 C:\Windows\SysWOW64\lpk.dll - ok
18:23:48.0508 4384 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
18:23:48.0508 4384 C:\Windows\SysWOW64\usp10.dll - ok
18:23:48.0508 4384 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
18:23:48.0508 4384 C:\Windows\SysWOW64\msvcrt.dll - ok
18:23:48.0523 4384 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
18:23:48.0523 4384 C:\Windows\SysWOW64\advapi32.dll - ok
18:23:48.0523 4384 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
18:23:48.0523 4384 C:\Windows\SysWOW64\rpcrt4.dll - ok
18:23:48.0523 4384 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
18:23:48.0523 4384 C:\Windows\SysWOW64\sechost.dll - ok
18:23:48.0539 4384 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
18:23:48.0539 4384 C:\Windows\System32\wlansec.dll - ok
18:23:48.0539 4384 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
18:23:48.0539 4384 C:\Windows\System32\onex.dll - ok
18:23:48.0554 4384 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
18:23:48.0554 4384 C:\Windows\System32\eappcfg.dll - ok
18:23:48.0570 4384 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
18:23:48.0570 4384 C:\Windows\System32\eappprxy.dll - ok
18:23:48.0570 4384 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
18:23:48.0570 4384 C:\Windows\System32\l2gpstore.dll - ok
18:23:48.0586 4384 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
18:23:48.0586 4384 C:\Windows\System32\wlanutil.dll - ok
18:23:48.0586 4384 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
18:23:48.0586 4384 C:\Windows\System32\wlgpclnt.dll - ok
18:23:48.0601 4384 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
18:23:48.0601 4384 C:\Windows\System32\WinSCard.dll - ok
18:23:48.0601 4384 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
18:23:48.0601 4384 C:\Windows\System32\msxml6.dll - ok
18:23:48.0617 4384 [ 2D00D3DADC1D3326BA788EB071F2726E ] C:\Windows\System32\FBAgent.exe
18:23:48.0617 4384 C:\Windows\System32\FBAgent.exe - ok
18:23:48.0617 4384 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
18:23:48.0617 4384 C:\Windows\System32\msi.dll - ok
18:23:48.0632 4384 [ 18E5C2F937F9DEB8C282DF66A3761925 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
18:23:48.0632 4384 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe - ok
18:23:48.0648 4384 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
18:23:48.0648 4384 C:\Windows\SysWOW64\userenv.dll - ok
18:23:48.0648 4384 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
18:23:48.0648 4384 C:\Windows\SysWOW64\wtsapi32.dll - ok
18:23:48.0664 4384 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
18:23:48.0664 4384 C:\Windows\System32\pdh.dll - ok
18:23:48.0664 4384 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
18:23:48.0664 4384 C:\Windows\SysWOW64\cryptbase.dll - ok
18:23:48.0679 4384 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
18:23:48.0679 4384 C:\Windows\SysWOW64\msimg32.dll - ok
18:23:48.0679 4384 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
18:23:48.0679 4384 C:\Windows\SysWOW64\sspicli.dll - ok
18:23:48.0695 4384 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
18:23:48.0695 4384 C:\Windows\SysWOW64\comdlg32.dll - ok
18:23:48.0695 4384 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
18:23:48.0695 4384 C:\Windows\SysWOW64\imm32.dll - ok
18:23:48.0710 4384 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
18:23:48.0710 4384 C:\Windows\SysWOW64\profapi.dll - ok
18:23:48.0710 4384 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
18:23:48.0710 4384 C:\Windows\SysWOW64\msctf.dll - ok
18:23:48.0726 4384 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
18:23:48.0726 4384 C:\Windows\SysWOW64\shlwapi.dll - ok
18:23:48.0742 4384 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
18:23:48.0742 4384 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
18:23:48.0742 4384 [ 4C016FD76ED5C05E84CA8CAB77993961 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
18:23:48.0742 4384 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - ok
18:23:48.0757 4384 [ 7910158929571214A959D5A6D16DD9C0 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
18:23:48.0757 4384 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - ok
18:23:48.0773 4384 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
18:23:48.0773 4384 C:\Windows\SysWOW64\shell32.dll - ok
18:23:48.0773 4384 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
18:23:48.0773 4384 C:\Windows\SysWOW64\winspool.drv - ok
18:23:48.0788 4384 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
18:23:48.0788 4384 C:\Windows\SysWOW64\ole32.dll - ok
18:23:48.0788 4384 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
18:23:48.0788 4384 C:\Windows\SysWOW64\oleaut32.dll - ok
18:23:48.0804 4384 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
18:23:48.0804 4384 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
18:23:48.0804 4384 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
18:23:48.0804 4384 C:\Windows\SysWOW64\netapi32.dll - ok
18:23:48.0820 4384 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
18:23:48.0820 4384 C:\Windows\SysWOW64\netutils.dll - ok
18:23:48.0820 4384 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
18:23:48.0820 4384 C:\Windows\SysWOW64\srvcli.dll - ok
18:23:48.0835 4384 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
18:23:48.0835 4384 C:\Windows\SysWOW64\crypt32.dll - ok
18:23:48.0835 4384 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
18:23:48.0835 4384 C:\Windows\SysWOW64\samcli.dll - ok
18:23:48.0851 4384 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
18:23:48.0851 4384 C:\Windows\SysWOW64\wkscli.dll - ok
18:23:48.0851 4384 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
18:23:48.0851 4384 C:\Windows\SysWOW64\msasn1.dll - ok
18:23:48.0866 4384 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
18:23:48.0866 4384 C:\Windows\SysWOW64\uxtheme.dll - ok
18:23:48.0882 4384 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
18:23:48.0882 4384 C:\Windows\SysWOW64\clbcatq.dll - ok
18:23:48.0882 4384 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
18:23:48.0882 4384 C:\Windows\SysWOW64\winsta.dll - ok
18:23:48.0898 4384 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
18:23:48.0898 4384 C:\Windows\System32\shsvcs.dll - ok
18:23:48.0898 4384 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
18:23:48.0898 4384 C:\Windows\System32\netcfgx.dll - ok
18:23:48.0913 4384 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
18:23:48.0913 4384 C:\Windows\System32\schedsvc.dll - ok
18:23:48.0913 4384 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
18:23:48.0913 4384 C:\Windows\System32\ktmw32.dll - ok
18:23:48.0929 4384 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
18:23:48.0929 4384 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
18:23:48.0944 4384 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
18:23:48.0944 4384 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
18:23:48.0944 4384 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
18:23:48.0944 4384 C:\Windows\System32\wscapi.dll - ok
18:23:48.0960 4384 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
18:23:48.0960 4384 C:\Windows\System32\conhost.exe - ok
18:23:48.0960 4384 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
18:23:48.0960 4384 C:\Windows\SysWOW64\quartz.dll - ok
18:23:48.0976 4384 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
18:23:48.0976 4384 C:\Windows\System32\cabinet.dll - ok
18:23:48.0976 4384 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
18:23:48.0976 4384 C:\Windows\SysWOW64\winmm.dll - ok
18:23:48.0991 4384 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
18:23:48.0991 4384 C:\Windows\SysWOW64\dwmapi.dll - ok
18:23:48.0991 4384 [ CC5BF60E9D3F181C0B62AC91AD8634B8 ] C:\Windows\SysWOW64\qcap.dll
18:23:48.0991 4384 C:\Windows\SysWOW64\qcap.dll - ok
18:23:49.0007 4384 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
18:23:49.0007 4384 C:\Windows\SysWOW64\msvfw32.dll - ok
18:23:49.0007 4384 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
18:23:49.0007 4384 C:\Windows\SysWOW64\version.dll - ok
18:23:49.0022 4384 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
18:23:49.0022 4384 C:\Windows\System32\p2pcollab.dll - ok
18:23:49.0038 4384 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
18:23:49.0038 4384 C:\Windows\System32\QAGENTRT.DLL - ok
18:23:49.0038 4384 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
18:23:49.0038 4384 C:\Windows\System32\fveui.dll - ok
18:23:49.0054 4384 [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
18:23:49.0054 4384 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
18:23:49.0054 4384 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
18:23:49.0054 4384 C:\Windows\System32\slwga.dll - ok
18:23:49.0069 4384 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
18:23:49.0069 4384 C:\Windows\System32\sppc.dll - ok
18:23:49.0069 4384 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
18:23:49.0069 4384 C:\Windows\System32\fveapi.dll - ok
18:23:49.0085 4384 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
18:23:49.0085 4384 C:\Windows\System32\fvecerts.dll - ok
18:23:49.0085 4384 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
18:23:49.0085 4384 C:\Windows\System32\tbs.dll - ok
18:23:49.0100 4384 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
18:23:49.0100 4384 C:\Windows\System32\taskcomp.dll - ok
18:23:49.0100 4384 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
18:23:49.0100 4384 C:\Windows\System32\wiarpc.dll - ok
18:23:49.0116 4384 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
18:23:49.0116 4384 C:\Windows\System32\taskeng.exe - ok
18:23:49.0116 4384 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
18:23:49.0116 4384 C:\Windows\System32\drivers\http.sys - ok
18:23:49.0132 4384 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
18:23:49.0132 4384 C:\Windows\System32\perfos.dll - ok
18:23:49.0132 4384 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
18:23:49.0132 4384 C:\Windows\System32\spoolsv.exe - ok
18:23:49.0147 4384 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
18:23:49.0147 4384 C:\Windows\System32\TSChannel.dll - ok
18:23:49.0163 4384 [ 50D28F3F8B7C17056520C80A29EFE17C ] C:\Windows\System32\lpksetup.exe
18:23:49.0163 4384 C:\Windows\System32\lpksetup.exe - ok
18:23:49.0163 4384 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
18:23:49.0163 4384 C:\Windows\System32\dpx.dll - ok
18:23:49.0178 4384 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
18:23:49.0178 4384 C:\Windows\System32\BFE.DLL - ok
18:23:49.0194 4384 [ F1C09EE3A594B19DD1F4B4AEA9E353C9 ] C:\Windows\System32\comsvcs.dll
18:23:49.0194 4384 C:\Windows\System32\comsvcs.dll - ok
18:23:49.0194 4384 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
18:23:49.0194 4384 C:\Windows\System32\drivers\srvnet.sys - ok
18:23:49.0210 4384 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
18:23:49.0210 4384 C:\Windows\System32\drivers\bowser.sys - ok
18:23:49.0210 4384 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
18:23:49.0210 4384 C:\Windows\System32\drivers\mpsdrv.sys - ok
18:23:49.0225 4384 [ 8CF4B0337B06CCC624C20EE4C934767E ] C:\Windows\System32\lpksetupproxyserv.dll
18:23:49.0225 4384 C:\Windows\System32\lpksetupproxyserv.dll - ok
18:23:49.0225 4384 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
18:23:49.0225 4384 C:\Windows\System32\drivers\mrxsmb.sys - ok
18:23:49.0241 4384 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
18:23:49.0241 4384 C:\Windows\System32\drivers\mrxsmb10.sys - ok
18:23:49.0241 4384 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
18:23:49.0241 4384 C:\Windows\System32\drivers\mrxsmb20.sys - ok
18:23:49.0256 4384 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
18:23:49.0256 4384 C:\Windows\System32\drivers\srv2.sys - ok
18:23:49.0256 4384 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
18:23:49.0256 4384 C:\Windows\System32\wkssvc.dll - ok
18:23:49.0272 4384 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
18:23:49.0272 4384 C:\Windows\System32\wfapigp.dll - ok
18:23:49.0272 4384 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
18:23:49.0272 4384 C:\Windows\System32\drivers\srv.sys - ok
18:23:49.0288 4384 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
18:23:49.0288 4384 C:\Windows\System32\srvsvc.dll - ok
18:23:49.0303 4384 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
18:23:49.0303 4384 C:\Windows\System32\browser.dll - ok
18:23:49.0303 4384 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
18:23:49.0303 4384 C:\Windows\System32\netmsg.dll - ok
18:23:49.0319 4384 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
18:23:49.0319 4384 C:\Windows\System32\sscore.dll - ok
18:23:49.0319 4384 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
18:23:49.0319 4384 C:\Windows\System32\clusapi.dll - ok
18:23:49.0334 4384 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
18:23:49.0334 4384 C:\Windows\System32\resutils.dll - ok
18:23:49.0350 4384 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
18:23:49.0350 4384 C:\Program Files\Bonjour\mdnsNSP.dll - ok
18:23:49.0350 4384 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:23:49.0350 4384 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
18:23:49.0366 4384 [ AF528B4ECA925F63D437F76E87D8971D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
18:23:49.0366 4384 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
18:23:49.0366 4384 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
18:23:49.0366 4384 C:\Windows\System32\rasadhlp.dll - ok
18:23:49.0381 4384 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
18:23:49.0381 4384 C:\Windows\SysWOW64\wintrust.dll - ok
18:23:49.0381 4384 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
18:23:49.0381 4384 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
18:23:49.0397 4384 [ 7EF47644B74EBE721CC32211D3C35E76 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:23:49.0397 4384 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
18:23:49.0397 4384 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
18:23:49.0397 4384 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
18:23:49.0412 4384 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
18:23:49.0412 4384 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
18:23:49.0428 4384 [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
18:23:49.0428 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
18:23:49.0428 4384 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
18:23:49.0428 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
18:23:49.0444 4384 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
18:23:49.0444 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
18:23:49.0444 4384 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
18:23:49.0444 4384 C:\Windows\SysWOW64\ws2_32.dll - ok
18:23:49.0459 4384 [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
18:23:49.0459 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
18:23:49.0459 4384 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
18:23:49.0459 4384 C:\Windows\SysWOW64\nsi.dll - ok
18:23:49.0475 4384 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
18:23:49.0475 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
18:23:49.0475 4384 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
18:23:49.0475 4384 C:\Windows\SysWOW64\wsock32.dll - ok
18:23:49.0490 4384 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
18:23:49.0490 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
18:23:49.0490 4384 [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
18:23:49.0490 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
18:23:49.0506 4384 [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
18:23:49.0506 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
18:23:49.0506 4384 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
18:23:49.0506 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
18:23:49.0522 4384 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
18:23:49.0522 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
18:23:49.0537 4384 [ F8ECB748B53A010464F7A63154D75F56 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
18:23:49.0537 4384 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
18:23:49.0537 4384 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
18:23:49.0537 4384 C:\Windows\SysWOW64\setupapi.dll - ok
18:23:49.0553 4384 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
18:23:49.0553 4384 C:\Windows\SysWOW64\cfgmgr32.dll - ok
18:23:49.0553 4384 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
18:23:49.0553 4384 C:\Windows\SysWOW64\devobj.dll - ok
18:23:49.0568 4384 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
18:23:49.0568 4384 C:\Windows\SysWOW64\dnssd.dll - ok
18:23:49.0568 4384 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
18:23:49.0568 4384 C:\Windows\SysWOW64\ntmarta.dll - ok
18:23:49.0584 4384 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
18:23:49.0584 4384 C:\Windows\SysWOW64\Wldap32.dll - ok
18:23:49.0584 4384 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
18:23:49.0584 4384 C:\Program Files\Bonjour\mDNSResponder.exe - ok
18:23:49.0584 4384 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
18:23:49.0584 4384 C:\Windows\SysWOW64\mswsock.dll - ok
18:23:49.0600 4384 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
18:23:49.0600 4384 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
18:23:49.0600 4384 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
18:23:49.0600 4384 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
18:23:49.0615 4384 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
18:23:49.0615 4384 C:\Windows\System32\efssvc.dll - ok
18:23:49.0615 4384 [ 2C478E667CE27B2B7142F756CF569A9A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
18:23:49.0615 4384 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
18:23:49.0631 4384 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
18:23:49.0631 4384 C:\Windows\System32\cryptsvc.dll - ok
18:23:49.0646 4384 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
18:23:49.0646 4384 C:\Windows\System32\cryptnet.dll - ok
18:23:49.0646 4384 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
18:23:49.0646 4384 C:\Windows\System32\dps.dll - ok
18:23:49.0646 4384 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
18:23:49.0646 4384 C:\Windows\System32\efscore.dll - ok
18:23:49.0662 4384 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
18:23:49.0662 4384 C:\Windows\System32\efsutil.dll - ok
18:23:49.0662 4384 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
18:23:49.0662 4384 C:\Windows\System32\IKEEXT.DLL - ok
18:23:49.0678 4384 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
18:23:49.0678 4384 C:\Windows\System32\vpnikeapi.dll - ok
18:23:49.0678 4384 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
18:23:49.0678 4384 C:\Windows\System32\taskschd.dll - ok
18:23:49.0693 4384 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
18:23:49.0693 4384 C:\Windows\System32\drivers\PEAuth.sys - ok
18:23:49.0693 4384 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
18:23:49.0693 4384 C:\Windows\SysWOW64\wininet.dll - ok
18:23:49.0709 4384 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
18:23:49.0709 4384 C:\Windows\SysWOW64\iertutil.dll - ok
18:23:49.0709 4384 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
18:23:49.0709 4384 C:\Windows\SysWOW64\urlmon.dll - ok
18:23:49.0724 4384 [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
18:23:49.0724 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
18:23:49.0740 4384 [ 5D76C8CC87D0EFBE0B4A3BEF6B67EBF0 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
18:23:49.0740 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
18:23:49.0740 4384 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
18:23:49.0740 4384 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
18:23:49.0756 4384 [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
18:23:49.0756 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
18:23:49.0756 4384 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
18:23:49.0756 4384 C:\Windows\SysWOW64\winnsi.dll - ok
18:23:49.0771 4384 [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
18:23:49.0771 4384 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
18:23:49.0771 4384 [ E9605A180001A6B5551112D91DE92CA1 ] C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
18:23:49.0771 4384 C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe - ok
18:23:49.0787 4384 [ 78B62E4C13378F737603136975A07E1A ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll
18:23:49.0787 4384 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll - ok
18:23:49.0787 4384 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
18:23:49.0787 4384 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
18:23:49.0802 4384 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
18:23:49.0802 4384 C:\Windows\System32\drivers\secdrv.sys - ok
18:23:49.0802 4384 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
18:23:49.0802 4384 C:\Windows\System32\seclogon.dll - ok
18:23:49.0818 4384 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
18:23:49.0818 4384 C:\Windows\System32\netman.dll - ok
18:23:49.0818 4384 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
18:23:49.0818 4384 C:\Windows\System32\nlasvc.dll - ok
18:23:49.0834 4384 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
18:23:49.0834 4384 C:\Windows\System32\pcasvc.dll - ok
18:23:49.0834 4384 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
18:23:49.0834 4384 C:\Windows\System32\aepic.dll - ok
18:23:49.0849 4384 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
18:23:49.0849 4384 C:\Windows\System32\sfc.dll - ok
18:23:49.0849 4384 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
18:23:49.0849 4384 C:\Windows\System32\sfc_os.dll - ok
18:23:49.0865 4384 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
18:23:49.0865 4384 C:\Windows\System32\ncsi.dll - ok
18:23:49.0865 4384 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
18:23:49.0865 4384 C:\Windows\System32\winhttp.dll - ok
18:23:49.0880 4384 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
18:23:49.0880 4384 C:\Windows\System32\webio.dll - ok
18:23:49.0880 4384 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
18:23:49.0880 4384 C:\Windows\System32\vssapi.dll - ok
18:23:49.0896 4384 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
18:23:49.0896 4384 C:\Windows\System32\vsstrace.dll - ok
18:23:49.0896 4384 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
18:23:49.0896 4384 C:\Windows\System32\ssdpapi.dll - ok
18:23:49.0912 4384 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
18:23:49.0912 4384 C:\Windows\System32\IPSECSVC.DLL - ok
18:23:49.0912 4384 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
18:23:49.0912 4384 C:\Windows\System32\FwRemoteSvr.dll - ok
18:23:49.0927 4384 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] C:\Program Files (x86)\Skype\Updater\Updater.exe
18:23:49.0927 4384 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
18:23:49.0927 4384 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
18:23:49.0927 4384 C:\Windows\SysWOW64\psapi.dll - ok
18:23:49.0943 4384 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
18:23:49.0943 4384 C:\Windows\SysWOW64\cryptsp.dll - ok
18:23:49.0943 4384 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
18:23:49.0943 4384 C:\Windows\System32\drivers\tcpipreg.sys - ok
18:23:49.0958 4384 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
18:23:49.0958 4384 C:\Windows\System32\httpapi.dll - ok
18:23:49.0958 4384 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
18:23:49.0958 4384 C:\Windows\System32\sstpsvc.dll - ok
18:23:49.0974 4384 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
18:23:49.0974 4384 C:\Windows\System32\wiaservc.dll - ok
18:23:49.0974 4384 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
18:23:49.0974 4384 C:\Windows\System32\tapisrv.dll - ok
18:23:49.0990 4384 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
18:23:49.0990 4384 C:\Windows\System32\wbem\WMIsvc.dll - ok
18:23:49.0990 4384 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
18:23:49.0990 4384 C:\Program Files\Windows Defender\MpSvc.dll - ok
18:23:50.0005 4384 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
18:23:50.0005 4384 C:\Windows\System32\wiatrace.dll - ok
18:23:50.0005 4384 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
18:23:50.0005 4384 C:\Windows\SysWOW64\rsaenh.dll - ok
18:23:50.0021 4384 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
18:23:50.0021 4384 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
18:23:50.0021 4384 [ 357CABBF155AFD1D3926E62539D2A3A7 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:23:50.0021 4384 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
18:23:50.0036 4384 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
18:23:50.0036 4384 C:\Windows\System32\sysmain.dll - ok
18:23:50.0036 4384 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
18:23:50.0036 4384 C:\Windows\System32\trkwks.dll - ok
18:23:50.0052 4384 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
18:23:50.0052 4384 C:\Windows\System32\wbemcomn.dll - ok
18:23:50.0052 4384 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
18:23:50.0052 4384 C:\Windows\System32\wbem\WinMgmtR.dll - ok
18:23:50.0068 4384 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
18:23:50.0068 4384 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
18:23:50.0068 4384 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
18:23:50.0068 4384 C:\Program Files\Windows Defender\MpClient.dll - ok
18:23:50.0083 4384 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
18:23:50.0083 4384 C:\Windows\System32\aeevts.dll - ok
18:23:50.0083 4384 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
18:23:50.0083 4384 C:\Windows\System32\wbem\fastprox.dll - ok
18:23:50.0099 4384 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
18:23:50.0099 4384 C:\Windows\System32\ntdsapi.dll - ok
18:23:50.0099 4384 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
18:23:50.0099 4384 C:\Windows\System32\wbem\wbemprox.dll - ok
18:23:50.0114 4384 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
18:23:50.0114 4384 C:\Windows\System32\wbem\wbemcore.dll - ok
18:23:50.0114 4384 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
18:23:50.0114 4384 C:\Windows\System32\wbem\esscli.dll - ok
18:23:50.0114 4384 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
18:23:50.0114 4384 C:\Windows\System32\wbem\wbemsvc.dll - ok
18:23:50.0130 4384 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
18:23:50.0130 4384 C:\Windows\System32\wbem\wmiutils.dll - ok
18:23:50.0130 4384 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
18:23:50.0130 4384 C:\Windows\System32\wbem\repdrvfs.dll - ok
18:23:50.0146 4384 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
18:23:50.0146 4384 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
18:23:50.0146 4384 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
18:23:50.0146 4384 C:\Windows\System32\SensApi.dll - ok
18:23:50.0161 4384 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
18:23:50.0161 4384 C:\Windows\System32\wer.dll - ok
18:23:50.0161 4384 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
18:23:50.0161 4384 C:\Windows\System32\iphlpsvc.dll - ok
18:23:50.0177 4384 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
18:23:50.0177 4384 C:\Windows\System32\sqmapi.dll - ok
18:23:50.0177 4384 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
18:23:50.0177 4384 C:\Windows\System32\wdscore.dll - ok
18:23:50.0192 4384 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
18:23:50.0192 4384 C:\Windows\System32\rasmans.dll - ok
18:23:50.0192 4384 [ FFDAE493D48DEFE7936C735A175ACB6D ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
18:23:50.0192 4384 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
18:23:50.0208 4384 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
18:23:50.0208 4384 C:\Windows\System32\rastapi.dll - ok
18:23:50.0208 4384 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
18:23:50.0208 4384 C:\Windows\System32\tapi32.dll - ok
18:23:50.0224 4384 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
18:23:50.0224 4384 C:\Windows\System32\hnetcfg.dll - ok
18:23:50.0224 4384 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
18:23:50.0224 4384 C:\Windows\System32\unimdm.tsp - ok
18:23:50.0239 4384 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
18:23:50.0239 4384 C:\Windows\System32\uniplat.dll - ok
18:23:50.0239 4384 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
18:23:50.0239 4384 C:\Windows\System32\kmddsp.tsp - ok
18:23:50.0255 4384 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
18:23:50.0255 4384 C:\Windows\System32\ndptsp.tsp - ok
18:23:50.0255 4384 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
18:23:50.0255 4384 C:\Windows\System32\hidphone.tsp - ok
18:23:50.0270 4384 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
18:23:50.0270 4384 C:\Windows\System32\rasppp.dll - ok
18:23:50.0270 4384 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
18:23:50.0270 4384 C:\Windows\System32\vpnike.dll - ok
18:23:50.0286 4384 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
18:23:50.0286 4384 C:\Windows\System32\raschap.dll - ok
18:23:50.0286 4384 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
18:23:50.0286 4384 C:\Windows\System32\ipnathlp.dll - ok
18:23:50.0302 4384 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
18:23:50.0302 4384 C:\Windows\System32\msxml3.dll - ok
18:23:50.0302 4384 [ D790CAFEFF0291D0AF8C76F5A1EE2E4E ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
18:23:50.0302 4384 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
18:23:50.0317 4384 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
18:23:50.0317 4384 C:\Windows\System32\mprapi.dll - ok
18:23:50.0317 4384 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
18:23:50.0317 4384 C:\Windows\System32\netshell.dll - ok
18:23:50.0333 4384 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
18:23:50.0333 4384 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
18:23:50.0333 4384 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
18:23:50.0333 4384 C:\Windows\System32\ncobjapi.dll - ok
18:23:50.0348 4384 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
18:23:50.0348 4384 C:\Windows\System32\wbem\wbemess.dll - ok
18:23:50.0348 4384 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
18:23:50.0348 4384 C:\Windows\System32\mprmsg.dll - ok
18:23:50.0364 4384 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
18:23:50.0364 4384 C:\Windows\System32\ndiscapCfg.dll - ok
18:23:50.0364 4384 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
18:23:50.0364 4384 C:\Windows\System32\rascfg.dll - ok
18:23:50.0380 4384 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
18:23:50.0380 4384 C:\Windows\System32\tcpipcfg.dll - ok
18:23:50.0380 4384 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
18:23:50.0380 4384 C:\Windows\servicing\TrustedInstaller.exe - ok
18:23:50.0395 4384 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
18:23:50.0395 4384 C:\Windows\System32\wdi.dll - ok
18:23:50.0395 4384 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
18:23:50.0395 4384 C:\Windows\System32\npmproxy.dll - ok
18:23:50.0411 4384 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
18:23:50.0411 4384 C:\Windows\System32\perftrack.dll - ok
18:23:50.0411 4384 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
18:23:50.0411 4384 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
18:23:50.0426 4384 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
18:23:50.0426 4384 C:\Windows\System32\dbghelp.dll - ok
18:23:50.0426 4384 [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
18:23:50.0426 4384 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
18:23:50.0442 4384 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
18:23:50.0442 4384 C:\Windows\System32\hidserv.dll - ok
18:23:50.0442 4384 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
18:23:50.0442 4384 C:\Windows\System32\diagperf.dll - ok
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm

Re: Browser does not go where I want it to

Unread postby punkpal » February 13th, 2013, 8:01 pm

18:23:50.0458 4384 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
18:23:50.0458 4384 C:\Windows\System32\wpdbusenum.dll - ok
18:23:50.0458 4384 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
18:23:50.0458 4384 C:\Windows\System32\PortableDeviceApi.dll - ok
18:23:50.0473 4384 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
18:23:50.0473 4384 C:\Windows\System32\NapiNSP.dll - ok
18:23:50.0473 4384 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
18:23:50.0473 4384 C:\Windows\System32\pnrpnsp.dll - ok
18:23:50.0489 4384 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
18:23:50.0489 4384 C:\Windows\System32\winrnr.dll - ok
18:23:50.0489 4384 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
18:23:50.0489 4384 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
18:23:50.0504 4384 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
18:23:50.0504 4384 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
18:23:50.0504 4384 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
18:23:50.0504 4384 C:\Windows\System32\pnpts.dll - ok
18:23:50.0520 4384 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
18:23:50.0520 4384 C:\Windows\System32\wdiasqmmodule.dll - ok
18:23:50.0520 4384 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
18:23:50.0520 4384 C:\Windows\System32\nci.dll - ok
18:23:50.0536 4384 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
18:23:50.0536 4384 C:\Windows\System32\wlaninst.dll - ok
18:23:50.0536 4384 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
18:23:50.0536 4384 C:\Windows\System32\wwaninst.dll - ok
18:23:50.0551 4384 [ 20C7F2ADAE249D6708941BC8CDD9735F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DF1BF901-0508-4996-BFEB-EB821223F3F7}\gapaengine.dll
18:23:50.0551 4384 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DF1BF901-0508-4996-BFEB-EB821223F3F7}\gapaengine.dll - ok
18:23:50.0551 4384 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
18:23:50.0551 4384 C:\Windows\System32\Apphlpdm.dll - ok
18:23:50.0567 4384 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
18:23:50.0567 4384 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
18:23:50.0567 4384 [ D729084195C952B7ED14AA6DA4B44DCA ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DF1BF901-0508-4996-BFEB-EB821223F3F7}\nisfull.vdm
18:23:50.0567 4384 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DF1BF901-0508-4996-BFEB-EB821223F3F7}\nisfull.vdm - ok
18:23:50.0582 4384 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
18:23:50.0582 4384 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
18:23:50.0582 4384 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
18:23:50.0582 4384 C:\Windows\System32\mpr.dll - ok
18:23:50.0598 4384 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
18:23:50.0598 4384 C:\Windows\System32\spp.dll - ok
18:23:50.0598 4384 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
18:23:50.0598 4384 C:\Windows\System32\srclient.dll - ok
18:23:50.0614 4384 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
18:23:50.0614 4384 C:\Windows\System32\sxsstore.dll - ok
18:23:50.0614 4384 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
18:23:50.0614 4384 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
18:23:50.0629 4384 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
18:23:50.0629 4384 C:\Windows\System32\spfileq.dll - ok
18:23:50.0629 4384 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
18:23:50.0645 4384 C:\Windows\System32\taskhost.exe - ok
18:23:50.0645 4384 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
18:23:50.0645 4384 C:\Windows\System32\dimsjob.dll - ok
18:23:50.0660 4384 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
18:23:50.0660 4384 C:\Windows\System32\pautoenr.dll - ok
18:23:50.0660 4384 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
18:23:50.0660 4384 C:\Windows\servicing\CbsApi.dll - ok
18:23:50.0676 4384 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
18:23:50.0676 4384 C:\Windows\System32\certcli.dll - ok
18:23:50.0676 4384 [ DB70FE36AC8F594E9E69479C076BADB8 ] C:\Windows\System32\HelpPaneProxy.dll
18:23:50.0676 4384 C:\Windows\System32\HelpPaneProxy.dll - ok
18:23:50.0692 4384 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
18:23:50.0692 4384 C:\Windows\System32\CertEnroll.dll - ok
18:23:50.0692 4384 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
18:23:50.0692 4384 C:\Windows\System32\drivers\fastfat.sys - ok
18:23:50.0707 4384 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
18:23:50.0707 4384 C:\Windows\System32\esent.dll - ok
18:23:50.0707 4384 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
18:23:50.0707 4384 C:\Windows\System32\wbem\NCProv.dll - ok
18:23:50.0723 4384 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
18:23:50.0723 4384 C:\Windows\System32\localspl.dll - ok
18:23:50.0723 4384 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
18:23:50.0723 4384 C:\Windows\System32\spoolss.dll - ok
18:23:50.0738 4384 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
18:23:50.0738 4384 C:\Windows\System32\winspool.drv - ok
18:23:50.0738 4384 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
18:23:50.0738 4384 C:\Windows\System32\PrintIsolationProxy.dll - ok
18:23:50.0754 4384 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
18:23:50.0754 4384 C:\Windows\System32\FXSMON.dll - ok
18:23:50.0754 4384 [ 2E1729779D60F4003508F393E8343ED8 ] C:\Windows\System32\hpf3lw73.dll
18:23:50.0754 4384 C:\Windows\System32\hpf3lw73.dll - ok
18:23:50.0770 4384 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
18:23:50.0770 4384 C:\Windows\System32\snmpapi.dll - ok
18:23:50.0770 4384 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
18:23:50.0770 4384 C:\Windows\System32\tcpmon.dll - ok
18:23:50.0785 4384 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
18:23:50.0785 4384 C:\Windows\System32\wsnmp32.dll - ok
18:23:50.0785 4384 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
18:23:50.0785 4384 C:\Windows\System32\usbmon.dll - ok
18:23:50.0801 4384 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
18:23:50.0801 4384 C:\Windows\System32\WSDMon.dll - ok
18:23:50.0801 4384 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
18:23:50.0801 4384 C:\Windows\System32\WSDApi.dll - ok
18:23:50.0816 4384 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
18:23:50.0816 4384 C:\Windows\System32\webservices.dll - ok
18:23:50.0816 4384 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
18:23:50.0816 4384 C:\Windows\System32\fundisc.dll - ok
18:23:50.0832 4384 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
18:23:50.0832 4384 C:\Windows\System32\fdPnp.dll - ok
18:23:50.0832 4384 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
18:23:50.0832 4384 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
18:23:50.0848 4384 [ AD911EBC4FADCCAA243E379FF23AB959 ] C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll
18:23:50.0848 4384 C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll - ok
18:23:50.0848 4384 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
18:23:50.0848 4384 C:\Windows\System32\win32spl.dll - ok
18:23:50.0863 4384 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
18:23:50.0863 4384 C:\Windows\System32\inetpp.dll - ok
18:23:50.0863 4384 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
18:23:50.0863 4384 C:\Windows\System32\cscapi.dll - ok
18:23:50.0879 4384 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:23:50.0879 4384 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
18:23:50.0879 4384 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
18:23:50.0879 4384 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
18:23:50.0894 4384 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
18:23:50.0894 4384 C:\Windows\SysWOW64\mscoree.dll - ok
18:23:50.0894 4384 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:23:50.0894 4384 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
18:23:50.0910 4384 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
18:23:50.0910 4384 C:\Windows\System32\msvcr100_clr0400.dll - ok
18:23:50.0910 4384 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
18:23:50.0910 4384 C:\Windows\System32\mscoree.dll - ok
18:23:50.0926 4384 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
18:23:50.0926 4384 C:\Windows\System32\FntCache.dll - ok
18:23:50.0926 4384 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
18:23:50.0926 4384 C:\Windows\System32\sppsvc.exe - ok
18:23:50.0941 4384 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
18:23:50.0941 4384 C:\Windows\System32\drivers\spsys.sys - ok
18:23:50.0941 4384 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
18:23:50.0941 4384 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
18:23:50.0957 4384 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
18:23:50.0957 4384 C:\Windows\System32\wsock32.dll - ok
18:23:50.0957 4384 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
18:23:50.0957 4384 C:\Windows\System32\sppwinob.dll - ok
18:23:50.0972 4384 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
18:23:50.0972 4384 C:\Windows\System32\wmdrmdev.dll - ok
18:23:50.0972 4384 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
18:23:50.0972 4384 C:\Windows\System32\drmv2clt.dll - ok
18:23:50.0988 4384 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
18:23:50.0988 4384 C:\Windows\System32\wscsvc.dll - ok
18:23:50.0988 4384 [ F9ABDE7A2219AE6772379C08D216FC4B ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
18:23:50.0988 4384 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
18:23:51.0004 4384 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
18:23:51.0004 4384 C:\Windows\System32\SearchIndexer.exe - ok
18:23:51.0004 4384 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
18:23:51.0004 4384 C:\Windows\System32\wuapi.dll - ok
18:23:51.0019 4384 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
18:23:51.0019 4384 C:\Windows\System32\tquery.dll - ok
18:23:51.0019 4384 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
18:23:51.0019 4384 C:\Windows\System32\wups.dll - ok
18:23:51.0035 4384 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
18:23:51.0035 4384 C:\Windows\System32\mssrch.dll - ok
18:23:51.0035 4384 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
18:23:51.0035 4384 C:\Windows\System32\upnp.dll - ok
18:23:51.0050 4384 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
18:23:51.0050 4384 C:\Windows\System32\msidle.dll - ok
18:23:51.0050 4384 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
18:23:51.0050 4384 C:\Windows\System32\ssdpsrv.dll - ok
18:23:51.0066 4384 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
18:23:51.0066 4384 C:\Windows\System32\en-US\tquery.dll.mui - ok
18:23:51.0066 4384 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
18:23:51.0066 4384 C:\Windows\System32\wmp.dll - ok
18:23:51.0082 4384 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
18:23:51.0082 4384 C:\Windows\System32\sppobjs.dll - ok
18:23:51.0082 4384 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
18:23:51.0082 4384 C:\Windows\System32\wmploc.DLL - ok
18:23:51.0097 4384 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
18:23:51.0097 4384 C:\Program Files\Internet Explorer\ieproxy.dll - ok
18:23:51.0097 4384 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
18:23:51.0097 4384 C:\Windows\System32\provsvc.dll - ok
18:23:51.0113 4384 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
18:23:51.0113 4384 C:\Windows\System32\wmpps.dll - ok
18:23:51.0113 4384 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
18:23:51.0113 4384 C:\Windows\System32\wmpmde.dll - ok
18:23:51.0128 4384 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
18:23:51.0128 4384 C:\Windows\System32\WinSATAPI.dll - ok
18:23:51.0128 4384 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
18:23:51.0128 4384 C:\Windows\System32\dxgi.dll - ok
18:23:51.0128 4384 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
18:23:51.0144 4384 C:\Windows\System32\MSMPEG2ENC.DLL - ok
18:23:51.0144 4384 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
18:23:51.0144 4384 C:\Windows\System32\devenum.dll - ok
18:23:51.0144 4384 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
18:23:51.0144 4384 C:\Windows\System32\wscisvif.dll - ok
18:23:51.0160 4384 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
18:23:51.0160 4384 C:\Windows\System32\wscproxystub.dll - ok
18:23:51.0160 4384 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
18:23:51.0175 4384 C:\Windows\System32\msdmo.dll - ok
18:23:51.0175 4384 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
18:23:51.0175 4384 C:\Windows\System32\upnphost.dll - ok
18:23:51.0191 4384 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
18:23:51.0191 4384 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
18:23:51.0191 4384 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
18:23:51.0191 4384 C:\Windows\System32\wbem\wmiprov.dll - ok
18:23:51.0206 4384 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
18:23:51.0206 4384 C:\Windows\System32\udhisapi.dll - ok
18:23:51.0206 4384 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
18:23:51.0206 4384 C:\Windows\System32\wuaueng.dll - ok
18:23:51.0222 4384 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
18:23:51.0222 4384 C:\Windows\System32\mspatcha.dll - ok
18:23:51.0222 4384 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
18:23:51.0222 4384 C:\Windows\System32\wups2.dll - ok
18:23:51.0222 4384 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
18:23:51.0238 4384 C:\Windows\System32\linkinfo.dll - ok
18:23:51.0238 4384 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
18:23:51.0238 4384 C:\Windows\System32\networkexplorer.dll - ok
18:23:51.0238 4384 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
18:23:51.0238 4384 C:\Windows\System32\drprov.dll - ok
18:23:51.0253 4384 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
18:23:51.0253 4384 C:\Windows\System32\ntlanman.dll - ok
18:23:51.0253 4384 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
18:23:51.0253 4384 C:\Windows\System32\davclnt.dll - ok
18:23:51.0269 4384 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
18:23:51.0269 4384 C:\Windows\System32\davhlpr.dll - ok
18:23:51.0269 4384 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
18:23:51.0269 4384 C:\Windows\System32\radardt.dll - ok
18:23:51.0284 4384 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
18:23:51.0284 4384 C:\Windows\System32\dllhost.exe - ok
18:23:51.0300 4384 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
18:23:51.0300 4384 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
18:23:51.0300 4384 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
18:23:51.0300 4384 C:\Windows\System32\IDStore.dll - ok
18:23:51.0316 4384 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
18:23:51.0316 4384 C:\Windows\System32\AtBroker.exe - ok
18:23:51.0316 4384 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
18:23:51.0316 4384 C:\Windows\System32\userinit.exe - ok
18:23:51.0331 4384 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
18:23:51.0331 4384 C:\Windows\System32\dwm.exe - ok
18:23:51.0331 4384 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
18:23:51.0331 4384 C:\Windows\System32\PlaySndSrv.dll - ok
18:23:51.0347 4384 [ F36521883D8DBA4F803FB4355C685142 ] C:\Program Files\P4G\BatteryLife.exe
18:23:51.0347 4384 C:\Program Files\P4G\BatteryLife.exe - ok
18:23:51.0347 4384 [ F30AA962D602D1A0377DFB99031E7B5C ] C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
18:23:51.0347 4384 C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe - ok
18:23:51.0362 4384 [ F4DCD4912B185C3AAEB92A7040832AD1 ] C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
18:23:51.0362 4384 C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe - ok
18:23:51.0362 4384 [ 868E3486E7EC522330344152A5535783 ] C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
18:23:51.0362 4384 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe - ok
18:23:51.0378 4384 [ A6C20CBD1B10FEF25DAA4F1CF9FBC4FF ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
18:23:51.0378 4384 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - ok
18:23:51.0378 4384 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
18:23:51.0378 4384 C:\Windows\System32\HotStartUserAgent.dll - ok
18:23:51.0394 4384 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
18:23:51.0394 4384 C:\Windows\System32\dwmredir.dll - ok
18:23:51.0394 4384 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
18:23:51.0394 4384 C:\Windows\System32\MsCtfMonitor.dll - ok
18:23:51.0409 4384 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
18:23:51.0409 4384 C:\Windows\explorer.exe - ok
18:23:51.0409 4384 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
18:23:51.0409 4384 C:\Windows\System32\dwmcore.dll - ok
18:23:51.0425 4384 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
18:23:51.0425 4384 C:\Windows\System32\msutb.dll - ok
18:23:51.0425 4384 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
18:23:51.0425 4384 C:\Windows\System32\dssenh.dll - ok
18:23:51.0440 4384 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
18:23:51.0440 4384 C:\Windows\System32\d3d10_1.dll - ok
18:23:51.0440 4384 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
18:23:51.0440 4384 C:\Windows\System32\d3d10_1core.dll - ok
18:23:51.0440 4384 [ 7883FCCEC183A793B33E989DCCC1B033 ] C:\Windows\System32\aticfx64.dll
18:23:51.0440 4384 C:\Windows\System32\aticfx64.dll - ok
18:23:51.0456 4384 [ 53AB0412042F3ABC36BAA0FF34C83753 ] C:\Windows\System32\atiuxp64.dll
18:23:51.0456 4384 C:\Windows\System32\atiuxp64.dll - ok
18:23:51.0456 4384 [ ACE13E21747A111855199CE499E812D9 ] C:\Windows\System32\atidxx64.dll
18:23:51.0456 4384 C:\Windows\System32\atidxx64.dll - ok
18:23:51.0472 4384 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
18:23:51.0472 4384 C:\Windows\System32\ExplorerFrame.dll - ok
18:23:51.0472 4384 [ 6FCAFCB0820C9BC0EE363F26A9A9D8F3 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
18:23:51.0472 4384 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll - ok
18:23:51.0487 4384 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
18:23:51.0487 4384 C:\Windows\System32\uDWM.dll - ok
18:23:51.0487 4384 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
18:23:51.0487 4384 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
18:23:51.0503 4384 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
18:23:51.0503 4384 C:\Windows\System32\EhStorShell.dll - ok
18:23:51.0503 4384 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
18:23:51.0518 4384 C:\Windows\System32\ntshrui.dll - ok
18:23:51.0518 4384 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
18:23:51.0518 4384 C:\Windows\System32\IconCodecService.dll - ok
18:23:51.0534 4384 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
18:23:51.0534 4384 C:\Windows\System32\runonce.exe - ok
18:23:51.0534 4384 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
18:23:51.0534 4384 C:\Windows\SysWOW64\runonce.exe - ok
18:23:51.0550 4384 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
18:23:51.0550 4384 C:\Windows\SysWOW64\propsys.dll - ok
18:23:51.0550 4384 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
18:23:51.0550 4384 C:\Windows\SysWOW64\secur32.dll - ok
18:23:51.0565 4384 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
18:23:51.0565 4384 C:\Windows\SysWOW64\apphelp.dll - ok
18:23:51.0565 4384 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
18:23:51.0565 4384 C:\Windows\SysWOW64\cmd.exe - ok
18:23:51.0581 4384 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
18:23:51.0581 4384 C:\Windows\SysWOW64\winbrand.dll - ok
18:23:51.0581 4384 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
18:23:51.0581 4384 C:\Windows\SysWOW64\ieframe.dll - ok
18:23:51.0596 4384 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
18:23:51.0596 4384 C:\Windows\SysWOW64\oleacc.dll - ok
18:23:51.0596 4384 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
18:23:51.0596 4384 C:\Windows\System32\aelupsvc.dll - ok
18:23:51.0596 4384 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
18:23:51.0612 4384 C:\Windows\SysWOW64\shdocvw.dll - ok
18:23:51.0612 4384 [ 53281BC7812F67534489FF4001A2887E ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
18:23:51.0612 4384 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe - ok
18:23:51.0628 4384 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
18:23:51.0628 4384 C:\Windows\SysWOW64\MMDevAPI.dll - ok
18:23:51.0628 4384 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
18:23:51.0628 4384 C:\Windows\SysWOW64\AudioSes.dll - ok
18:23:51.0643 4384 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
18:23:51.0643 4384 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
18:23:51.0643 4384 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
18:23:51.0643 4384 C:\Windows\SysWOW64\wbemcomn.dll - ok
18:23:51.0659 4384 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
18:23:51.0659 4384 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
18:23:51.0659 4384 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
18:23:51.0659 4384 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
18:23:51.0674 4384 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
18:23:51.0674 4384 C:\Windows\SysWOW64\ntdsapi.dll - ok
18:23:51.0674 4384 [ 149126216A694E6BA84E92ECA77AAE3B ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
18:23:51.0674 4384 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe - ok
18:23:51.0690 4384 [ 1917BE7C440DC7CF04304F0AFD7FDD16 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
18:23:51.0690 4384 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe - ok
18:23:51.0690 4384 [ AA11E1368EEB237DD100BAC6AFFE1C57 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
18:23:51.0690 4384 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe - ok
18:23:51.0706 4384 [ 4A7C441D99D86704D194E7678873B95D ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
18:23:51.0706 4384 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe - ok
18:23:51.0706 4384 [ C0DB4A84B7D465BCFEE32A1764B22399 ] C:\Program Files\Elantech\ETDApi.dll
18:23:51.0706 4384 C:\Program Files\Elantech\ETDApi.dll - ok
18:23:51.0721 4384 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
18:23:51.0721 4384 C:\Windows\SysWOW64\hid.dll - ok
18:23:51.0721 4384 [ 7D4DF3E078A0EC810604B3DEC23ABC98 ] C:\Program Files\P4G\DevMng.dll
18:23:51.0721 4384 C:\Program Files\P4G\DevMng.dll - ok
18:23:51.0737 4384 [ 9AB802C4321BA2BD6D5F41CCCE6CDB9E ] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
18:23:51.0737 4384 C:\Program Files (x86)\ASUS\Splendid\OVS.dll - ok
18:23:51.0737 4384 [ DCC2D8A64776B9C545AA4F53760A7690 ] C:\Program Files\P4G\OvrClk.dll
18:23:51.0737 4384 C:\Program Files\P4G\OvrClk.dll - ok
18:23:51.0752 4384 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\SysWOW64\mfc42u.dll
18:23:51.0752 4384 C:\Windows\SysWOW64\mfc42u.dll - ok
18:23:51.0752 4384 [ 5368DAC1D13B2331A4F6E7530EBCDBE8 ] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
18:23:51.0752 4384 C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll - ok
18:23:51.0768 4384 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
18:23:51.0768 4384 C:\Windows\SysWOW64\taskschd.dll - ok
18:23:51.0768 4384 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
18:23:51.0768 4384 C:\Windows\System32\wbem\cimwin32.dll - ok
18:23:51.0784 4384 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
18:23:51.0784 4384 C:\Windows\System32\framedynos.dll - ok
18:23:51.0784 4384 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
18:23:51.0784 4384 C:\Windows\System32\wmi.dll - ok
18:23:51.0799 4384 [ 4F72C8B661DEC62F4DF0F15D33106372 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll
18:23:51.0799 4384 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll - ok
18:23:51.0799 4384 [ D6E497D23F4D7593145349F6E6BD56CA ] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
18:23:51.0799 4384 C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll - ok
18:23:51.0815 4384 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
18:23:51.0815 4384 C:\Windows\SysWOW64\odbc32.dll - ok
18:23:51.0815 4384 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
18:23:51.0815 4384 C:\Windows\SysWOW64\xmllite.dll - ok
18:23:51.0830 4384 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
18:23:51.0830 4384 C:\Windows\SysWOW64\odbcint.dll - ok
18:23:51.0830 4384 [ 41A5048E49372F091B2AE5A5B705B72D ] C:\Windows\SysWOW64\ACEngSvr.exe
18:23:51.0830 4384 C:\Windows\SysWOW64\ACEngSvr.exe - ok
18:23:51.0846 4384 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
18:23:51.0846 4384 C:\Windows\System32\mscms.dll - ok
18:23:51.0846 4384 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
18:23:51.0846 4384 C:\Windows\System32\ddraw.dll - ok
18:23:51.0862 4384 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
18:23:51.0862 4384 C:\Windows\System32\dciman32.dll - ok
18:23:51.0862 4384 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\owner\AppData\Local\Temp\FE510EA9-0CFF-432D-AA71-DE4113671298.exe
18:23:51.0862 4384 C:\Users\owner\AppData\Local\Temp\FE510EA9-0CFF-432D-AA71-DE4113671298.exe - ok
18:23:51.0877 4384 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
18:23:51.0877 4384 C:\Windows\SysWOW64\imagehlp.dll - ok
18:23:51.0877 4384 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
18:23:51.0877 4384 C:\Windows\SysWOW64\ncrypt.dll - ok
18:23:51.0893 4384 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
18:23:51.0893 4384 C:\Windows\SysWOW64\bcrypt.dll - ok
18:23:51.0893 4384 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
18:23:51.0893 4384 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
18:23:51.0908 4384 [ BC6E81E88DB56C66581C5095733D2C30 ] C:\Program Files\P4G\IntlDPST.exe
18:23:51.0908 4384 C:\Program Files\P4G\IntlDPST.exe - ok
18:23:51.0908 4384 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
18:23:51.0908 4384 C:\Windows\SysWOW64\gpapi.dll - ok
18:23:51.0924 4384 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
18:23:51.0924 4384 C:\Windows\SysWOW64\cryptnet.dll - ok
18:23:51.0924 4384 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
18:23:51.0924 4384 C:\Windows\SysWOW64\SensApi.dll - ok
18:23:51.0940 4384 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
18:23:51.0940 4384 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
18:23:51.0940 4384 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
18:23:51.0940 4384 C:\Windows\SysWOW64\EhStorShell.dll - ok
18:23:51.0955 4384 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
18:23:51.0955 4384 C:\Windows\SysWOW64\ntshrui.dll - ok
18:23:51.0955 4384 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
18:23:51.0955 4384 C:\Windows\SysWOW64\cscapi.dll - ok
18:23:51.0971 4384 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
18:23:51.0971 4384 C:\Windows\SysWOW64\slc.dll - ok
18:23:51.0971 4384 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
18:23:51.0971 4384 C:\Windows\SysWOW64\imageres.dll - ok
18:23:51.0971 4384 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
18:23:51.0971 4384 C:\Windows\System32\alg.exe - ok
18:23:51.0986 4384 [ D1CEEA2B47CB998321C579651CE3E4F8 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:23:51.0986 4384 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe - ok
18:23:51.0986 4384 [ 5594A7B4923CF543AC4B9F21FADCAF98 ] C:\Program Files\Elantech\ETDCtrl.exe
18:23:51.0986 4384 C:\Program Files\Elantech\ETDCtrl.exe - ok
18:23:52.0002 4384 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
18:23:52.0002 4384 C:\Windows\ehome\ehrecvr.exe - ok
18:23:52.0002 4384 [ 5B72629C8144D1A96490D4C090D28DA1 ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
18:23:52.0002 4384 C:\Program Files\Microsoft IntelliPoint\ipoint.exe - ok
18:23:52.0018 4384 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
18:23:52.0018 4384 C:\Windows\ehome\ehsched.exe - ok
18:23:52.0018 4384 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
18:23:52.0018 4384 C:\Windows\System32\FXSSVC.exe - ok
18:23:52.0033 4384 [ 8AFCB48CAD2A0AC051FBDEB7289BC0EE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:23:52.0033 4384 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
18:23:52.0049 4384 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:23:52.0049 4384 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe - ok
18:23:52.0049 4384 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] C:\Program Files\iPod\bin\iPodService.exe
18:23:52.0049 4384 C:\Program Files\iPod\bin\iPodService.exe - ok
18:23:52.0064 4384 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] C:\Windows\System32\msdtc.exe
18:23:52.0064 4384 C:\Windows\System32\msdtc.exe - ok
18:23:52.0064 4384 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
18:23:52.0064 4384 C:\Windows\System32\msiexec.exe - ok
18:23:52.0080 4384 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
18:23:52.0080 4384 C:\Windows\System32\Locator.exe - ok
18:23:52.0080 4384 [ 5C396DDE6AAFFB64ABC0E0FD88F53553 ] C:\Windows\AsScrPro.exe
18:23:52.0080 4384 C:\Windows\AsScrPro.exe - ok
18:23:52.0096 4384 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
18:23:52.0096 4384 C:\Windows\System32\snmptrap.exe - ok
18:23:52.0096 4384 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
18:23:52.0096 4384 C:\Windows\System32\UI0Detect.exe - ok
18:23:52.0111 4384 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
18:23:52.0111 4384 C:\Windows\System32\vds.exe - ok
18:23:52.0111 4384 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
18:23:52.0111 4384 C:\Windows\System32\VSSVC.exe - ok
18:23:52.0111 4384 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
18:23:52.0111 4384 C:\Windows\SysWOW64\powrprof.dll - ok
18:23:52.0127 4384 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
18:23:52.0127 4384 C:\Windows\SysWOW64\mfc42.dll - ok
18:23:52.0127 4384 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] C:\Windows\System32\Wat\WatAdminSvc.exe
18:23:52.0127 4384 C:\Windows\System32\Wat\WatAdminSvc.exe - ok
18:23:52.0142 4384 [ 4158324326206AA3A0264842593E0F0B ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_149.ocx
18:23:52.0142 4384 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_149.ocx - ok
18:23:52.0142 4384 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
18:23:52.0158 4384 C:\Windows\System32\wbengine.exe - ok
18:23:52.0158 4384 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
18:23:52.0158 4384 C:\Windows\System32\wbem\WmiApSrv.exe - ok
18:23:52.0158 4384 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
18:23:52.0158 4384 C:\Windows\System32\qmgr.dll - ok
18:23:52.0174 4384 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
18:23:52.0174 4384 C:\Windows\System32\bitsigd.dll - ok
18:23:52.0189 4384 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
18:23:52.0189 4384 C:\Windows\System32\bitsperf.dll - ok
18:23:52.0189 4384 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
18:23:52.0189 4384 C:\Windows\System32\qmgrprxy.dll - ok
18:23:52.0205 4384 [ A204A8659DA3C07F992C69CD972A288F ] C:\Windows\System32\bitsprx5.dll
18:23:52.0205 4384 C:\Windows\System32\bitsprx5.dll - ok
18:23:52.0205 4384 [ 48FDF435B8595604E54125B321924510 ] C:\Windows\SysWOW64\Macromed\Flash\Flash9f.ocx
18:23:52.0205 4384 C:\Windows\SysWOW64\Macromed\Flash\Flash9f.ocx - ok
18:23:52.0220 4384 [ 57B4D34232852BFE4453BE571DF90D21 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
18:23:52.0220 4384 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe - ok
18:23:52.0220 4384 [ C3A5FFD57C2563204CD9351F0C7A0DEA ] C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll
18:23:52.0220 4384 C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll - ok
18:23:52.0236 4384 [ A1A6FC56A1D0DADC164637FE43C40605 ] C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll
18:23:52.0236 4384 C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll - ok
18:23:52.0236 4384 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
18:23:52.0236 4384 C:\Windows\SysWOW64\regsvr32.exe - ok
18:23:52.0236 4384 [ 6A5D0ED8F280AB8E312A4252472A14A4 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
18:23:52.0236 4384 C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll - ok
18:23:52.0252 4384 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
18:23:52.0252 4384 C:\Windows\AppPatch\AcGenral.dll - ok
18:23:52.0252 4384 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
18:23:52.0252 4384 C:\Windows\SysWOW64\wmp.dll - ok
18:23:52.0267 4384 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
18:23:52.0267 4384 C:\Windows\System32\security.dll - ok
18:23:52.0267 4384 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
18:23:52.0267 4384 C:\Windows\System32\browcli.dll - ok
18:23:52.0283 4384 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
18:23:52.0283 4384 C:\Windows\System32\schedcli.dll - ok
18:23:52.0283 4384 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
18:23:52.0283 4384 C:\Windows\SysWOW64\msacm32.dll - ok
18:23:52.0298 4384 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
18:23:52.0298 4384 C:\Windows\SysWOW64\sfc.dll - ok
18:23:52.0298 4384 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
18:23:52.0298 4384 C:\Windows\SysWOW64\sfc_os.dll - ok
18:23:52.0314 4384 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
18:23:52.0314 4384 C:\Windows\System32\wbem\wmipcima.dll - ok
18:23:52.0314 4384 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
18:23:52.0314 4384 C:\Windows\SysWOW64\mpr.dll - ok
18:23:52.0330 4384 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
18:23:52.0330 4384 C:\Windows\SysWOW64\wmploc.DLL - ok
18:23:52.0330 4384 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
18:23:52.0330 4384 C:\Windows\System32\dsound.dll - ok
18:23:52.0345 4384 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
18:23:52.0345 4384 C:\Windows\System32\opengl32.dll - ok
18:23:52.0345 4384 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
18:23:52.0345 4384 C:\Windows\System32\glu32.dll - ok
18:23:52.0361 4384 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
18:23:52.0361 4384 C:\Windows\System32\msimg32.dll - ok
18:23:52.0361 4384 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
18:23:52.0361 4384 C:\Windows\System32\oledlg.dll - ok
18:23:52.0376 4384 [ 4BDE8A57391927CA473C0F93D243C446 ] C:\Windows\System32\RtkCfg64.dll
18:23:52.0376 4384 C:\Windows\System32\RtkCfg64.dll - ok
18:23:52.0376 4384 [ 2168E61B9E3B06EEB8B3EACDFDC4699B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
18:23:52.0376 4384 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll - ok
18:23:52.0392 4384 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
18:23:52.0392 4384 C:\Windows\System32\advpack.dll - ok
18:23:52.0392 4384 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
18:23:52.0392 4384 C:\Windows\SysWOW64\devrtl.dll - ok
18:23:52.0408 4384 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
18:23:52.0408 4384 C:\Windows\SysWOW64\winhttp.dll - ok
18:23:52.0408 4384 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
18:23:52.0408 4384 C:\Windows\System32\ie4uinit.exe - ok
18:23:52.0423 4384 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
18:23:52.0470 4384 C:\Windows\System32\iedkcs32.dll - ok
18:23:52.0470 4384 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
18:23:52.0470 4384 C:\Windows\SysWOW64\webio.dll - ok
18:23:52.0486 4384 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
18:23:52.0486 4384 C:\Windows\System32\timedate.cpl - ok
18:23:52.0486 4384 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
18:23:52.0486 4384 C:\Windows\System32\actxprxy.dll - ok
18:23:52.0501 4384 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
18:23:52.0501 4384 C:\Windows\System32\shdocvw.dll - ok
18:23:52.0501 4384 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
18:23:52.0501 4384 C:\Windows\System32\gameux.dll - ok
18:23:52.0517 4384 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
18:23:52.0517 4384 C:\Windows\System32\msftedit.dll - ok
18:23:52.0517 4384 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
18:23:52.0517 4384 C:\Windows\System32\msls31.dll - ok
18:23:52.0532 4384 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
18:23:52.0532 4384 C:\Windows\SysWOW64\credssp.dll - ok
18:23:52.0532 4384 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
18:23:52.0532 4384 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
18:23:52.0548 4384 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
18:23:52.0548 4384 C:\Windows\SysWOW64\wship6.dll - ok
18:23:52.0548 4384 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
18:23:52.0548 4384 C:\Windows\SysWOW64\dnsapi.dll - ok
18:23:52.0564 4384 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
18:23:52.0564 4384 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
18:23:52.0564 4384 [ 4355CF8BD07B0E48C111FC3D2F36D313 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
18:23:52.0564 4384 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
18:23:52.0579 4384 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
18:23:52.0579 4384 C:\Windows\System32\msiltcfg.dll - ok
18:23:52.0579 4384 [ 9DEA654E4D9820958D6B4D1EBAF2F31E ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
18:23:52.0579 4384 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe - ok
18:23:52.0595 4384 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
18:23:52.0595 4384 C:\Windows\System32\DeviceCenter.dll - ok
18:23:52.0610 4384 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
18:23:52.0610 4384 C:\Windows\SysWOW64\rasadhlp.dll - ok
18:23:52.0610 4384 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll
18:23:52.0610 4384 C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll - ok
18:23:52.0626 4384 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
18:23:52.0626 4384 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
18:23:52.0626 4384 [ 3CDC9975457E78EE6A9D64599DBB76DD ] C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll
18:23:52.0626 4384 C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll - ok
18:23:52.0642 4384 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
18:23:52.0642 4384 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
18:23:52.0642 4384 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
18:23:52.0642 4384 C:\Windows\System32\oleacc.dll - ok
18:23:52.0657 4384 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
18:23:52.0657 4384 C:\Windows\System32\thumbcache.dll - ok
18:23:52.0657 4384 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
18:23:52.0657 4384 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
18:23:52.0673 4384 [ 645F0DEC75EB9B16C11C0D6D5A514878 ] C:\Program Files\Elantech\ETDFavorite.dll
18:23:52.0673 4384 C:\Program Files\Elantech\ETDFavorite.dll - ok
18:23:52.0673 4384 [ 372A32D98022E2323D21C95900329A43 ] C:\Program Files\Elantech\ETDApix.dll
18:23:52.0673 4384 C:\Program Files\Elantech\ETDApix.dll - ok
18:23:52.0688 4384 [ D043032712A18E9EF923DB5C4FB21460 ] C:\Program Files\Elantech\ETDCmds.dll
18:23:52.0688 4384 C:\Program Files\Elantech\ETDCmds.dll - ok
18:23:52.0688 4384 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
18:23:52.0688 4384 C:\Windows\System32\ieframe.dll - ok
18:23:52.0704 4384 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
18:23:52.0704 4384 C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe - ok
18:23:52.0704 4384 [ 7F009EF4114AC28E642D43CEC449C319 ] C:\Windows\System32\atiu9p64.dll
18:23:52.0704 4384 C:\Windows\System32\atiu9p64.dll - ok
18:23:52.0720 4384 [ F5FBA8724DE219E96D9ABAF4772D31A3 ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
18:23:52.0720 4384 C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe - ok
18:23:52.0720 4384 [ D7CB3CD24E6728E09BEB7A23662C8282 ] C:\Windows\System32\atiumd64.dll
18:23:52.0720 4384 C:\Windows\System32\atiumd64.dll - ok
18:23:52.0735 4384 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
18:23:52.0735 4384 C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe - ok
18:23:52.0735 4384 [ 652B4E6919AB957E202057FD60D1B42A ] C:\Program Files (x86)\CyberLink\PowerDVD9\CLRCEngine3.dll
18:23:52.0735 4384 C:\Program Files (x86)\CyberLink\PowerDVD9\CLRCEngine3.dll - ok
18:23:52.0751 4384 [ D955933A983C6E50275EDE2EADBD8EF7 ] C:\Program Files\Elantech\ETDCtrlHelper.exe
18:23:52.0751 4384 C:\Program Files\Elantech\ETDCtrlHelper.exe - ok
18:23:52.0751 4384 [ 1020C0C4BAC624DAF56712EA6D5865CE ] C:\Program Files (x86)\CyberLink\PowerDVD9\msvcr71.dll
18:23:52.0751 4384 C:\Program Files (x86)\CyberLink\PowerDVD9\msvcr71.dll - ok
18:23:52.0766 4384 [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
18:23:52.0766 4384 C:\Windows\System32\l3codeca.acm - ok
18:23:52.0766 4384 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
18:23:52.0766 4384 C:\Windows\SysWOW64\msiltcfg.dll - ok
18:23:52.0782 4384 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
18:23:52.0782 4384 C:\Windows\SysWOW64\msi.dll - ok
18:23:52.0782 4384 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
18:23:52.0782 4384 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
18:23:52.0798 4384 [ 1E70071E1753E43983B1202CE98AEC6F ] C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
18:23:52.0798 4384 C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe - ok
18:23:52.0798 4384 [ 1FFF9816FBBE6DD3D97029234CA425A0 ] C:\Windows\System32\atiumd6a.dll
18:23:52.0798 4384 C:\Windows\System32\atiumd6a.dll - ok
18:23:52.0813 4384 [ D36DA0A5C531353C5FF5E29242649257 ] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
18:23:52.0813 4384 C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe - ok
18:23:52.0813 4384 [ 07DD9DCD1CC2840751A1F8772F3C0195 ] C:\Program Files\Microsoft Games\Chess\Chess.exe
18:23:52.0813 4384 C:\Program Files\Microsoft Games\Chess\Chess.exe - ok
18:23:52.0829 4384 [ C32B36D2168AEA9D4FA77C0A4F56379D ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
18:23:52.0829 4384 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - ok
18:23:52.0844 4384 [ 6FCA49B4085C32D1CC738C16142C0CDD ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
18:23:52.0844 4384 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - ok
18:23:52.0844 4384 [ 5AEBF6FA9805C9101220AA4FB4FA17E7 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
18:23:52.0844 4384 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - ok
18:23:52.0860 4384 [ 68A08BA1199D30FD75F8E866FB084A2F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
18:23:52.0860 4384 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
18:23:52.0860 4384 [ FD22B00049F775E952371E9C3DAC631B ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
18:23:52.0860 4384 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ok
18:23:52.0876 4384 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:23:52.0876 4384 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
18:23:52.0876 4384 [ 4FCDC4801A1E4B05DB2BE6D351E24278 ] C:\Windows\SysWOW64\atiadlxy.dll
18:23:52.0876 4384 C:\Windows\SysWOW64\atiadlxy.dll - ok
18:23:52.0891 4384 [ C8F2E23F7C7C043013CB21D354605678 ] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Res.dll
18:23:52.0891 4384 C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Res.dll - ok
18:23:52.0891 4384 [ 5AA4DF6CD3C96086955064BEC1CD0C9B ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
18:23:52.0891 4384 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
18:23:52.0907 4384 [ E7704CBF568815C1CAA6E513387BD3F2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
18:23:52.0907 4384 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
18:23:52.0907 4384 [ 06B4C8D5D9708A7494AC7C02CD54650E ] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
18:23:52.0907 4384 C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll - ok
18:23:52.0922 4384 [ 388CE212A119271EEA68F42712F3F64F ] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
18:23:52.0922 4384 C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL - ok
18:23:52.0922 4384 [ E7C665D4AFAAB45A9086D02FFC87A4B4 ] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
18:23:52.0922 4384 C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll - ok
18:23:52.0938 4384 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\83708986.sys
18:23:52.0938 4384 C:\Windows\System32\drivers\83708986.sys - ok
18:23:52.0938 4384 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
18:23:52.0938 4384 C:\Windows\SysWOW64\wlanapi.dll - ok
18:23:52.0954 4384 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
18:23:52.0954 4384 C:\Windows\SysWOW64\wlanutil.dll - ok
18:23:52.0954 4384 [ 5639F14AFDF7983ACB13D19FD6321535 ] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\ClientLite.dll
18:23:52.0954 4384 C:\Program Files (x86)\Boingo\Boingo Wi-Fi\ClientLite.dll - ok
18:23:52.0969 4384 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
18:23:52.0969 4384 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
18:23:52.0969 4384 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
18:23:52.0969 4384 C:\Windows\System32\riched20.dll - ok
18:23:52.0985 4384 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
18:23:52.0985 4384 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
18:23:53.0000 4384 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
18:23:53.0000 4384 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
18:23:53.0000 4384 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
18:23:53.0000 4384 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
18:23:53.0016 4384 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
18:23:53.0016 4384 C:\Windows\System32\stobject.dll - ok
18:23:53.0016 4384 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
18:23:53.0016 4384 C:\Windows\System32\batmeter.dll - ok
18:23:53.0032 4384 [ 8C6C8A51FFEEB50E72B3A08EB7BDCCF2 ] C:\Program Files\ASUS\Fast Boot\FastBoot.exe
18:23:53.0032 4384 C:\Program Files\ASUS\Fast Boot\FastBoot.exe - ok
18:23:53.0032 4384 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
18:23:53.0032 4384 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
18:23:53.0032 4384 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
18:23:53.0032 4384 C:\Windows\System32\prnfldr.dll - ok
18:23:53.0047 4384 [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll
18:23:53.0047 4384 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok
18:23:53.0063 4384 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
18:23:53.0063 4384 C:\Windows\SysWOW64\msxml6.dll - ok
18:23:53.0063 4384 [ 107243179484027540978F075F6941D4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\24a22e5e6d47c2509aae62c7e9da0500\System.Windows.Forms.ni.dll
18:23:53.0063 4384 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\24a22e5e6d47c2509aae62c7e9da0500\System.Windows.Forms.ni.dll - ok
18:23:53.0078 4384 [ 7048B323E17D2D72862491BF9DB8FB23 ] C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe
18:23:53.0078 4384 C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe - ok
18:23:53.0078 4384 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
18:23:53.0078 4384 C:\Windows\System32\shfolder.dll - ok
18:23:53.0094 4384 [ 4D79D8F95143184B9C05F21396DE7645 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ef8150a4b9439bd8fe200670681db670\System.Data.ni.dll
18:23:53.0094 4384 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ef8150a4b9439bd8fe200670681db670\System.Data.ni.dll - ok
18:23:53.0094 4384 [ 98D53BB2DB8E11762D30C3CF41FA140B ] C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
18:23:53.0094 4384 C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
18:23:53.0110 4384 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
18:23:53.0110 4384 C:\Windows\System32\DXP.dll - ok
18:23:53.0110 4384 [ 9AAADE86A4659A69CF5AA298C8AEEC22 ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
18:23:53.0110 4384 C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok
18:23:53.0125 4384 [ 5CCD5B62076D4432D4728BB6CB3DEBFD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll
18:23:53.0125 4384 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll - ok
18:23:53.0125 4384 [ B3EE7BD189C5925D4C0D2BBFCA00FDD1 ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
18:23:53.0125 4384 C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok
18:23:53.0141 4384 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
18:23:53.0141 4384 C:\Windows\System32\Syncreg.dll - ok
18:23:53.0141 4384 [ 8965A4CAA8E006F5F32D084CABD3679E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll
18:23:53.0141 4384 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll - ok
18:23:53.0156 4384 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
18:23:53.0156 4384 C:\Windows\ehome\ehSSO.dll - ok
18:23:53.0156 4384 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
18:23:53.0156 4384 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
18:23:53.0172 4384 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
18:23:53.0172 4384 C:\Program Files\Microsoft Security Client\msseces.exe - ok
18:23:53.0172 4384 [ 4698B159A29FB25BA8B6159CA5A96417 ] C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
18:23:53.0172 4384 C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe - ok
18:23:53.0188 4384 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
18:23:53.0188 4384 C:\Windows\System32\AltTab.dll - ok
18:23:53.0188 4384 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
18:23:53.0188 4384 C:\Windows\System32\WPDShServiceObj.dll - ok
18:23:53.0203 4384 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
18:23:53.0203 4384 C:\Windows\System32\PortableDeviceTypes.dll - ok
18:23:53.0203 4384 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
18:23:53.0203 4384 C:\Windows\System32\pnidui.dll - ok
18:23:53.0219 4384 [ 064337998D55AD7D639650F49E0CD3AB ] C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe
18:23:53.0219 4384 C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe - ok
18:23:53.0234 4384 [ 74EF310FAC89341CE2897B7F2C4A7B0F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
18:23:53.0234 4384 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
18:23:53.0234 4384 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
18:23:53.0234 4384 C:\Windows\System32\QUTIL.DLL - ok
18:23:53.0250 4384 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
18:23:53.0250 4384 C:\Windows\System32\bthprops.cpl - ok
18:23:53.0250 4384 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
18:23:53.0250 4384 C:\Windows\System32\srchadmin.dll - ok
18:23:53.0250 4384 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
18:23:53.0250 4384 C:\Windows\System32\mssprxy.dll - ok
18:23:53.0266 4384 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
18:23:53.0266 4384 C:\Windows\System32\webcheck.dll - ok
18:23:53.0281 4384 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
18:23:53.0281 4384 C:\Windows\System32\rasdlg.dll - ok
18:23:53.0281 4384 [ 0181B4C10F409299E0D8EE130EF87353 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\c54fc0cac648a174c5e35bd6589c9390\System.Management.ni.dll
18:23:53.0281 4384 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\c54fc0cac648a174c5e35bd6589c9390\System.Management.ni.dll - ok
18:23:53.0297 4384 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
18:23:53.0297 4384 C:\Windows\System32\mlang.dll - ok
18:23:53.0297 4384 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
18:23:53.0297 4384 C:\Windows\System32\SyncCenter.dll - ok
18:23:53.0297 4384 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
18:23:53.0297 4384 C:\Windows\SysWOW64\riched20.dll - ok
18:23:53.0312 4384 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
18:23:53.0312 4384 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
18:23:53.0312 4384 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
18:23:53.0312 4384 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
18:23:53.0328 4384 [ A6071FCAC74DB12D8CE03D78D6154D86 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\cd91841321f9942330b6097dcd96dce9\System.Web.ni.dll
18:23:53.0328 4384 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\cd91841321f9942330b6097dcd96dce9\System.Web.ni.dll - ok
18:23:53.0344 4384 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
18:23:53.0344 4384 C:\Windows\System32\FXSST.dll - ok
18:23:53.0344 4384 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
18:23:53.0344 4384 C:\Windows\System32\dot3api.dll - ok
18:23:53.0344 4384 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
18:23:53.0344 4384 C:\Windows\System32\FXSAPI.dll - ok
18:23:53.0359 4384 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
18:23:53.0359 4384 C:\Windows\System32\wlanhlp.dll - ok
18:23:53.0359 4384 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
18:23:53.0359 4384 C:\Windows\System32\wlanapi.dll - ok
18:23:53.0375 4384 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
18:23:53.0375 4384 C:\Windows\SysWOW64\duser.dll - ok
18:23:53.0375 4384 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
18:23:53.0375 4384 C:\Windows\System32\FXSRESM.dll - ok
18:23:53.0390 4384 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
18:23:53.0390 4384 C:\Windows\SysWOW64\dui70.dll - ok
18:23:53.0390 4384 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
18:23:53.0390 4384 C:\Windows\System32\imapi2.dll - ok
18:23:53.0406 4384 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
18:23:53.0406 4384 C:\Windows\System32\UIAnimation.dll - ok
18:23:53.0406 4384 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
18:23:53.0406 4384 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
18:23:53.0422 4384 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
18:23:53.0422 4384 C:\Windows\System32\WWanAPI.dll - ok
18:23:53.0422 4384 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
18:23:53.0422 4384 C:\Windows\System32\wwapi.dll - ok
18:23:53.0437 4384 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
18:23:53.0437 4384 C:\Windows\System32\hgcpl.dll - ok
18:23:53.0437 4384 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
18:23:53.0437 4384 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
18:23:53.0453 4384 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
18:23:53.0453 4384 C:\Windows\System32\QAGENT.DLL - ok
18:23:53.0453 4384 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
18:23:53.0453 4384 C:\Windows\System32\fdPHost.dll - ok
18:23:53.0468 4384 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
18:23:53.0468 4384 C:\Windows\System32\fdWSD.dll - ok
18:23:53.0468 4384 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
18:23:53.0468 4384 C:\Windows\System32\FDResPub.dll - ok
18:23:53.0484 4384 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
18:23:53.0484 4384 C:\Windows\System32\fdSSDP.dll - ok
18:23:53.0484 4384 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
18:23:53.0484 4384 C:\Windows\System32\fdProxy.dll - ok
18:23:53.0500 4384 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
18:23:53.0500 4384 C:\Windows\System32\P2P.dll - ok
18:23:53.0500 4384 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
18:23:53.0500 4384 C:\Windows\System32\ListSvc.dll - ok
18:23:53.0515 4384 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
18:23:53.0515 4384 C:\Windows\System32\IdListen.dll - ok
18:23:53.0515 4384 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
18:23:53.0515 4384 C:\Windows\System32\hgprint.dll - ok
18:23:53.0531 4384 [ 8323B32A6FC3FCD7E5C8BA94B36CE162 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll
18:23:53.0531 4384 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll - ok
18:23:53.0531 4384 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
18:23:53.0531 4384 C:\Windows\System32\pnrpsvc.dll - ok
18:23:53.0546 4384 [ EB596E72F63B7C31BE8DF75FA8829B3F ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
18:23:53.0546 4384 C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok
18:23:53.0546 4384 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
18:23:53.0546 4384 C:\Windows\System32\p2psvc.dll - ok
18:23:53.0562 4384 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
18:23:53.0562 4384 C:\Windows\System32\P2PGraph.dll - ok
18:23:53.0562 4384 [ 2E7029E262A0E0425EB9D893A24BE031 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\SimpleAES64.dll
18:23:53.0562 4384 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\SimpleAES64.dll - ok
18:23:53.0578 4384 [ 5BACFD51D926774C8DD8028BEC9B4374 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
18:23:53.0578 4384 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
18:23:53.0578 4384 [ 473C82D719F297E4F7107A11B0F43842 ] C:\Windows\System32\atipdl64.dll
18:23:53.0578 4384 C:\Windows\System32\atipdl64.dll - ok
18:23:53.0593 4384 [ FCCDF0ABB88DB2AB02C81810ABE5EE8E ] C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
18:23:53.0593 4384 C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe - ok
18:23:53.0593 4384 ============================================================
18:23:53.0593 4384 Scan finished
18:23:53.0593 4384 ============================================================
18:23:53.0609 4376 Detected object count: 0
18:23:53.0609 4376 Actual detected object count: 0
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm

Re: Browser does not go where I want it to

Unread postby melboy » February 14th, 2013, 3:29 am

Hi

That looks good, let me know how things are running after completing these steps.


Update Java Runtime

You are using an old version of Java. Oracle's Java (Was Sun Java) is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system. The most current version of Oracle Java is: Java Runtime Environment Version 7 Update 13.

  • Go to Oracle Java
  • Scroll down to where it says "Java Platform, Standard Edition. Java SE 7 Update 13"
  • Click the Download JRE button to the right.
  • Check the box to Accept License Agreement
  • In the list of files, Look to Windows x86 Offline & click on the link to the right which says "jre-7u13-windows-i586.exe" and save the downloaded file to your desktop.
  • Uninstall all old versions of Java via Start > Control Panel > Add/Remove Programs:
    Java 7 Update 9
    Java Auto Update
  • Install the new version by running the newly-downloaded file with the java icon which will be at your desktop, and follow the on-screen instructions.
  • Reboot your computer



TFC

  • Please download TFC by Old Timer to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Right click on TFC.exe and select "Run as Administrator"
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.



Malwarebytes' Anti-Malware (MBAM)

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup-version.number.exe and follow the prompts to install the program.
  • At the end of the installation, Uncheck Enable the free trial Malwarebytes' Anti-Malware PRO
    (You can activate this when we've finished, if you wish)
  • Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Select the Settings tab, then the Scanner Settings tab
  • For Action for Potentially Unwanted Programs (PUP), choose Show in results list and check for removal
  • Select to the Scanner tab, select Perform Quick scan, then click on Scan
  • When done, you will be prompted. Click OK. If Items are found, then click on Show Results
  • Check all items then click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply.

    The log can also be found here:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Or via the Logs tab when the application is started.
.
Note: If malware is found, MBAM may ask to reboot your computer so it can continue with the removal process - please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



ESET Online Scanner

Note: You can use either Internet Explorer, Google Chrome or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan.
    Note: If using Chrome or Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer, Chrome or FireFox.
  • Click Run ESET Online Scanner
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
  • Now click on: Image (Selecting Uninstall application on close if you so wish)
  • Re-enable your anti-virus software.
User avatar
melboy
MRU Expert
MRU Expert
 
Posts: 3670
Joined: July 25th, 2008, 4:25 pm
Location: UK

Re: Browser does not go where I want it to

Unread postby punkpal » February 14th, 2013, 10:35 pm

Java updated successfully
TFC scan successful

Here is the Malwarebytes log:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.15.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
owner :: CHRISCROSS-PC [administrator]

2/14/2013 9:28:06 PM
mbam-log-2013-02-14 (21-28-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212603
Time elapsed: 3 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm

Re: Browser does not go where I want it to

Unread postby punkpal » February 15th, 2013, 12:50 am

ESET Log:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=542323d7695f944c919727200cefcec3
# engine=13159
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-02-15 04:38:16
# local_time=2013-02-14 11:38:16 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5892 16777213 88 94 10838020 13602868 0 0
# scanned=159055
# found=7
# cleaned=0
# scan_time=6589
sh=635D3AEDB135C32B75745DA7857E73EA9B4B8E0B ft=1 fh=0a42bfe9d90bfdea vn="a variant of Win32/Kryptik.AUFF trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\owner\wgsdgsdgdsgsd.exe.vir"
sh=BD1D3BF759D78450B2F5ABD9F29B5EF91D684536 ft=1 fh=c98886797a059119 vn="Win32/Olmarik.AYI trojan" ac=I fn="C:\TDSSKiller_Quarantine\12.02.2013_22.22.42\mbr0000\tdlfs0000\tsk0000.dta"
sh=4781EFFAD9D0938135EF5BA6626A8E482D3B0440 ft=1 fh=4c206476c33a93dd vn="Win64/Olmarik.AM trojan" ac=I fn="C:\TDSSKiller_Quarantine\12.02.2013_22.22.42\mbr0000\tdlfs0000\tsk0001.dta"
sh=30DC71AB99D6BFAA084CD28E4B3E37F5897D85E7 ft=1 fh=c6e66aefa20e7d44 vn="Win32/Olmarik.AWO trojan" ac=I fn="C:\TDSSKiller_Quarantine\12.02.2013_22.22.42\mbr0000\tdlfs0000\tsk0002.dta"
sh=00725FA829B19880824C81D349D3FCF2A1AF8DE9 ft=1 fh=d9be55e9dc4b9b98 vn="Win64/Olmarik.AN trojan" ac=I fn="C:\TDSSKiller_Quarantine\12.02.2013_22.22.42\mbr0000\tdlfs0000\tsk0003.dta"
sh=F6FE0B6B7C92FEF6CBA3DB3D1435AC00F27F7EA1 ft=1 fh=a8456031c362e5e7 vn="Win32/Olmarik.AFK trojan" ac=I fn="C:\TDSSKiller_Quarantine\12.02.2013_22.22.42\mbr0000\tdlfs0000\tsk0007.dta"
sh=5F329A1069EB6A8151C2CA3E589DBF1B481B50A2 ft=1 fh=107f253539197b01 vn="Win64/Olmarik.AK trojan" ac=I fn="C:\TDSSKiller_Quarantine\12.02.2013_22.22.42\mbr0000\tdlfs0000\tsk0008.dta"
punkpal
Regular Member
 
Posts: 37
Joined: February 4th, 2013, 4:32 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 42 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware