Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware and ZAccess [Solved]

Started by mak91las , Apr 29 2013 04:22 PM

  • This topic is locked This topic is locked

#1
mak91las
Posted 29 April 2013 - 04:22 PM

mak91las

    New Member

  • Member
  • Pip
  • 8 posts
Hi. English is not my first language so I'm really sorry for my grammar mistakes. I'm not very practical with malwares but I really hope you can help me. AVAST keeps alerting me of infected files in my system. it deletes them and they keep returning in the original directory.

C:\Windows\Installer\{0C131833-B65A-68D4-C7F1-8C0C60A6AAE5}\U\80000064.@ (win32:ZAccess-PC[trj])
C:\Windows\Installer\{0C131833-B65A-68D4-C7F1-8C0C60A6AAE5}\U\80000032.@ (win32:ZAccess-PC[trj])
C:\Windows\Installer\{0C131833-B65A-68D4-C7F1-8C0C60A6AAE5}\U\000000cb.@ (win32:malware-gen)

OTL

OTL logfile created on: 29/04/2013 23:52:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lorusso\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,79 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 23,80% Memory free
7,59 Gb Paging File | 2,51 Gb Available in Paging File | 33,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 15,39 Gb Free Space | 13,22% Space Free | Partition Type: NTFS
Drive D: | 329,79 Gb Total Space | 129,37 Gb Free Space | 39,23% Space Free | Partition Type: NTFS
Drive K: | 465,73 Gb Total Space | 174,44 Gb Free Space | 37,46% Space Free | Partition Type: NTFS

Computer Name: LORUSSO-PC | User Name: Lorusso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/29 23:51:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lorusso\Downloads\OTL.exe
PRC - [2013/04/24 11:08:32 | 002,795,048 | ---- | M] (Iminent) -- C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
PRC - [2013/04/18 09:17:40 | 004,555,776 | ---- | M] (Spotify Ltd) -- C:\Users\Lorusso\AppData\Roaming\Spotify\spotify.exe
PRC - [2013/04/18 09:17:39 | 001,105,408 | ---- | M] (Spotify Ltd) -- C:\Users\Lorusso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/03/25 18:37:16 | 000,880,984 | ---- | M] (BitTorrent Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe
PRC - [2013/03/12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Lorusso\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/01 16:09:24 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
PRC - [2012/08/21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/08/13 11:33:48 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012/08/13 11:33:48 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012/08/09 23:12:18 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/07/03 09:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/02/28 14:42:58 | 001,679,360 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
PRC - [2011/03/09 12:41:08 | 001,066,896 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2011/01/05 11:09:52 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/07/19 22:36:01 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010/07/02 09:54:58 | 000,201,472 | ---- | M] () -- C:\Program Files (x86)\IMinent Toolbar\TbHelper2.exe
PRC - [2010/04/05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2010/03/27 17:34:00 | 001,800,808 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/02/08 20:04:04 | 001,080,448 | ---- | M] (asus) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
PRC - [2010/02/05 19:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/02/04 23:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/01/31 00:27:38 | 000,141,061 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
PRC - [2010/01/05 22:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/01/05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/12/15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/10/01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/07/31 19:38:26 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2009/07/31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/06/24 21:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/18 09:17:40 | 024,985,600 | ---- | M] () -- C:\Users\Lorusso\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2013/04/09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013/04/09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/03/24 12:11:45 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/03/24 12:09:28 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/03/24 12:09:01 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/03/24 12:08:48 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/03/24 12:08:43 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/03/24 12:08:40 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/03/24 12:08:31 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/03/24 12:08:25 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/03/24 12:08:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab2d590a7a1566fe78e3275a90a30ceb\System.Configuration.ni.dll
MOD - [2013/03/24 12:08:20 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/03/24 12:08:12 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/12/19 11:23:02 | 000,117,448 | ---- | M] () -- C:\Program Files (x86)\IMinent Toolbar\TbCommonUtils.dll
MOD - [2012/08/10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/20 14:19:56 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2010/11/20 14:19:56 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2010/11/13 01:50:53 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/07/02 09:54:58 | 000,201,472 | ---- | M] () -- C:\Program Files (x86)\IMinent Toolbar\TbHelper2.exe
MOD - [2010/02/03 01:51:50 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
MOD - [2010/02/03 01:51:32 | 000,186,880 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
MOD - [2010/02/03 01:51:24 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
MOD - [2010/02/03 01:51:14 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
MOD - [2010/02/03 01:51:10 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
MOD - [2010/01/31 00:27:54 | 001,438,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libzvbi_plugin.dll
MOD - [2010/01/31 00:27:54 | 001,190,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvorbis_plugin.dll
MOD - [2010/01/31 00:27:54 | 001,120,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libxml_plugin.dll
MOD - [2010/01/31 00:27:54 | 001,037,312 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtaglib_plugin.dll
MOD - [2010/01/31 00:27:54 | 000,359,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtheora_plugin.dll
MOD - [2010/01/31 00:27:54 | 000,077,312 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libzip_plugin.dll
MOD - [2010/01/31 00:27:54 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvout_directx_plugin.dll
MOD - [2010/01/31 00:27:54 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvcd_plugin.dll
MOD - [2010/01/31 00:27:54 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libwaveout_plugin.dll
MOD - [2010/01/31 00:27:54 | 000,044,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvobsub_plugin.dll
MOD - [2010/01/31 00:27:54 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuy2_i420_plugin.dll
MOD - [2010/01/31 00:27:54 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuy2_i422_plugin.dll
MOD - [2010/01/31 00:27:54 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuvp_plugin.dll
MOD - [2010/01/31 00:27:54 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll
MOD - [2010/01/31 00:27:52 | 010,196,992 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libqt4_plugin.dll
MOD - [2010/01/31 00:27:52 | 002,104,320 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libskins2_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,743,936 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libschroedinger_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,288,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsdl_image_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libswscale_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,129,536 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libspeex_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,050,176 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsubtitle_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsubsdec_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libspudec_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libscaletempo_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsvcdsub_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_rar_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\librawvideo_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libscale_plugin.dll
MOD - [2010/01/31 00:27:52 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_record_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpng_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,186,880 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmp4_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,130,560 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libplaylist_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_h264_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,052,736 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4audio_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_dirac_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_vc1_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpegvideo_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4video_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mlp_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll
MOD - [2010/01/31 00:27:50 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblpcm_plugin.dll
MOD - [2010/01/31 00:27:48 | 001,736,704 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfreetype_plugin.dll
MOD - [2010/01/31 00:27:48 | 001,732,608 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblibass_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfaad_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,268,800 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflac_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,228,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvdnav_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,209,920 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdshow_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,150,528 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblibmpeg2_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,149,504 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvbsub_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,134,656 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_sse2_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,090,624 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libkate_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_mmx_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,056,832 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libblend_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,055,296 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirect3d_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,051,712 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_sse2_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,047,104 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libhotkeys_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_sse2_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflacsys_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcmml_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libconverter_float_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_mmx_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libes_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdts_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_mmx_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfake_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcvdsub_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcdg_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblinear_resampler_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libglobalhotkeys_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libinvmem_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_i420_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libgrey_yuv_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdrawable_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_ymga_mmx_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdemux_cdg_plugin.dll
MOD - [2010/01/31 00:27:48 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_ymga_plugin.dll
MOD - [2010/01/31 00:27:46 | 005,726,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll
MOD - [2010/01/31 00:27:46 | 000,091,648 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavi_plugin.dll
MOD - [2010/01/31 00:27:46 | 000,047,104 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libbandlimited_resampler_plugin.dll
MOD - [2010/01/31 00:27:44 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libasf_plugin.dll
MOD - [2010/01/31 00:27:44 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaraw_plugin.dll
MOD - [2010/01/31 00:27:44 | 000,044,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaout_directx_plugin.dll
MOD - [2010/01/31 00:27:44 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libadpcm_plugin.dll
MOD - [2010/01/31 00:27:44 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaes3_plugin.dll
MOD - [2010/01/31 00:27:42 | 002,183,680 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
MOD - [2010/01/31 00:27:42 | 000,114,176 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
MOD - [2010/01/31 00:27:42 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_bd_plugin.dll
MOD - [2010/01/31 00:27:42 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll
MOD - [2010/01/31 00:27:42 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_directory_plugin.dll
MOD - [2010/01/31 00:27:42 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52_plugin.dll
MOD - [2010/01/31 00:27:42 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_file_plugin.dll
MOD - [2010/01/31 00:27:42 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_fake_plugin.dll
MOD - [2010/01/31 00:27:42 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll
MOD - [2010/01/31 00:27:38 | 000,141,061 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
MOD - [2010/01/05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/08/04 13:27:01 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_it_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/03/09 12:10:40 | 000,288,768 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2009/12/08 01:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/08/06 23:17:46 | 000,118,672 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/04/28 14:56:08 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/24 11:08:32 | 002,795,048 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe -- (SProtection)
SRV - [2012/12/18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/03/09 12:41:10 | 000,491,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 12:41:08 | 001,066,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010/04/05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2010/03/27 17:34:00 | 001,800,808 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/10/01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/10/01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/08 11:36:20 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys -- (WsAudioDevice_383S(1)
DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/04/06 20:15:10 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 23:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/10/03 17:41:58 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 17:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011/01/10 19:28:13 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/02 11:08:58 | 000,135,168 | ---- | M] (ONDA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ONDAusbnet.sys -- (ONDAusbnet)
DRV:64bit: - [2010/09/02 11:08:46 | 000,119,680 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ondausbser6k.sys -- (ONDAusbser6k)
DRV:64bit: - [2010/09/02 11:08:46 | 000,119,680 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ondausbnmea.sys -- (ONDAusbnmea)
DRV:64bit: - [2010/09/02 11:08:46 | 000,119,680 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ondausbmdm6k.sys -- (ONDAusbmdm6k)
DRV:64bit: - [2010/09/01 14:33:12 | 000,088,064 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_ecm.sys -- (vodafone_K3805-z_cdc_ecm)
DRV:64bit: - [2010/09/01 14:33:12 | 000,078,336 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_acm.sys -- (vodafone_K3805-z_cdc_acm)
DRV:64bit: - [2010/09/01 14:33:12 | 000,075,776 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV:64bit: - [2010/09/01 14:33:12 | 000,013,824 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cpo.sys -- (vodafone_K3805-z_cpo)
DRV:64bit: - [2010/07/19 22:35:58 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2010/04/28 08:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/22 05:43:34 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/03/03 13:51:39 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/02 10:45:23 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/02/26 10:32:11 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/25 05:26:57 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME)
DRV:64bit: - [2010/02/03 00:38:29 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/01/18 14:37:57 | 000,128,512 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/10/30 04:50:03 | 000,704,512 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/18 10:23:31 | 000,143,472 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/08/06 23:17:34 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/18 21:18:10 | 000,015,928 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 12:15:57 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009/05/13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...E&cr=1656014362
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...Date=28/04/2013
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://it.ask.com?o=16795s&l=dis [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent...84-BF8E09134DCA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Funmoods"
FF - prefs.js..extensions.enabledAddons: {edb461b8-28ee-46c6-94f7-d384260db9eb}:1.0
FF - prefs.js..extensions.enabledAddons: [email protected]:1.5.1
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..keyword.URL: "http://www.google.co...t=firefox-a&q="
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://start.iminent...4-BF8E09134DCA"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Lorusso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lorusso\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lorusso\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\hblite\bin\11.0.358.0\firefox\extensions [2011/03/03 19:06:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi [2012/03/30 18:29:57 | 000,102,423 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/09/05 12:11:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Iminent\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/13 20:04:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/15 16:55:35 | 000,000,000 | ---D | M]

[2010/10/15 17:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lorusso\AppData\Roaming\mozilla\Extensions
[2010/10/15 17:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lorusso\AppData\Roaming\mozilla\Extensions\[email protected]
[2013/04/28 12:08:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lorusso\AppData\Roaming\mozilla\Firefox\Profiles\xgcccbgt.default\extensions
[2012/12/08 00:46:03 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Lorusso\AppData\Roaming\mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]
[2013/04/28 12:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lorusso\AppData\Roaming\mozilla\Firefox\Profiles\xgcccbgt.default\extensions\staged
[2013/04/28 12:03:35 | 000,006,350 | ---- | M] () -- C:\Users\Lorusso\AppData\Roaming\mozilla\firefox\profiles\xgcccbgt.default\searchplugins\Google.xml
[2012/11/20 15:13:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/09/06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/06 06:44:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: StartWeb (Enabled)
CHR - default_search_provider: search_url = http://start.iminent...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.it/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: avast! WebRep = C:\Users\Lorusso\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1D03A978-AC0C-4004-B9FD-9CF361C7BD3F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run File not found
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" File not found
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe File not found
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [Bubble Dock] "C:\Users\Lorusso\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Lorusso\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Spotify] C:\Users\Lorusso\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Lorusso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Lorusso\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{174454CA-DBB2-48EF-8A75-EB6EDC27E00E}: NameServer = 83.224.70.62 83.224.70.78
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23624D30-AA58-45B8-B2E0-EBA4B5BCB1B0}: DhcpNameServer = 213.230.130.222 217.200.200.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{561F8B07-48DA-48A9-801E-3B17BAE3889C}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9c47095f-1c96-11e0-b898-99d5a99f6ee6}\Shell - "" = AutoRun
O33 - MountPoints2\{9c47095f-1c96-11e0-b898-99d5a99f6ee6}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{c22b18e3-f7f9-11e0-8e44-ea7308068614}\Shell - "" = AutoRun
O33 - MountPoints2\{c22b18e3-f7f9-11e0-8e44-ea7308068614}\Shell\AutoRun\command - "" = J:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{fc60c128-66a1-11e1-8ad3-e47541a86cfd}\Shell - "" = AutoRun
O33 - MountPoints2\{fc60c128-66a1-11e1-8ad3-e47541a86cfd}\Shell\AutoRun\command - "" = J:\unlock.exe autoplay=true
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/29 11:15:33 | 000,000,000 | R--D | C] -- C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2013/04/27 23:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/04/27 23:55:32 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Local\SwvUpdater
[2013/04/27 23:55:07 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\Iminent
[2013/04/27 23:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2013/04/27 23:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMinent Toolbar
[2013/04/27 23:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Umbrella
[2013/04/27 23:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
[2013/04/27 23:51:51 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Local\Microsoft_Research
[2013/04/27 23:48:14 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\Nosibay
[2013/04/27 23:47:26 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\Plogue
[2013/04/27 20:27:14 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Local\Wondershare
[2013/04/27 20:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wondershare
[2013/04/27 20:27:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2013/04/27 20:27:07 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\Wondershare
[2013/04/27 20:25:32 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys
[2013/04/27 20:25:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare
[2013/04/08 22:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A-PDF Restrictions Remover
[2013/04/08 22:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\A-PDF Restrictions Remover
[2013/04/08 22:56:08 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\Desktop\Downloads
[2013/04/08 22:56:06 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\GetRightToGo
[2013/04/08 22:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PlotSoft
[2013/04/08 22:38:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlotSoft
[2013/04/08 22:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill
[2013/04/08 22:38:20 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\Documents\My PDFill
[2013/04/08 22:30:17 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\OpenOffice.org
[2013/04/08 22:29:41 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013/04/08 22:28:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2013/04/08 22:26:40 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\Desktop\OpenOffice.org 3.4.1 (it) Installation Files
[2013/04/08 08:58:11 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Polimi Wireless Setup Tool
[2013/04/08 08:58:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Polimi Wireless Setup Tool
[2013/04/05 20:36:13 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\Documents\MATLAB
[2013/04/05 20:36:05 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\MathWorks
[2013/04/03 11:56:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2008/08/12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[1 C:\Users\Lorusso\Documents\*.tmp files -> C:\Users\Lorusso\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/29 23:54:02 | 000,001,164 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/29 23:53:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/29 23:38:00 | 000,001,168 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001UA.job
[2013/04/29 21:34:02 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001UA.job
[2013/04/29 21:18:39 | 001,541,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/29 21:18:39 | 000,698,804 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013/04/29 21:18:39 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/29 21:18:39 | 000,127,998 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013/04/29 21:18:39 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/29 19:04:50 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001Core.job
[2013/04/29 18:59:40 | 000,001,160 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/29 18:58:09 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001Core.job
[2013/04/29 18:51:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/29 11:12:03 | 000,010,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/29 11:12:03 | 000,010,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/29 11:03:46 | 3054,936,064 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/28 10:00:30 | 000,003,064 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013/04/28 10:00:25 | 000,001,443 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013/04/27 23:54:59 | 000,000,638 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/04/27 23:31:02 | 004,346,803 | ---- | M] () -- C:\Users\Lorusso\Documents\prova.wma
[2013/04/27 20:27:08 | 000,001,343 | ---- | M] () -- C:\Users\Lorusso\Desktop\Wondershare Streaming Audio Recorder.lnk
[2013/04/27 16:49:09 | 000,000,017 | ---- | M] () -- C:\Users\Lorusso\AppData\Local\resmon.resmoncfg
[2013/04/27 15:13:16 | 001,280,133 | ---- | M] () -- C:\Users\Lorusso\Documents\dre.wma
[2013/04/26 23:15:47 | 000,003,834 | ---- | M] () -- C:\Users\Lorusso\Documents\Tomorrow.mscz
[2013/04/18 12:13:59 | 000,681,793 | ---- | M] () -- C:\Users\Lorusso\Desktop\Relazione Stato dell'Arte.pdf
[2013/04/18 10:31:51 | 000,680,562 | ---- | M] () -- C:\Users\Lorusso\Desktop\1-Stato dell'Arte.pdf
[2013/04/18 10:22:28 | 000,654,371 | ---- | M] () -- C:\Users\Lorusso\Desktop\Stato dell'arte.pdf
[2013/04/15 17:45:00 | 000,607,631 | ---- | M] () -- C:\Users\Lorusso\Desktop\2.pdf
[2013/04/13 18:21:12 | 000,298,743 | ---- | M] () -- C:\Users\Lorusso\Desktop\POLI1.pdf
[2013/04/11 16:29:09 | 005,012,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/10 00:39:00 | 000,002,380 | ---- | M] () -- C:\Users\Lorusso\Desktop\Google Chrome.lnk
[2013/04/08 23:03:25 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/08 22:38:22 | 000,002,096 | ---- | M] () -- C:\Users\Public\Desktop\PDFill PDF Editor.lnk
[2013/04/08 22:38:22 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\PDFill PDF Tools (Free).lnk
[2013/04/08 22:38:22 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\PDFill PDF Writer (Free).lnk
[2013/04/08 22:30:25 | 000,001,237 | ---- | M] () -- C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013/04/08 22:29:41 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013/04/03 13:20:54 | 000,003,584 | ---- | M] () -- C:\Users\Lorusso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/03 11:56:28 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[1 C:\Users\Lorusso\Documents\*.tmp files -> C:\Users\Lorusso\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/27 23:54:48 | 000,000,638 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/04/27 23:31:02 | 004,346,803 | ---- | C] () -- C:\Users\Lorusso\Documents\prova.wma
[2013/04/27 20:27:08 | 000,001,343 | ---- | C] () -- C:\Users\Lorusso\Desktop\Wondershare Streaming Audio Recorder.lnk
[2013/04/27 16:49:09 | 000,000,017 | ---- | C] () -- C:\Users\Lorusso\AppData\Local\resmon.resmoncfg
[2013/04/27 15:13:16 | 001,280,133 | ---- | C] () -- C:\Users\Lorusso\Documents\dre.wma
[2013/04/26 23:15:47 | 000,003,834 | ---- | C] () -- C:\Users\Lorusso\Documents\Tomorrow.mscz
[2013/04/18 12:13:57 | 000,681,793 | ---- | C] () -- C:\Users\Lorusso\Desktop\Relazione Stato dell'Arte.pdf
[2013/04/18 10:31:49 | 000,680,562 | ---- | C] () -- C:\Users\Lorusso\Desktop\1-Stato dell'Arte.pdf
[2013/04/18 10:22:26 | 000,654,371 | ---- | C] () -- C:\Users\Lorusso\Desktop\Stato dell'arte.pdf
[2013/04/15 17:44:58 | 000,607,631 | ---- | C] () -- C:\Users\Lorusso\Desktop\2.pdf
[2013/04/13 18:21:09 | 000,298,743 | ---- | C] () -- C:\Users\Lorusso\Desktop\POLI1.pdf
[2013/04/08 23:03:25 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/08 23:03:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/04/08 22:38:22 | 000,002,096 | ---- | C] () -- C:\Users\Public\Desktop\PDFill PDF Editor.lnk
[2013/04/08 22:38:22 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\PDFill PDF Tools (Free).lnk
[2013/04/08 22:38:22 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\PDFill PDF Writer (Free).lnk
[2013/04/08 22:30:25 | 000,001,237 | ---- | C] () -- C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013/04/08 22:29:41 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013/04/03 11:56:28 | 000,002,214 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/03/21 01:07:50 | 000,003,584 | ---- | C] () -- C:\Users\Lorusso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/14 01:15:55 | 000,031,465 | ---- | C] () -- C:\Users\Lorusso\AppData\Local\funmoods.crx
[2012/09/28 01:35:54 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2012/09/17 12:27:28 | 000,060,679 | ---- | C] () -- C:\Users\Lorusso\0004~361.jpg
[2012/09/16 22:24:43 | 000,464,444 | ---- | C] () -- C:\Users\Lorusso\uclagrad.pdf
[2012/09/16 14:51:14 | 000,064,583 | ---- | C] () -- C:\Users\Lorusso\Glee - 04x01 - The New Rachel.LOL.Italian.orig.srt
[2012/04/21 02:07:20 | 000,000,132 | ---- | C] () -- C:\Users\Lorusso\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/03/28 01:58:39 | 000,002,788 | ---- | C] () -- C:\Users\Lorusso\.recently-used.xbel
[2012/01/10 23:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/01/10 23:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/01/10 23:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/01/10 22:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/07/01 15:11:32 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/07/01 15:11:27 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/07/01 15:11:27 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/07/01 15:11:27 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/10/15 14:23:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/19 22:10:48 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/04/08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg

========== ZeroAccess Check ==========

[2011/11/17 08:41:18 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\@
[2013/04/28 12:33:44 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\L
[2013/04/30 00:00:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U
[2013/04/28 14:12:26 | 000,000,804 | ---- | M] () -- C:\Windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\L\00000004.@
[2013/04/29 08:51:02 | 000,002,048 | ---- | M] () -- C:\Windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\00000004.@
[2013/04/27 23:47:48 | 000,001,024 | ---- | M] () -- C:\Windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\00000008.@
[2013/04/29 08:51:02 | 000,015,360 | ---- | M] () -- C:\Windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\80000000.@
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2013/04/29 11:04:06 | 000,004,608 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2013/04/29 11:04:06 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/01/08 18:38:59 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Asus WebStorage
[2012/01/17 20:34:54 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Audacity
[2013/04/30 00:04:41 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\BitTorrent
[2011/10/05 15:50:23 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Burraconline
[2011/11/23 13:58:52 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Canon
[2012/04/15 02:34:22 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/09/14 13:23:51 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Crossword Compiler Italiano 8
[2011/01/10 19:29:29 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\DAEMON Tools Lite
[2012/06/15 22:32:53 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Dev-Cpp
[2011/03/14 02:39:31 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\DiskAid
[2013/04/29 11:15:52 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Dropbox
[2012/10/29 18:38:37 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\e-academy Inc
[2012/01/08 18:39:03 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\EeeStorageUploader
[2010/12/17 01:13:28 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\FrostWire
[2013/02/19 19:47:38 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Funmoods
[2013/04/08 22:56:53 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\GetRightToGo
[2010/10/19 20:07:29 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\GoBoingo
[2011/09/25 12:54:17 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\HandBrake
[2013/04/27 23:55:07 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Iminent
[2012/04/08 19:46:04 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\ImTOO
[2012/04/08 19:46:16 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\libimobiledevice
[2011/12/21 13:14:03 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\MusE
[2013/02/06 17:14:10 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\NeoDownloader
[2010/10/20 23:05:18 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Oberonv1004
[2012/09/14 14:51:58 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\OfferBox
[2012/07/12 12:39:44 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\ooVoo Details
[2010/11/08 12:32:20 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\OpenCandy
[2013/04/08 22:30:17 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\OpenOffice.org
[2013/03/10 18:49:43 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Origin
[2013/04/27 23:47:26 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Plogue
[2011/02/04 22:35:04 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Publish Providers
[2010/11/22 19:51:14 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Purple Ghost Software, Inc
[2013/01/16 23:44:51 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Sony
[2011/04/04 20:13:52 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Sony Creative Software Inc
[2013/04/29 23:26:59 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Spotify
[2012/06/11 00:00:09 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Stencyl
[2013/02/06 15:57:40 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Uniblue
[2011/10/22 18:21:29 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Vodafone
[2013/04/27 20:28:02 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Wondershare
[2012/04/28 19:56:34 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\XnView
[2013/02/22 10:33:18 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\xWeasel

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:2FAFBD6A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2F370DA6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:A724744F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA

< End of report >
  • 0

Advertisements

#2
maliprog
Posted 29 April 2013 - 11:33 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello mak91las and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion just reboot your system once, that will cure it.


Please make sure you include the combo fix log in your next reply

Step 2

  • Run OTL.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open notepad window. OTL.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.


Step 3

Please don't forget to include these items in your reply:

  • Combofix log
  • OTL log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
mak91las
Posted 30 April 2013 - 12:41 AM

mak91las

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Thanks for your quick answer. Before starting the processs I just wanted to ask you do I have to enable the antivirus applications after running Combofix and OTL or I just keep them disabled?
  • 0

#4
maliprog
Posted 30 April 2013 - 12:59 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
After the scans you can enable your antivirus protection.
  • 0

#5
mak91las
Posted 30 April 2013 - 07:09 AM

mak91las

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
COMBOFIX (I disabled Avast but Combofix alerted me that it was still active, I tried again with no success then I just let Combofix run)


ComboFix 13-04-29.01 - Lorusso 30/04/2013 14:24:24.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.3885.2183 [GMT 2:00]
Eseguito da: c:\users\Lorusso\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\program files (x86)\HBLite
c:\program files (x86)\HBLite\bin\11.0.358.0\firefox\extensions\install.rdf
c:\program files (x86)\Windows Live\Messenger\msacm32.dll
c:\program files (x86)\WinRAR\Leggimi.Txt
c:\program files (x86)\WinRAR\Leggimi_1a.Txt
c:\program files (x86)\WinRAR\Licenza.Txt
c:\program files (x86)\WinRAR\NoteTecniche.Txt
c:\program files (x86)\WinRAR\Ordin.htm
c:\program files (x86)\WinRAR\Ordina.htm
c:\program files (x86)\WinRAR\SorgUnRAR.Txt
c:\programdata\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\programdata\FullRemove.exe
c:\programdata\HBLiteSA
c:\programdata\HBLiteSA\HBLiteSA.dat
c:\programdata\HBLiteSA\HBLiteSA_kyf.dat
c:\programdata\HBLiteSA\HBLiteSAAbout.mht
c:\programdata\HBLiteSA\HBLiteSAau.dat
c:\programdata\HBLiteSA\HBLiteSAEULA.mht
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\About Hotbar.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Customer Support Center.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Uninstall Instructions.lnk
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\chrome.manifest
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\funmoods.css
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\funmoods.xul
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\images\pref.jpg
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\arwDwn.gif
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\ae.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\bg.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\ch.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\cn.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\cz.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\de.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\eg.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\en.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\es.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\fr.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\gr.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\he.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\il.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\it.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\ja.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\jp.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\nl.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\no.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\pl.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\pt.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\ro.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\ru.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\sa.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\se.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\sv.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\tr.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\ua.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\flgs\us.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\help_16.gif
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\home.gif
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\logo.png
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\privecy_16_hot.gif
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\imgs\tellafriend.gif
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\loader.xul
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\mtstart.js
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\preferences.xul
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\content\tmplt.js
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\install.rdf
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.rsa
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\META-INF\le_c6a58f26_4d2d_4341_b387_c4f2289b6170.sf
c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\[email protected]\META-INF\manifest.mf
c:\users\Lorusso\AppData\Roaming\OfferBox
c:\users\Lorusso\AppData\Roaming\OfferBox\config.xml
c:\users\Lorusso\AppData\Roaming\OfferBox\run.log
c:\users\Lorusso\AppData\Roaming\OfferBox\sdch\1347401139
c:\users\Lorusso\Documents\~WRL0158.tmp
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\@
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\L\00000004.@
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\00000004.@
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\00000008.@
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\000000cb.@
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\80000000.@
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\80000032.@
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\80000064.@
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz100B.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz1047.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz1096.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz1375.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz154F.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz1930.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz1975.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz1E0.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz1EBC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz1EEC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2138.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz21BE.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz22B9.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2510.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2559.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz255F.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz256A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz25AF.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz263F.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2810.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2811.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz290A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2969.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2A93.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2A9B.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2AB1.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2AC3.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2B8C.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2C3A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2D4D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2E83.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz2F6D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz3047.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz30DF.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz30FA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz3189.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz318A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz324B.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz32DF.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz335C.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz33DA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz33EA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz343A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz34B8.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz35E4.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz36B0.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz38E.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz38E7.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz398.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz39A3.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz3A7B.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz3AAF.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz3CA2.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz3D9D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz3EA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz3F53.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4032.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4367.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4391.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz466.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4843.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz494D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz496B.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz498B.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz499E.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz49CB.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz49ED.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4A03.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4A24.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4A98.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4AF8.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4C07.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4C93.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4F62.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz4FB1.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz503C.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz50A2.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz50AA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz50B0.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz50DC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz50F8.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz51E3.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5267.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz52B6.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5331.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5362.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz53AC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz53CA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz54DA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5778.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5835.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz58AF.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz58DC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz596D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5973.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz59FB.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5AA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5CB1.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5CB9.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5CD.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5CDE.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5D37.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5D3D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5D86.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5E3.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz5ED.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6048.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz61A6.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz62C9.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz63D5.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz65A7.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz668B.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6740.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz679E.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz67EE.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz67F7.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6841.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6919.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz699.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6AFB.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6B49.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6B9.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6BC3.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6C26.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6C4D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6E5E.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6F76.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6F89.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz6FB9.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7068.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz716.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz71A1.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz73AC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7452.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz750.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz760D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz764D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz76DA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz77DA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz780.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7B45.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7B75.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7BC7.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7C59.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7E77.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7EE5.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7EE9.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7F21.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz7FA5.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz820.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz8270.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz8289.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz82BD.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz83E7.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz89D1.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz89FC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz8B65.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz8EB5.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz8EBA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz90C1.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9201.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9221.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz92D6.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9325.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9359.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9405.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz94C8.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz94C9.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz94FF.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9520.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz970A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz97DA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz99E4.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz99E8.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9BCD.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9BD1.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9BD9.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9C3F.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9C56.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9D8F.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9F19.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9F68.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trz9FA8.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA17D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA18E.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA1B2.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA23C.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA3E.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA4BF.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA4C3.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA51D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA5DE.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA69D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA69E.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA6C9.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA746.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA863.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzA93C.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzAA72.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzAA76.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzAA83.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzAABA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzAAD5.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzAAF4.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzAB05.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzABB1.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzABC2.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzABC3.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzACB0.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzAD26.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzAF4F.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB018.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB0FD.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB38D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB3FB.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB458.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB4FB.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB58C.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB5B.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB618.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB69A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB6C5.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB707.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB788.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzB942.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBA57.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBA63.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBC90.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBD49.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBD6A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBD71.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBDBD.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBE07.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBEDB.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBF55.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBF72.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzBFC0.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC037.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC05D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC06E.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC082.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC1A6.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC1B0.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC1C0.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC2BA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC32F.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC5EB.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC705.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC8B8.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzC9FC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCA5A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCBB6.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCBBA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCBD.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCC57.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCC5D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCC9F.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCCA8.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCCFA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCDB6.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzCE28.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD069.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD079.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD0A2.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD12C.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD14C.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD26A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD2B1.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD2DE.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD309.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD30A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD40.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD4BC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD72D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD73D.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD80F.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD85E.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzD9D8.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzDA63.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzDEC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzDF03.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzDF14.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE009.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE137.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE261.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE33B.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE435.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE4AB.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE4BC.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE59A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE63.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE6A6.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzE6D5.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzEA0.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzEAFA.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzEC5F.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzED9C.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzEEB1.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzEF61.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzF579.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzF7B2.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzF91A.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzFABF.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzFACF.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzFD95.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzFDFF.tmp
c:\windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U\trzFF40.tmp
c:\windows\IsUn0410.exe
c:\windows\msvcr71.dll
.
La copia infetta di c:\windows\system32\services.exe è stata trovata e disinfettata
ipristinata copia da - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2013-03-28 al 2013-04-30 )))))))))))))))))))))))))))))))))))
.
.
2013-04-30 12:35 . 2013-04-30 12:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-30 12:35 . 2013-04-30 12:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-27 21:55 . 2013-04-28 10:08 -------- d-----w- c:\programdata\Tarma Installer
2013-04-27 21:55 . 2013-04-28 10:07 -------- d-----w- c:\users\Lorusso\AppData\Local\SwvUpdater
2013-04-27 21:55 . 2013-04-27 21:55 -------- d-----w- c:\users\Lorusso\AppData\Roaming\Iminent
2013-04-27 21:54 . 2013-04-27 21:54 -------- d-----w- c:\programdata\Iminent
2013-04-27 21:54 . 2013-04-29 21:21 -------- d-----w- c:\program files (x86)\IMinent Toolbar
2013-04-27 21:54 . 2013-04-27 21:54 -------- d-----w- c:\program files (x86)\Common Files\Umbrella
2013-04-27 21:54 . 2013-04-29 21:21 -------- d-----w- c:\program files (x86)\Iminent
2013-04-27 21:51 . 2013-04-27 21:51 -------- d-----w- c:\users\Lorusso\AppData\Local\Microsoft_Research
2013-04-27 21:48 . 2013-04-27 21:48 -------- d-----w- c:\users\Lorusso\AppData\Roaming\Nosibay
2013-04-27 21:47 . 2013-04-27 21:47 -------- d-----w- c:\users\Lorusso\AppData\Roaming\Plogue
2013-04-27 18:27 . 2013-04-27 18:27 -------- d-----w- c:\users\Lorusso\AppData\Local\Wondershare
2013-04-27 18:27 . 2013-04-27 18:27 -------- d-----w- c:\program files (x86)\Common Files\Wondershare
2013-04-27 18:27 . 2013-04-27 18:28 -------- d-----w- c:\users\Lorusso\AppData\Roaming\Wondershare
2013-04-27 18:25 . 2013-01-08 09:36 29288 ----a-w- c:\windows\system32\drivers\WsAudioDevice_383S(1).sys
2013-04-27 18:25 . 2013-04-27 18:25 -------- d-----w- c:\program files (x86)\Wondershare
2013-04-24 12:01 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 19:18 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 19:18 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-10 19:18 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 19:18 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 19:18 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-10 19:18 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-10 19:18 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 19:17 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 19:17 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 19:17 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 19:17 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 19:17 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 19:17 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 19:17 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-08 20:56 . 2013-04-08 20:56 -------- d-----w- c:\program files (x86)\A-PDF Restrictions Remover
2013-04-08 20:56 . 2013-04-08 20:56 -------- d-----w- c:\users\Lorusso\AppData\Roaming\GetRightToGo
2013-04-08 20:38 . 2013-04-08 20:38 -------- d-----w- c:\programdata\PlotSoft
2013-04-08 20:38 . 2013-04-08 20:38 -------- d-----w- c:\program files (x86)\PlotSoft
2013-04-08 20:30 . 2013-04-08 20:30 -------- d-----w- c:\users\Lorusso\AppData\Roaming\OpenOffice.org
2013-04-08 20:28 . 2013-04-08 20:28 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2013-04-08 06:58 . 2013-04-08 09:20 -------- d-----w- c:\program files (x86)\Polimi Wireless Setup Tool
2013-04-05 18:36 . 2013-04-05 18:36 -------- d-----w- c:\users\Lorusso\AppData\Roaming\MathWorks
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-28 12:56 . 2012-07-06 10:16 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-28 12:56 . 2012-07-06 10:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-11 09:21 . 2010-10-04 16:01 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-26 11:17 . 2013-03-26 11:17 82432 ----a-w- c:\users\Lorusso\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2013-03-26 11:17 . 2013-03-26 11:17 44544 ----a-w- c:\users\Lorusso\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2013-03-26 11:17 . 2013-03-26 11:17 1275392 ----a-w- c:\users\Lorusso\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2013-03-21 09:15 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-03-21 09:15 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-02-12 05:45 . 2013-03-23 17:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-23 17:48 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-23 17:48 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 05:45 . 2013-03-23 17:48 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 04:48 . 2013-03-23 17:48 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-23 17:48 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-25 23:25 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2013-03-25 880984]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
"ooVoo.exe"="c:\program files (x86)\ooVoo\oovoo.exe" [2012-05-29 25249400]
"Facebook Update"="c:\users\Lorusso\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-03 138096]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-01-07 3093624]
"Spotify Web Helper"="c:\users\Lorusso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-04-18 1105408]
"Spotify"="c:\users\Lorusso\AppData\Roaming\Spotify\Spotify.exe" [2013-04-18 4555776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2012-02-28 1679360]
.
c:\users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Lorusso\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-7-19 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-7-19 156952]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-3-9 4236288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2010-03-22 35840]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
R3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [2010-09-02 119680]
R3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\system32\DRIVERS\ONDAusbnet.sys [2010-09-02 135168]
R3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\DRIVERS\ONDAusbnmea.sys [2010-09-02 119680]
R3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\DRIVERS\ONDAusbser6k.sys [2010-09-02 119680]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-10-03 146736]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 vodafone_K3805-z_cdc_acm;Vodafone K3805-z CDC-ACM driver (ZTE);c:\windows\system32\DRIVERS\vodafone_K3805-z_cdc_acm.sys [2010-09-01 78336]
R3 vodafone_K3805-z_cdc_ecm;vodafone_K3805-z_cdc_ecm;c:\windows\system32\DRIVERS\vodafone_K3805-z_cdc_ecm.sys [2010-09-01 88064]
R3 vodafone_K3805-z_cpo;Vodafone K3805-z Install;c:\windows\system32\DRIVERS\vodafone_K3805-z_cpo.sys [2010-09-01 13824]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-04 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-10 254528]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-07 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 SProtection;SProtection;c:\program files (x86)\Common Files\Umbrella\umbrella.exe [2013-04-24 2795048]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-03-09 288768]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-03-09 1066896]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-03-09 491920]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-01-18 128512]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
S3 vodafone_K3805-z_dc_enum;Vodafone K3805-z DC Enumerator (ZTE);c:\windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [2010-09-01 75776]
S3 WsAudioDevice_383S(1);WsAudioDevice_383S(1);c:\windows\system32\drivers\WsAudioDevice_383S(1).sys [2013-01-08 29288]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-04-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-06 12:56]
.
2013-04-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001Core.job
- c:\users\Lorusso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-03 17:29]
.
2013-04-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001UA.job
- c:\users\Lorusso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-03 17:29]
.
2013-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-19 20:09]
.
2013-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-19 20:09]
.
2013-04-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001Core.job
- c:\users\Lorusso\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 23:13]
.
2013-04-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001UA.job
- c:\users\Lorusso\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 23:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-27 17412200]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
uStart Page = hxxp://start.iminent.com/?appId=4CB0EDBF-7AB4-4576-8784-BF8E09134DCA
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{174454CA-DBB2-48EF-8A75-EB6EDC27E00E}: NameServer = 83.224.70.62 83.224.70.78
FF - ProfilePath - c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.iminent.com/?appId=4CB0EDBF-7AB4-4576-8784-BF8E09134DCA
FF - prefs.js: browser.search.selectedEngine - StartWeb
FF - ExtSQL: 2013-04-27 23:54; {C9B68337-E93A-44EA-94DC-CB300EC06444}; c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\{C9B68337-E93A-44EA-94DC-CB300EC06444}
FF - ExtSQL: 2013-04-27 23:55; [email protected]; c:\program files (x86)\Iminent\[email protected]
FF - user.js: extensions.funmoods.hmpg - false
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0DtA0A0C0DtA0C0F0DtAyBtN0D0Tzu0CtAtCzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=1656014362
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0DtA0A0C0DtA0C0F0DtAyBtN0D0Tzu0CtAtCzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=1656014362
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0DtA0A0C0DtA0C0F0DtAyBtN0D0Tzu0CtAtCzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=1656014362&q=
FF - user.js: extensions.funmoods.id - 74F06D3ACD3CFD37
FF - user.js: extensions.funmoods.instlDay - 15658
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.220:15
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - fmtgl
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - fmtgl
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - true
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-GameXN GO - c:\programdata\GameXN\GameXNGO.exe
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKCU-Run-Bubble Dock - c:\users\Lorusso\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe
Wow6432Node-HKLM-Run-Freecorder FLV Service - c:\program files (x86)\Freecorder\FLVSrvc.exe
Wow6432Node-HKLM-Run-Iminent - c:\program files (x86)\Iminent\Iminent.exe
Wow6432Node-HKLM-Run-IminentMessenger - c:\program files (x86)\Iminent\Iminent.Messengers.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
Toolbar-Locked - (no file)
WebBrowser-{1D03A978-AC0C-4004-B9FD-9CF361C7BD3F} - (no file)
WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file)
WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-L&H Power Translator Pro 7.0 - c:\windows\ISUN0410.EXE
AddRemove-Funmoods - c:\users\Lorusso\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
.
**************************************************************************
.
Ora fine scansione: 2013-04-30 14:44:19 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2013-04-30 12:44
.
Pre-Run: 16.192.258.048 byte disponibili
Post-Run: 17.609.134.080 byte disponibili
.
- - End Of File - - F54D4D65F36CC4F1D35590442C293754
  • 0

#6
mak91las
Posted 30 April 2013 - 07:11 AM

mak91las

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
OTL

OTL logfile created on: 30/04/2013 14:54:23 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lorusso\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,79 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 52,06% Memory free
7,59 Gb Paging File | 5,57 Gb Available in Paging File | 73,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 16,30 Gb Free Space | 14,00% Space Free | Partition Type: NTFS
Drive D: | 329,79 Gb Total Space | 129,37 Gb Free Space | 39,23% Space Free | Partition Type: NTFS

Computer Name: LORUSSO-PC | User Name: Lorusso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/29 23:51:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lorusso\Desktop\OTL.exe
PRC - [2013/04/24 11:08:32 | 002,795,048 | ---- | M] (Iminent) -- C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
PRC - [2013/04/18 09:17:39 | 001,105,408 | ---- | M] (Spotify Ltd) -- C:\Users\Lorusso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/01/08 00:08:28 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012/12/18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/08/21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/02/28 14:42:58 | 001,679,360 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
PRC - [2011/03/09 12:41:08 | 001,066,896 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2010/07/19 22:36:01 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010/04/05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2010/03/27 17:34:00 | 001,800,808 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010/02/08 20:04:04 | 001,080,448 | ---- | M] (asus) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
PRC - [2010/02/05 19:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/02/04 23:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/01/05 22:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/01/05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/12/15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/10/01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/07/31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/06/24 21:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/24 12:11:45 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/03/24 12:09:28 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/03/24 12:09:01 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/03/24 12:08:48 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/03/24 12:08:43 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/03/24 12:08:40 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/03/24 12:08:31 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/03/24 12:08:25 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/03/24 12:08:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab2d590a7a1566fe78e3275a90a30ceb\System.Configuration.ni.dll
MOD - [2013/03/24 12:08:20 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/03/24 12:08:12 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/01/08 00:08:28 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/02/03 01:51:50 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
MOD - [2010/02/03 01:51:32 | 000,186,880 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
MOD - [2010/02/03 01:51:24 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
MOD - [2010/02/03 01:51:14 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
MOD - [2010/02/03 01:51:10 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
MOD - [2010/01/05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/08/04 13:27:01 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_it_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/03/09 12:10:40 | 000,288,768 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2009/12/08 01:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/08/06 23:17:46 | 000,118,672 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/04/28 14:56:08 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/24 11:08:32 | 002,795,048 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe -- (SProtection)
SRV - [2012/12/18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/03/09 12:41:10 | 000,491,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 12:41:08 | 001,066,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010/04/05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2010/03/27 17:34:00 | 001,800,808 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/10/01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/10/01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/08 11:36:20 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys -- (WsAudioDevice_383S(1)
DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/04/06 20:15:10 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 23:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/10/03 17:41:58 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 17:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011/01/10 19:28:13 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/02 11:08:58 | 000,135,168 | ---- | M] (ONDA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ONDAusbnet.sys -- (ONDAusbnet)
DRV:64bit: - [2010/09/02 11:08:46 | 000,119,680 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ondausbser6k.sys -- (ONDAusbser6k)
DRV:64bit: - [2010/09/02 11:08:46 | 000,119,680 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ondausbnmea.sys -- (ONDAusbnmea)
DRV:64bit: - [2010/09/02 11:08:46 | 000,119,680 | ---- | M] (Onda Communication) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ondausbmdm6k.sys -- (ONDAusbmdm6k)
DRV:64bit: - [2010/09/01 14:33:12 | 000,088,064 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_ecm.sys -- (vodafone_K3805-z_cdc_ecm)
DRV:64bit: - [2010/09/01 14:33:12 | 000,078,336 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_acm.sys -- (vodafone_K3805-z_cdc_acm)
DRV:64bit: - [2010/09/01 14:33:12 | 000,075,776 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV:64bit: - [2010/09/01 14:33:12 | 000,013,824 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cpo.sys -- (vodafone_K3805-z_cpo)
DRV:64bit: - [2010/07/19 22:35:58 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2010/04/28 08:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/22 05:43:34 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/03/03 13:51:39 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/02 10:45:23 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/02/26 10:32:11 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/25 05:26:57 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME)
DRV:64bit: - [2010/02/03 00:38:29 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/01/18 14:37:57 | 000,128,512 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/10/30 04:50:03 | 000,704,512 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/18 10:23:31 | 000,143,472 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/08/06 23:17:34 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/18 21:18:10 | 000,015,928 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 12:15:57 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009/05/13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...E&cr=1656014362
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...Date=28/04/2013
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent...84-BF8E09134DCA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://start.iminent...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Funmoods"
FF - prefs.js..extensions.enabledAddons: {edb461b8-28ee-46c6-94f7-d384260db9eb}:1.0
FF - prefs.js..extensions.enabledAddons: [email protected]:1.5.1
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..keyword.URL: "http://www.google.co...t=firefox-a&q="
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://start.iminent...4-BF8E09134DCA"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Lorusso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lorusso\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lorusso\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\hblite\bin\11.0.358.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi [2012/03/30 18:29:57 | 000,102,423 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/09/05 12:11:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Iminent\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/13 20:04:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/15 16:55:35 | 000,000,000 | ---D | M]

[2010/10/15 17:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lorusso\AppData\Roaming\mozilla\Extensions
[2010/10/15 17:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lorusso\AppData\Roaming\mozilla\Extensions\[email protected]
[2013/04/30 14:34:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lorusso\AppData\Roaming\mozilla\Firefox\Profiles\xgcccbgt.default\extensions
[2013/04/28 12:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lorusso\AppData\Roaming\mozilla\Firefox\Profiles\xgcccbgt.default\extensions\staged
[2013/04/28 12:03:35 | 000,006,350 | ---- | M] () -- C:\Users\Lorusso\AppData\Roaming\mozilla\firefox\profiles\xgcccbgt.default\searchplugins\Google.xml
[2012/11/20 15:13:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/09/06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/06 06:44:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: StartWeb (Enabled)
CHR - default_search_provider: search_url = http://start.iminent...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.it/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: avast! WebRep = C:\Users\Lorusso\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\

O1 HOSTS File: ([2013/04/30 14:38:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1D03A978-AC0C-4004-B9FD-9CF361C7BD3F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Lorusso\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Spotify] C:\Users\Lorusso\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Lorusso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Lorusso\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2013/03/10 01:15:07 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 [2013/03/10 01:15:07 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2013/03/10 01:15:07 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2013/03/10 01:15:07 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2013/03/10 01:15:07 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2013/03/10 01:15:07 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2013/03/10 01:15:07 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2013/03/10 01:15:07 | 000,000,000 | ---D | M]
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{174454CA-DBB2-48EF-8A75-EB6EDC27E00E}: NameServer = 83.224.70.62 83.224.70.78
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23624D30-AA58-45B8-B2E0-EBA4B5BCB1B0}: DhcpNameServer = 213.230.130.222 217.200.200.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{561F8B07-48DA-48A9-801E-3B17BAE3889C}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/30 14:48:41 | 000,000,000 | R--D | C] -- C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2013/04/30 14:38:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/04/30 14:11:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/04/30 14:11:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/04/30 14:11:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/04/30 14:11:21 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/04/30 14:00:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/30 14:00:33 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/04/30 13:58:17 | 005,061,928 | R--- | C] (Swearware) -- C:\Users\Lorusso\Desktop\ComboFix.exe
[2013/04/29 23:51:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lorusso\Desktop\OTL.exe
[2013/04/27 23:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/04/27 23:55:32 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Local\SwvUpdater
[2013/04/27 23:55:07 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\Iminent
[2013/04/27 23:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2013/04/27 23:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMinent Toolbar
[2013/04/27 23:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Umbrella
[2013/04/27 23:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
[2013/04/27 23:51:51 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Local\Microsoft_Research
[2013/04/27 23:48:14 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\Nosibay
[2013/04/27 23:47:26 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\Plogue
[2013/04/27 20:27:14 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Local\Wondershare
[2013/04/27 20:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wondershare
[2013/04/27 20:27:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2013/04/27 20:27:07 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\Wondershare
[2013/04/27 20:25:32 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys
[2013/04/27 20:25:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare
[2013/04/08 22:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A-PDF Restrictions Remover
[2013/04/08 22:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\A-PDF Restrictions Remover
[2013/04/08 22:56:08 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\Desktop\Downloads
[2013/04/08 22:56:06 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\GetRightToGo
[2013/04/08 22:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PlotSoft
[2013/04/08 22:38:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlotSoft
[2013/04/08 22:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill
[2013/04/08 22:38:20 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\Documents\My PDFill
[2013/04/08 22:30:17 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\OpenOffice.org
[2013/04/08 22:29:41 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013/04/08 22:28:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2013/04/08 22:26:40 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\Desktop\OpenOffice.org 3.4.1 (it) Installation Files
[2013/04/08 08:58:11 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Polimi Wireless Setup Tool
[2013/04/08 08:58:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Polimi Wireless Setup Tool
[2013/04/05 20:36:13 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\Documents\MATLAB
[2013/04/05 20:36:05 | 000,000,000 | ---D | C] -- C:\Users\Lorusso\AppData\Roaming\MathWorks
[2013/04/03 11:56:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2008/08/12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 30 Days ==========

[2013/04/30 14:56:29 | 000,010,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/30 14:56:29 | 000,010,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/30 14:54:00 | 000,001,164 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/30 14:54:00 | 000,001,160 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/30 14:53:16 | 001,541,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/30 14:53:16 | 000,698,804 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013/04/30 14:53:16 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/30 14:53:16 | 000,127,998 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013/04/30 14:53:16 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/30 14:53:01 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/30 14:47:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/30 14:46:54 | 3054,936,064 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/30 14:38:09 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/04/30 14:38:05 | 000,001,168 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001UA.job
[2013/04/30 14:00:27 | 005,061,928 | R--- | M] (Swearware) -- C:\Users\Lorusso\Desktop\ComboFix.exe
[2013/04/30 08:37:33 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001UA.job
[2013/04/29 23:51:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lorusso\Desktop\OTL.exe
[2013/04/29 19:04:50 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001Core.job
[2013/04/29 18:58:09 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001Core.job
[2013/04/28 10:00:30 | 000,003,064 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013/04/28 10:00:25 | 000,001,443 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013/04/27 23:54:59 | 000,000,638 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/04/27 23:31:02 | 004,346,803 | ---- | M] () -- C:\Users\Lorusso\Documents\prova.wma
[2013/04/27 20:27:08 | 000,001,343 | ---- | M] () -- C:\Users\Lorusso\Desktop\Wondershare Streaming Audio Recorder.lnk
[2013/04/27 16:49:09 | 000,000,017 | ---- | M] () -- C:\Users\Lorusso\AppData\Local\resmon.resmoncfg
[2013/04/27 15:13:16 | 001,280,133 | ---- | M] () -- C:\Users\Lorusso\Documents\dre.wma
[2013/04/26 23:15:47 | 000,003,834 | ---- | M] () -- C:\Users\Lorusso\Documents\Tomorrow.mscz
[2013/04/18 12:13:59 | 000,681,793 | ---- | M] () -- C:\Users\Lorusso\Desktop\Relazione Stato dell'Arte.pdf
[2013/04/18 10:31:51 | 000,680,562 | ---- | M] () -- C:\Users\Lorusso\Desktop\1-Stato dell'Arte.pdf
[2013/04/18 10:22:28 | 000,654,371 | ---- | M] () -- C:\Users\Lorusso\Desktop\Stato dell'arte.pdf
[2013/04/15 17:45:00 | 000,607,631 | ---- | M] () -- C:\Users\Lorusso\Desktop\2.pdf
[2013/04/13 18:21:12 | 000,298,743 | ---- | M] () -- C:\Users\Lorusso\Desktop\POLI1.pdf
[2013/04/11 16:29:09 | 005,012,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/10 00:39:00 | 000,002,380 | ---- | M] () -- C:\Users\Lorusso\Desktop\Google Chrome.lnk
[2013/04/08 23:03:25 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/08 22:38:22 | 000,002,096 | ---- | M] () -- C:\Users\Public\Desktop\PDFill PDF Editor.lnk
[2013/04/08 22:38:22 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\PDFill PDF Tools (Free).lnk
[2013/04/08 22:38:22 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\PDFill PDF Writer (Free).lnk
[2013/04/08 22:30:25 | 000,001,237 | ---- | M] () -- C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013/04/08 22:29:41 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013/04/03 13:20:54 | 000,003,584 | ---- | M] () -- C:\Users\Lorusso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/03 11:56:28 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

========== Files Created - No Company Name ==========

[2013/04/30 14:11:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/04/30 14:11:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/04/30 14:11:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/04/30 14:11:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/04/30 14:11:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/27 23:54:48 | 000,000,638 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/04/27 23:31:02 | 004,346,803 | ---- | C] () -- C:\Users\Lorusso\Documents\prova.wma
[2013/04/27 20:27:08 | 000,001,343 | ---- | C] () -- C:\Users\Lorusso\Desktop\Wondershare Streaming Audio Recorder.lnk
[2013/04/27 16:49:09 | 000,000,017 | ---- | C] () -- C:\Users\Lorusso\AppData\Local\resmon.resmoncfg
[2013/04/27 15:13:16 | 001,280,133 | ---- | C] () -- C:\Users\Lorusso\Documents\dre.wma
[2013/04/26 23:15:47 | 000,003,834 | ---- | C] () -- C:\Users\Lorusso\Documents\Tomorrow.mscz
[2013/04/18 12:13:57 | 000,681,793 | ---- | C] () -- C:\Users\Lorusso\Desktop\Relazione Stato dell'Arte.pdf
[2013/04/18 10:31:49 | 000,680,562 | ---- | C] () -- C:\Users\Lorusso\Desktop\1-Stato dell'Arte.pdf
[2013/04/18 10:22:26 | 000,654,371 | ---- | C] () -- C:\Users\Lorusso\Desktop\Stato dell'arte.pdf
[2013/04/15 17:44:58 | 000,607,631 | ---- | C] () -- C:\Users\Lorusso\Desktop\2.pdf
[2013/04/13 18:21:09 | 000,298,743 | ---- | C] () -- C:\Users\Lorusso\Desktop\POLI1.pdf
[2013/04/08 23:03:25 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/08 23:03:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/04/08 22:38:22 | 000,002,096 | ---- | C] () -- C:\Users\Public\Desktop\PDFill PDF Editor.lnk
[2013/04/08 22:38:22 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\PDFill PDF Tools (Free).lnk
[2013/04/08 22:38:22 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\PDFill PDF Writer (Free).lnk
[2013/04/08 22:30:25 | 000,001,237 | ---- | C] () -- C:\Users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013/04/08 22:29:41 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013/04/03 11:56:28 | 000,002,214 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/03/21 01:07:50 | 000,003,584 | ---- | C] () -- C:\Users\Lorusso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/14 01:15:55 | 000,031,465 | ---- | C] () -- C:\Users\Lorusso\AppData\Local\funmoods.crx
[2012/09/28 01:35:54 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2012/09/17 12:27:28 | 000,060,679 | ---- | C] () -- C:\Users\Lorusso\0004~361.jpg
[2012/09/16 22:24:43 | 000,464,444 | ---- | C] () -- C:\Users\Lorusso\uclagrad.pdf
[2012/09/16 14:51:14 | 000,064,583 | ---- | C] () -- C:\Users\Lorusso\Glee - 04x01 - The New Rachel.LOL.Italian.orig.srt
[2012/04/21 02:07:20 | 000,000,132 | ---- | C] () -- C:\Users\Lorusso\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/03/28 01:58:39 | 000,002,788 | ---- | C] () -- C:\Users\Lorusso\.recently-used.xbel
[2012/01/10 23:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/01/10 23:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/01/10 23:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/01/10 22:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/07/01 15:11:32 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/07/01 15:11:27 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/07/01 15:11:27 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/07/01 15:11:27 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/10/15 14:23:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/04/08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg

========== ZeroAccess Check ==========

[2013/04/30 14:10:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\L
[2013/04/30 14:10:55 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{0c131833-b65a-68d4-c7f1-8c0c60a6aae5}\U
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/01/08 18:38:59 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Asus WebStorage
[2012/01/17 20:34:54 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Audacity
[2013/04/30 14:52:32 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\BitTorrent
[2011/10/05 15:50:23 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Burraconline
[2011/11/23 13:58:52 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Canon
[2012/04/15 02:34:22 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/09/14 13:23:51 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Crossword Compiler Italiano 8
[2011/01/10 19:29:29 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\DAEMON Tools Lite
[2012/06/15 22:32:53 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Dev-Cpp
[2011/03/14 02:39:31 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\DiskAid
[2013/04/30 14:49:04 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Dropbox
[2012/10/29 18:38:37 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\e-academy Inc
[2012/01/08 18:39:03 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\EeeStorageUploader
[2010/12/17 01:13:28 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\FrostWire
[2013/02/19 19:47:38 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Funmoods
[2013/04/08 22:56:53 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\GetRightToGo
[2010/10/19 20:07:29 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\GoBoingo
[2011/09/25 12:54:17 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\HandBrake
[2013/04/27 23:55:07 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Iminent
[2012/04/08 19:46:04 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\ImTOO
[2012/04/08 19:46:16 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\libimobiledevice
[2011/12/21 13:14:03 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\MusE
[2013/02/06 17:14:10 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\NeoDownloader
[2010/10/20 23:05:18 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Oberonv1004
[2012/07/12 12:39:44 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\ooVoo Details
[2010/11/08 12:32:20 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\OpenCandy
[2013/04/08 22:30:17 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\OpenOffice.org
[2013/03/10 18:49:43 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Origin
[2013/04/27 23:47:26 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Plogue
[2011/02/04 22:35:04 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Publish Providers
[2010/11/22 19:51:14 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Purple Ghost Software, Inc
[2013/01/16 23:44:51 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Sony
[2011/04/04 20:13:52 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Sony Creative Software Inc
[2013/04/30 14:49:50 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Spotify
[2012/06/11 00:00:09 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Stencyl
[2013/02/06 15:57:40 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Uniblue
[2011/10/22 18:21:29 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Vodafone
[2013/04/27 20:28:02 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\Wondershare
[2012/04/28 19:56:34 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\XnView
[2013/02/22 10:33:18 | 000,000,000 | ---D | M] -- C:\Users\Lorusso\AppData\Roaming\xWeasel

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:2FAFBD6A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2F370DA6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:A724744F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA

< End of report >
  • 0

#7
maliprog
Posted 30 April 2013 - 01:48 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. You did good thing. Let's continue.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Loaded modules

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Make sure to check:

    • Services and drivers
    • Boot sectors
    • Loaded modules
    • Verify Driver Digital Signature
    • Detect TDLFS file system

  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\\ folder) in the form of \"TDSSKiller.[Version]_[Date]_[Time]_log.txt\". Please copy and paste its contents on your next reply.

Step 2

Run Combofix one more time and post log here for me like you did last time.

Step 3

Please don't forget to include these items in your reply:

  • TDSSKiller log
  • Combofix log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#8
mak91las
Posted 30 April 2013 - 04:18 PM

mak91las

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
There are 2 reports of TDSSKiller

REPORT1

23:16:45.0631 3728 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:16:47.0655 3728 ============================================================
23:16:47.0655 3728 Current date / time: 2013/04/30 23:16:47.0655
23:16:47.0655 3728 SystemInfo:
23:16:47.0655 3728
23:16:47.0655 3728 OS Version: 6.1.7601 ServicePack: 1.0
23:16:47.0655 3728 Product type: Workstation
23:16:47.0656 3728 ComputerName: LORUSSO-PC
23:16:47.0656 3728 UserName: Lorusso
23:16:47.0656 3728 Windows directory: C:\Windows
23:16:47.0656 3728 System windows directory: C:\Windows
23:16:47.0656 3728 Running under WOW64
23:16:47.0656 3728 Processor architecture: Intel x64
23:16:47.0656 3728 Number of processors: 4
23:16:47.0656 3728 Page size: 0x1000
23:16:47.0656 3728 Boot type: Normal boot
23:16:47.0656 3728 ============================================================
23:16:48.0459 3728 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:16:48.0471 3728 Drive \Device\Harddisk1\DR2 - Size: 0x746EC00000 (465.73 Gb), SectorSize: 0x200, Cylinders: 0xED7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:16:48.0514 3728 ============================================================
23:16:48.0514 3728 \Device\Harddisk0\DR0:
23:16:48.0515 3728 MBR partitions:
23:16:48.0515 3728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0xE8E0168
23:16:48.0534 3728 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10FF2000, BlocksNum 0x29393800
23:16:48.0534 3728 \Device\Harddisk1\DR2:
23:16:48.0535 3728 MBR partitions:
23:16:48.0535 3728 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A375800
23:16:48.0535 3728 ============================================================
23:16:48.0565 3728 C: <-> \Device\Harddisk0\DR0\Partition1
23:16:48.0621 3728 D: <-> \Device\Harddisk0\DR0\Partition2
23:16:48.0652 3728 K: <-> \Device\Harddisk1\DR2\Partition1
23:16:48.0653 3728 ============================================================
23:16:48.0653 3728 Initialize success
23:16:48.0653 3728 ============================================================
23:17:03.0403 6148 Deinitialize success

REPORT2

23:20:29.0201 4596 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:20:31.0213 4596 ============================================================
23:20:31.0213 4596 Current date / time: 2013/04/30 23:20:31.0213
23:20:31.0213 4596 SystemInfo:
23:20:31.0213 4596
23:20:31.0213 4596 OS Version: 6.1.7601 ServicePack: 1.0
23:20:31.0213 4596 Product type: Workstation
23:20:31.0213 4596 ComputerName: LORUSSO-PC
23:20:31.0213 4596 UserName: Lorusso
23:20:31.0213 4596 Windows directory: C:\Windows
23:20:31.0213 4596 System windows directory: C:\Windows
23:20:31.0213 4596 Running under WOW64
23:20:31.0213 4596 Processor architecture: Intel x64
23:20:31.0213 4596 Number of processors: 4
23:20:31.0213 4596 Page size: 0x1000
23:20:31.0213 4596 Boot type: Normal boot
23:20:31.0213 4596 ============================================================
23:21:01.0418 4596 BG loaded
23:21:02.0697 4596 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:21:02.0744 4596 Drive \Device\Harddisk1\DR1 - Size: 0x746EC00000 (465.73 Gb), SectorSize: 0x200, Cylinders: 0xED7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:21:03.0040 4596 ============================================================
23:21:03.0040 4596 \Device\Harddisk0\DR0:
23:21:03.0071 4596 MBR partitions:
23:21:03.0071 4596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0xE8E0168
23:21:03.0321 4596 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10FF2000, BlocksNum 0x29393800
23:21:03.0321 4596 \Device\Harddisk1\DR1:
23:21:03.0321 4596 MBR partitions:
23:21:03.0321 4596 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A375800
23:21:03.0321 4596 ============================================================
23:21:03.0524 4596 C: <-> \Device\Harddisk0\DR0\Partition1
23:21:06.0035 4596 D: <-> \Device\Harddisk0\DR0\Partition2
23:21:06.0082 4596 K: <-> \Device\Harddisk1\DR1\Partition1
23:21:06.0082 4596 ============================================================
23:21:06.0082 4596 Initialize success
23:21:06.0082 4596 ============================================================
23:30:15.0136 5440 ============================================================
23:30:15.0140 5440 Scan started
23:30:15.0140 5440 Mode: Manual; SigCheck; TDLFS;
23:30:15.0140 5440 ============================================================
23:30:18.0661 5440 ================ Scan system memory ========================
23:30:18.0661 5440 System memory - ok
23:30:18.0662 5440 ================ Scan services =============================
23:30:20.0141 5440 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:30:20.0812 5440 1394ohci - ok
23:30:20.0941 5440 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:30:21.0785 5440 ACPI - ok
23:30:21.0867 5440 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:30:22.0237 5440 AcpiPmi - ok
23:30:22.0530 5440 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:30:22.0768 5440 AdobeARMservice - ok
23:30:24.0086 5440 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:30:24.0769 5440 AdobeFlashPlayerUpdateSvc - ok
23:30:25.0069 5440 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:30:25.0835 5440 adp94xx - ok
23:30:25.0889 5440 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:30:26.0342 5440 adpahci - ok
23:30:26.0421 5440 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:30:27.0168 5440 adpu320 - ok
23:30:27.0379 5440 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
23:30:28.0685 5440 ADSMService ( UnsignedFile.Multi.Generic ) - warning
23:30:28.0685 5440 ADSMService - detected UnsignedFile.Multi.Generic (1)
23:30:28.0730 5440 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:30:30.0052 5440 AeLookupSvc - ok
23:30:30.0112 5440 [ 2D00D3DADC1D3326BA788EB071F2726E ] AFBAgent C:\Windows\system32\FBAgent.exe
23:30:31.0529 5440 AFBAgent - ok
23:30:31.0866 5440 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:30:32.0625 5440 AFD - ok
23:30:32.0716 5440 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:30:33.0517 5440 agp440 - ok
23:30:33.0601 5440 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:30:34.0407 5440 ALG - ok
23:30:34.0562 5440 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:30:35.0492 5440 aliide - ok
23:30:35.0596 5440 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:30:36.0369 5440 amdide - ok
23:30:36.0463 5440 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:30:37.0264 5440 AmdK8 - ok
23:30:37.0303 5440 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:30:38.0561 5440 AmdPPM - ok
23:30:38.0660 5440 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:30:39.0843 5440 amdsata - ok
23:30:39.0915 5440 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:30:40.0811 5440 amdsbs - ok
23:30:40.0874 5440 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:30:41.0687 5440 amdxata - ok
23:30:41.0749 5440 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:30:42.0513 5440 AppID - ok
23:30:42.0575 5440 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:30:43.0332 5440 AppIDSvc - ok
23:30:43.0430 5440 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:30:44.0348 5440 Appinfo - ok
23:30:44.0758 5440 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:30:45.0577 5440 Apple Mobile Device - ok
23:30:45.0652 5440 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
23:30:46.0379 5440 AppMgmt - ok
23:30:46.0463 5440 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:30:47.0309 5440 arc - ok
23:30:47.0413 5440 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:30:48.0251 5440 arcsas - ok
23:30:48.0286 5440 [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
23:30:49.0386 5440 AsDsm - ok
23:30:49.0743 5440 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
23:30:50.0308 5440 ASLDRService - ok
23:30:50.0432 5440 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:30:50.0986 5440 ASMMAP64 - ok
23:30:51.0036 5440 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
23:30:51.0566 5440 aswFsBlk - ok
23:30:51.0772 5440 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:30:52.0194 5440 aswMonFlt - ok
23:30:52.0241 5440 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
23:30:52.0494 5440 aswRdr - ok
23:30:52.0748 5440 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:30:53.0357 5440 aswSnx - ok
23:30:53.0405 5440 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:30:53.0452 5440 aswSP - ok
23:30:53.0498 5440 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
23:30:53.0545 5440 aswTdi - ok
23:30:53.0661 5440 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:30:53.0826 5440 AsyncMac - ok
23:30:53.0911 5440 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:30:53.0938 5440 atapi - ok
23:30:54.0040 5440 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
23:30:54.0194 5440 athr - ok
23:30:54.0324 5440 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:30:54.0374 5440 ATKGFNEXSrv - ok
23:30:54.0504 5440 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:30:54.0603 5440 AudioEndpointBuilder - ok
23:30:54.0618 5440 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:30:54.0679 5440 AudioSrv - ok
23:30:54.0878 5440 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
23:30:54.0917 5440 avast! Antivirus - ok
23:30:55.0052 5440 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:30:55.0341 5440 AxInstSV - ok
23:30:55.0443 5440 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:30:55.0556 5440 b06bdrv - ok
23:30:55.0691 5440 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:30:55.0799 5440 b57nd60a - ok
23:30:55.0871 5440 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:30:55.0960 5440 BDESVC - ok
23:30:56.0013 5440 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:30:56.0144 5440 Beep - ok
23:30:56.0354 5440 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:30:56.0513 5440 BFE - ok
23:30:56.0884 5440 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
23:30:57.0400 5440 BITS - ok
23:30:57.0455 5440 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:30:57.0511 5440 blbdrive - ok
23:30:57.0773 5440 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:30:57.0815 5440 Bonjour Service - ok
23:30:57.0838 5440 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:30:57.0993 5440 bowser - ok
23:30:58.0036 5440 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:30:58.0205 5440 BrFiltLo - ok
23:30:58.0239 5440 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:30:58.0286 5440 BrFiltUp - ok
23:30:58.0337 5440 [ 5C2F352A4E961D72518261257AAE204B ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
23:30:58.0426 5440 Bridge - ok
23:30:58.0449 5440 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
23:30:58.0542 5440 BridgeMP - ok
23:30:58.0690 5440 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:30:58.0763 5440 Browser - ok
23:30:58.0919 5440 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:30:59.0019 5440 Brserid - ok
23:30:59.0048 5440 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:30:59.0151 5440 BrSerWdm - ok
23:30:59.0182 5440 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:30:59.0240 5440 BrUsbMdm - ok
23:30:59.0288 5440 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:30:59.0340 5440 BrUsbSer - ok
23:30:59.0370 5440 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:30:59.0451 5440 BTHMODEM - ok
23:30:59.0600 5440 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:30:59.0663 5440 bthserv - ok
23:30:59.0707 5440 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
23:30:59.0721 5440 BVRPMPR5a64 - ok
23:30:59.0886 5440 catchme - ok
23:30:59.0963 5440 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:31:00.0042 5440 cdfs - ok
23:31:00.0138 5440 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
23:31:00.0187 5440 cdrom - ok
23:31:00.0241 5440 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:31:00.0343 5440 CertPropSvc - ok
23:31:00.0411 5440 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:31:00.0444 5440 circlass - ok
23:31:00.0489 5440 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:31:00.0547 5440 CLFS - ok
23:31:00.0721 5440 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:31:00.0825 5440 clr_optimization_v2.0.50727_32 - ok
23:31:01.0040 5440 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:31:01.0258 5440 clr_optimization_v2.0.50727_64 - ok
23:31:01.0573 5440 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:31:01.0800 5440 clr_optimization_v4.0.30319_32 - ok
23:31:01.0883 5440 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:31:02.0187 5440 clr_optimization_v4.0.30319_64 - ok
23:31:02.0215 5440 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:31:02.0307 5440 CmBatt - ok
23:31:02.0341 5440 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:31:02.0364 5440 cmdide - ok
23:31:02.0476 5440 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:31:02.0666 5440 CNG - ok
23:31:02.0962 5440 [ F7CA3ACCF5AA0E2182546C5BE42B2E96 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
23:31:03.0104 5440 CnxtHdAudService - ok
23:31:03.0239 5440 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:31:03.0261 5440 Compbatt - ok
23:31:03.0333 5440 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:31:03.0373 5440 CompositeBus - ok
23:31:03.0414 5440 COMSysApp - ok
23:31:03.0476 5440 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:31:03.0498 5440 crcdisk - ok
23:31:03.0818 5440 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:31:03.0972 5440 CryptSvc - ok
23:31:04.0018 5440 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
23:31:04.0092 5440 CSC - ok
23:31:04.0212 5440 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
23:31:04.0336 5440 CscService - ok
23:31:04.0417 5440 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:31:04.0565 5440 DcomLaunch - ok
23:31:04.0716 5440 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:31:04.0850 5440 defragsvc - ok
23:31:04.0946 5440 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:31:05.0019 5440 DfsC - ok
23:31:05.0110 5440 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:31:05.0221 5440 Dhcp - ok
23:31:05.0275 5440 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:31:05.0388 5440 discache - ok
23:31:05.0545 5440 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:31:05.0594 5440 Disk - ok
23:31:05.0677 5440 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:31:05.0791 5440 Dnscache - ok
23:31:05.0918 5440 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:31:05.0990 5440 dot3svc - ok
23:31:06.0013 5440 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:31:06.0083 5440 DPS - ok
23:31:06.0162 5440 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:31:06.0229 5440 drmkaud - ok
23:31:06.0400 5440 [ 9F98D7AFA293947A0DFC6FFD4671FE70 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:31:06.0446 5440 dtsoftbus01 - ok
23:31:06.0761 5440 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:31:06.0847 5440 DXGKrnl - ok
23:31:06.0935 5440 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:31:07.0209 5440 EapHost - ok
23:31:07.0610 5440 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:31:07.0791 5440 ebdrv - ok
23:31:07.0845 5440 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:31:07.0944 5440 EFS - ok
23:31:08.0042 5440 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:31:08.0180 5440 ehRecvr - ok
23:31:08.0219 5440 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:31:08.0362 5440 ehSched - ok
23:31:08.0628 5440 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:31:08.0700 5440 elxstor - ok
23:31:08.0767 5440 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:31:08.0825 5440 ErrDev - ok
23:31:09.0057 5440 [ 06C94BE9D9E1E6411429433A64A76936 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
23:31:09.0120 5440 ETD - ok
23:31:09.0188 5440 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:31:09.0271 5440 EventSystem - ok
23:31:09.0299 5440 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:31:09.0358 5440 exfat - ok
23:31:09.0394 5440 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:31:09.0450 5440 fastfat - ok
23:31:09.0551 5440 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:31:09.0722 5440 Fax - ok
23:31:09.0763 5440 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:31:09.0873 5440 fdc - ok
23:31:09.0901 5440 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:31:09.0972 5440 fdPHost - ok
23:31:09.0990 5440 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:31:10.0063 5440 FDResPub - ok
23:31:10.0127 5440 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:31:10.0164 5440 FileInfo - ok
23:31:10.0184 5440 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:31:10.0320 5440 Filetrace - ok
23:31:10.0341 5440 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:31:10.0388 5440 flpydisk - ok
23:31:10.0432 5440 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:31:10.0471 5440 FltMgr - ok
23:31:10.0621 5440 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
23:31:10.0698 5440 FontCache - ok
23:31:10.0746 5440 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:31:10.0771 5440 FontCache3.0.0.0 - ok
23:31:10.0821 5440 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:31:10.0860 5440 FsDepends - ok
23:31:10.0973 5440 [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:31:11.0019 5440 fssfltr - ok
23:31:11.0318 5440 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:31:11.0372 5440 fsssvc - ok
23:31:11.0490 5440 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:31:11.0502 5440 Fs_Rec - ok
23:31:11.0570 5440 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:31:11.0616 5440 fvevol - ok
23:31:11.0681 5440 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:31:11.0719 5440 gagp30kx - ok
23:31:11.0860 5440 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:31:11.0883 5440 GEARAspiWDM - ok
23:31:12.0022 5440 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:31:12.0127 5440 gpsvc - ok
23:31:12.0232 5440 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:31:12.0282 5440 gupdate - ok
23:31:12.0409 5440 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:31:12.0447 5440 gupdatem - ok
23:31:12.0490 5440 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:31:12.0514 5440 gusvc - ok
23:31:12.0539 5440 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:31:12.0615 5440 hcw85cir - ok
23:31:12.0712 5440 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:31:12.0808 5440 HdAudAddService - ok
23:31:12.0860 5440 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:31:12.0921 5440 HDAudBus - ok
23:31:12.0975 5440 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:31:12.0994 5440 HECIx64 - ok
23:31:13.0019 5440 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:31:13.0083 5440 HidBatt - ok
23:31:13.0121 5440 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:31:13.0187 5440 HidBth - ok
23:31:13.0246 5440 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:31:13.0334 5440 HidIr - ok
23:31:13.0364 5440 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
23:31:13.0454 5440 hidserv - ok
23:31:13.0559 5440 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:31:13.0586 5440 HidUsb - ok
23:31:13.0629 5440 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:31:13.0728 5440 hkmsvc - ok
23:31:13.0782 5440 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:31:13.0867 5440 HomeGroupListener - ok
23:31:13.0887 5440 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:31:13.0948 5440 HomeGroupProvider - ok
23:31:14.0057 5440 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:31:14.0079 5440 HpSAMD - ok
23:31:14.0204 5440 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:31:14.0305 5440 HTTP - ok
23:31:14.0367 5440 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:31:14.0382 5440 hwpolicy - ok
23:31:14.0443 5440 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:31:14.0458 5440 i8042prt - ok
23:31:14.0619 5440 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:31:14.0659 5440 iaStor - ok
23:31:14.0781 5440 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:31:14.0808 5440 iaStorV - ok
23:31:14.0958 5440 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:31:15.0009 5440 IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:31:15.0009 5440 IDriverT - detected UnsignedFile.Multi.Generic (1)
23:31:15.0206 5440 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:31:15.0348 5440 idsvc - ok
23:31:16.0044 5440 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:31:16.0475 5440 igfx - ok
23:31:16.0573 5440 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:31:16.0605 5440 iirsp - ok
23:31:16.0810 5440 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
23:31:16.0823 5440 IJPLMSVC - ok
23:31:17.0033 5440 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:31:17.0183 5440 IKEEXT - ok
23:31:17.0281 5440 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
23:31:17.0309 5440 Impcd - ok
23:31:17.0365 5440 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
23:31:17.0416 5440 IntcDAud - ok
23:31:17.0463 5440 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:31:17.0487 5440 intelide - ok
23:31:17.0514 5440 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:31:17.0555 5440 intelppm - ok
23:31:17.0624 5440 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:31:17.0693 5440 IPBusEnum - ok
23:31:17.0762 5440 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:31:17.0856 5440 IpFilterDriver - ok
23:31:18.0075 5440 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:31:18.0145 5440 iphlpsvc - ok
23:31:18.0247 5440 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:31:18.0310 5440 IPMIDRV - ok
23:31:18.0362 5440 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:31:18.0440 5440 IPNAT - ok
23:31:18.0590 5440 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:31:18.0726 5440 iPod Service - ok
23:31:18.0787 5440 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:31:18.0834 5440 IRENUM - ok
23:31:18.0857 5440 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:31:18.0880 5440 isapnp - ok
23:31:19.0233 5440 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:31:19.0295 5440 iScsiPrt - ok
23:31:19.0352 5440 [ DB917B998CBC15A153C00DD6EFC34C13 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
23:31:19.0417 5440 JMCR - ok
23:31:19.0475 5440 [ DE4B2249D95C7815D06A39EA5FF4EE53 ] JME C:\Windows\system32\DRIVERS\JME.sys
23:31:19.0517 5440 JME - ok
23:31:19.0619 5440 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:31:19.0640 5440 kbdclass - ok
23:31:19.0694 5440 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:31:19.0739 5440 kbdhid - ok
23:31:19.0767 5440 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
23:31:19.0807 5440 kbfiltr - ok
23:31:19.0873 5440 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:31:19.0908 5440 KeyIso - ok
23:31:19.0937 5440 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:31:19.0974 5440 KSecDD - ok
23:31:20.0041 5440 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:31:20.0092 5440 KSecPkg - ok
23:31:20.0167 5440 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:31:20.0241 5440 ksthunk - ok
23:31:20.0364 5440 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:31:20.0444 5440 KtmRm - ok
23:31:20.0502 5440 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
23:31:20.0633 5440 LanmanServer - ok
23:31:20.0672 5440 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:31:20.0800 5440 LanmanWorkstation - ok
23:31:20.0841 5440 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:31:20.0939 5440 lltdio - ok
23:31:21.0022 5440 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:31:21.0162 5440 lltdsvc - ok
23:31:21.0243 5440 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:31:21.0308 5440 lmhosts - ok
23:31:21.0529 5440 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:31:21.0589 5440 LMS ( UnsignedFile.Multi.Generic ) - warning
23:31:21.0590 5440 LMS - detected UnsignedFile.Multi.Generic (1)
23:31:21.0706 5440 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:31:21.0770 5440 LSI_FC - ok
23:31:21.0785 5440 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:31:21.0823 5440 LSI_SAS - ok
23:31:21.0900 5440 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:31:21.0916 5440 LSI_SAS2 - ok
23:31:21.0932 5440 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:31:21.0956 5440 LSI_SCSI - ok
23:31:21.0983 5440 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:31:22.0090 5440 luafv - ok
23:31:22.0111 5440 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
23:31:22.0154 5440 lullaby - ok
23:31:22.0184 5440 Suspicious service (Hidden): lvupdtio
23:31:22.0381 5440 [ FDC2E61CCD08D468EE729BF5B28201A5 ] lvupdtio C:\Program Files (x86)\ASUS\ASUS Live Update\SYS64\lvupdtio.sys
23:31:22.0384 5440 lvupdtio ( HiddenService.Multi.Generic ) - warning
23:31:22.0384 5440 lvupdtio - detected HiddenService.Multi.Generic (1)
23:31:22.0429 5440 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:31:22.0473 5440 Mcx2Svc - ok
23:31:22.0542 5440 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:31:22.0563 5440 megasas - ok
23:31:22.0662 5440 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:31:22.0698 5440 MegaSR - ok
23:31:22.0728 5440 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:31:22.0819 5440 MMCSS - ok
23:31:22.0857 5440 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:31:22.0910 5440 Modem - ok
23:31:23.0010 5440 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:31:23.0036 5440 monitor - ok
23:31:23.0224 5440 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
23:31:23.0244 5440 mouclass - ok
23:31:23.0323 5440 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:31:23.0367 5440 mouhid - ok
23:31:23.0405 5440 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:31:23.0434 5440 mountmgr - ok
23:31:23.0661 5440 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:31:23.0692 5440 MozillaMaintenance - ok
23:31:23.0760 5440 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:31:23.0787 5440 mpio - ok
23:31:23.0836 5440 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:31:23.0877 5440 mpsdrv - ok
23:31:24.0278 5440 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:31:24.0359 5440 MpsSvc - ok
23:31:24.0443 5440 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:31:24.0483 5440 MRxDAV - ok
23:31:24.0542 5440 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:31:24.0613 5440 mrxsmb - ok
23:31:24.0678 5440 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:31:24.0782 5440 mrxsmb10 - ok
23:31:24.0817 5440 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:31:24.0893 5440 mrxsmb20 - ok
23:31:24.0966 5440 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:31:24.0984 5440 msahci - ok
23:31:25.0085 5440 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:31:25.0119 5440 msdsm - ok
23:31:25.0163 5440 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:31:25.0264 5440 MSDTC - ok
23:31:25.0311 5440 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:31:25.0405 5440 Msfs - ok
23:31:25.0471 5440 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:31:25.0561 5440 mshidkmdf - ok
23:31:25.0603 5440 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:31:25.0638 5440 msisadrv - ok
23:31:25.0692 5440 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:31:25.0772 5440 MSiSCSI - ok
23:31:25.0776 5440 msiserver - ok
23:31:25.0823 5440 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:31:25.0877 5440 MSKSSRV - ok
23:31:25.0927 5440 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:31:25.0986 5440 MSPCLOCK - ok
23:31:26.0021 5440 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:31:26.0112 5440 MSPQM - ok
23:31:26.0186 5440 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:31:26.0214 5440 MsRPC - ok
23:31:26.0255 5440 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:31:26.0291 5440 mssmbios - ok
23:31:26.0337 5440 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:31:26.0436 5440 MSTEE - ok
23:31:26.0464 5440 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:31:26.0552 5440 MTConfig - ok
23:31:26.0610 5440 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
23:31:26.0643 5440 MTsensor - ok
23:31:26.0699 5440 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:31:26.0724 5440 Mup - ok
23:31:26.0786 5440 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:31:26.0850 5440 napagent - ok
23:31:26.0909 5440 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:31:26.0949 5440 NativeWifiP - ok
23:31:27.0114 5440 [ 89844C3D3A7AAE8999E229C88E452633 ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
23:31:27.0282 5440 NBService ( UnsignedFile.Multi.Generic ) - warning
23:31:27.0282 5440 NBService - detected UnsignedFile.Multi.Generic (1)
23:31:27.0425 5440 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:31:27.0485 5440 NDIS - ok
23:31:27.0524 5440 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:31:27.0611 5440 NdisCap - ok
23:31:27.0687 5440 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:31:27.0762 5440 NdisTapi - ok
23:31:27.0933 5440 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:31:28.0045 5440 Ndisuio - ok
23:31:28.0072 5440 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:31:28.0159 5440 NdisWan - ok
23:31:28.0179 5440 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:31:28.0236 5440 NDProxy - ok
23:31:28.0309 5440 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
23:31:28.0430 5440 Netaapl - ok
23:31:28.0479 5440 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:31:28.0571 5440 NetBIOS - ok
23:31:28.0619 5440 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:31:28.0705 5440 NetBT - ok
23:31:28.0732 5440 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:31:28.0752 5440 Netlogon - ok
23:31:28.0812 5440 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:31:28.0964 5440 Netman - ok
23:31:29.0044 5440 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:31:29.0179 5440 netprofm - ok
23:31:29.0210 5440 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:31:29.0234 5440 NetTcpPortSharing - ok
23:31:29.0276 5440 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:31:29.0302 5440 nfrd960 - ok
23:31:29.0414 5440 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:31:29.0471 5440 NlaSvc - ok
23:31:29.0616 5440 [ 8DD0CDB0C700992D10169D8769EF5F43 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
23:31:29.0713 5440 NMIndexingService ( UnsignedFile.Multi.Generic ) - warning
23:31:29.0713 5440 NMIndexingService - detected UnsignedFile.Multi.Generic (1)
23:31:29.0740 5440 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:31:29.0813 5440 Npfs - ok
23:31:29.0858 5440 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:31:29.0935 5440 nsi - ok
23:31:29.0948 5440 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:31:30.0069 5440 nsiproxy - ok
23:31:30.0288 5440 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:31:30.0384 5440 Ntfs - ok
23:31:30.0412 5440 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:31:30.0572 5440 Null - ok
23:31:32.0028 5440 [ CE62DFD25E51C471517642405ADDC8BB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:31:32.0542 5440 nvlddmkm - ok
23:31:32.0596 5440 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:31:32.0639 5440 nvraid - ok
23:31:32.0671 5440 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:31:32.0727 5440 nvstor - ok
23:31:32.0828 5440 [ 8B73D0A86BF104A884B3F1DCBFE94126 ] nvsvc C:\Windows\system32\nvvsvc.exe
23:31:33.0005 5440 nvsvc - ok
23:31:33.0299 5440 [ FE29D829BC0044FE699EDC997BB1FE72 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
23:31:33.0396 5440 nvUpdatusService - ok
23:31:33.0434 5440 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:31:33.0492 5440 nv_agp - ok
23:31:33.0631 5440 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:31:33.0737 5440 odserv - ok
23:31:33.0772 5440 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:31:33.0830 5440 ohci1394 - ok
23:31:33.0908 5440 [ E11F15C7F014452944A9901FFC98722A ] ONDAusbmdm6k C:\Windows\system32\DRIVERS\ONDAusbmdm6k.sys
23:31:33.0998 5440 ONDAusbmdm6k - ok
23:31:34.0077 5440 [ FDC588D1BC3E46649267E54FF2985F18 ] ONDAusbnet C:\Windows\system32\DRIVERS\ONDAusbnet.sys
23:31:34.0199 5440 ONDAusbnet - ok
23:31:34.0253 5440 [ E11F15C7F014452944A9901FFC98722A ] ONDAusbnmea C:\Windows\system32\DRIVERS\ONDAusbnmea.sys
23:31:34.0289 5440 ONDAusbnmea - ok
23:31:34.0320 5440 [ E11F15C7F014452944A9901FFC98722A ] ONDAusbser6k C:\Windows\system32\DRIVERS\ONDAusbser6k.sys
23:31:34.0356 5440 ONDAusbser6k - ok
23:31:34.0407 5440 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:31:34.0431 5440 ose - ok
23:31:34.0513 5440 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:31:34.0571 5440 p2pimsvc - ok
23:31:34.0692 5440 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:31:34.0750 5440 p2psvc - ok
23:31:34.0776 5440 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:31:34.0809 5440 Parport - ok
23:31:34.0849 5440 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:31:34.0865 5440 partmgr - ok
23:31:34.0901 5440 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:31:34.0925 5440 PcaSvc - ok
23:31:34.0943 5440 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:31:34.0965 5440 pci - ok
23:31:35.0008 5440 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:31:35.0032 5440 pciide - ok
23:31:35.0064 5440 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:31:35.0112 5440 pcmcia - ok
23:31:35.0148 5440 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:31:35.0169 5440 pcw - ok
23:31:35.0208 5440 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:31:35.0372 5440 PEAUTH - ok
23:31:35.0480 5440 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:31:35.0616 5440 PeerDistSvc - ok
23:31:36.0284 5440 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:31:36.0351 5440 PerfHost - ok
23:31:36.0539 5440 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:31:36.0718 5440 pla - ok
23:31:36.0790 5440 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:31:36.0885 5440 PlugPlay - ok
23:31:36.0936 5440 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:31:36.0975 5440 PNRPAutoReg - ok
23:31:37.0021 5440 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:31:37.0043 5440 PNRPsvc - ok
23:31:37.0078 5440 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:31:37.0160 5440 PolicyAgent - ok
23:31:37.0204 5440 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:31:37.0261 5440 Power - ok
23:31:37.0303 5440 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:31:37.0376 5440 PptpMiniport - ok
23:31:37.0435 5440 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:31:37.0533 5440 Processor - ok
23:31:37.0581 5440 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:31:37.0707 5440 ProfSvc - ok
23:31:37.0723 5440 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:31:37.0748 5440 ProtectedStorage - ok
23:31:37.0806 5440 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:31:37.0887 5440 Psched - ok
23:31:38.0038 5440 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:31:38.0136 5440 ql2300 - ok
23:31:38.0168 5440 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:31:38.0193 5440 ql40xx - ok
23:31:38.0232 5440 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:31:38.0262 5440 QWAVE - ok
23:31:38.0290 5440 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:31:38.0322 5440 QWAVEdrv - ok
23:31:38.0350 5440 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:31:38.0445 5440 RasAcd - ok
23:31:38.0518 5440 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:31:38.0590 5440 RasAgileVpn - ok
23:31:38.0671 5440 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:31:38.0769 5440 RasAuto - ok
23:31:38.0825 5440 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:31:38.0924 5440 Rasl2tp - ok
23:31:39.0028 5440 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:31:39.0113 5440 RasMan - ok
23:31:39.0217 5440 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:31:39.0290 5440 RasPppoe - ok
23:31:39.0337 5440 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:31:39.0402 5440 RasSstp - ok
23:31:39.0456 5440 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:31:39.0548 5440 rdbss - ok
23:31:39.0582 5440 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:31:39.0750 5440 rdpbus - ok
23:31:39.0824 5440 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:31:39.0918 5440 RDPCDD - ok
23:31:40.0035 5440 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:31:40.0159 5440 RDPDR - ok
23:31:40.0199 5440 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:31:40.0362 5440 RDPENCDD - ok
23:31:40.0466 5440 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:31:40.0546 5440 RDPREFMP - ok
23:31:40.0578 5440 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:31:40.0645 5440 RDPWD - ok
23:31:40.0756 5440 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:31:40.0787 5440 rdyboost - ok
23:31:40.0924 5440 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:31:41.0011 5440 RemoteAccess - ok
23:31:41.0089 5440 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:31:41.0212 5440 RemoteRegistry - ok
23:31:41.0230 5440 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:31:41.0315 5440 RpcEptMapper - ok
23:31:41.0389 5440 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:31:41.0475 5440 RpcLocator - ok
23:31:41.0557 5440 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
23:31:41.0677 5440 RpcSs - ok
23:31:41.0730 5440 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:31:41.0845 5440 rspndr - ok
23:31:41.0879 5440 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:31:41.0940 5440 s3cap - ok
23:31:41.0971 5440 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:31:41.0991 5440 SamSs - ok
23:31:42.0056 5440 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:31:42.0075 5440 sbp2port - ok
23:31:42.0104 5440 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:31:42.0190 5440 SCardSvr - ok
23:31:42.0216 5440 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:31:42.0278 5440 scfilter - ok
23:31:42.0430 5440 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:31:42.0636 5440 Schedule - ok
23:31:42.0699 5440 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:31:42.0796 5440 SCPolicySvc - ok
23:31:42.0867 5440 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
23:31:42.0939 5440 sdbus - ok
23:31:43.0001 5440 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:31:43.0107 5440 SDRSVC - ok
23:31:43.0199 5440 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:31:43.0323 5440 secdrv - ok
23:31:43.0352 5440 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:31:43.0475 5440 seclogon - ok
23:31:43.0514 5440 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
23:31:43.0609 5440 SENS - ok
23:31:43.0633 5440 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:31:43.0689 5440 SensrSvc - ok
23:31:43.0711 5440 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:31:43.0815 5440 Serenum - ok
23:31:43.0934 5440 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:31:44.0068 5440 Serial - ok
23:31:44.0137 5440 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:31:44.0236 5440 sermouse - ok
23:31:44.0282 5440 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:31:44.0369 5440 SessionEnv - ok
23:31:44.0428 5440 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:31:44.0503 5440 sffdisk - ok
23:31:44.0534 5440 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:31:44.0648 5440 sffp_mmc - ok
23:31:44.0733 5440 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:31:44.0836 5440 sffp_sd - ok
23:31:44.0904 5440 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:31:44.0989 5440 sfloppy - ok
23:31:45.0250 5440 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:31:45.0347 5440 SharedAccess - ok
23:31:45.0428 5440 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:31:45.0530 5440 ShellHWDetection - ok
23:31:45.0620 5440 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
23:31:45.0713 5440 SiSGbeLH - ok
23:31:45.0786 5440 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:31:45.0836 5440 SiSRaid2 - ok
23:31:45.0900 5440 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:31:45.0958 5440 SiSRaid4 - ok
23:31:46.0060 5440 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:31:46.0160 5440 SkypeUpdate - ok
23:31:46.0188 5440 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:31:46.0315 5440 Smb - ok
23:31:46.0386 5440 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:31:46.0433 5440 SNMPTRAP - ok
23:31:46.0718 5440 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
23:31:46.0843 5440 SNP2UVC - ok
23:31:46.0888 5440 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:31:46.0924 5440 spldr - ok
23:31:47.0000 5440 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:31:47.0102 5440 Spooler - ok
23:31:47.0357 5440 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:31:47.0503 5440 sppsvc - ok
23:31:47.0558 5440 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:31:47.0652 5440 sppuinotify - ok
23:31:48.0010 5440 [ 1ED3834B42CD6ED09ACA29739EE55DC0 ] SProtection C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
23:31:48.0136 5440 SProtection - ok
23:31:48.0203 5440 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:31:48.0272 5440 srv - ok
23:31:48.0345 5440 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:31:48.0415 5440 srv2 - ok
23:31:48.0439 5440 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:31:48.0506 5440 srvnet - ok
23:31:48.0557 5440 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:31:48.0660 5440 SSDPSRV - ok
23:31:48.0696 5440 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:31:48.0761 5440 SstpSvc - ok
23:31:48.0830 5440 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:31:48.0871 5440 stexstor - ok
23:31:48.0937 5440 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:31:49.0050 5440 stisvc - ok
23:31:49.0091 5440 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:31:49.0143 5440 storflt - ok
23:31:49.0206 5440 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
23:31:49.0280 5440 StorSvc - ok
23:31:49.0322 5440 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:31:49.0346 5440 storvsc - ok
23:31:49.0393 5440 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:31:49.0413 5440 swenum - ok
23:31:49.0662 5440 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:31:49.0745 5440 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
23:31:49.0745 5440 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
23:31:49.0836 5440 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:31:49.0926 5440 swprv - ok
23:31:50.0062 5440 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:31:50.0179 5440 SysMain - ok
23:31:50.0222 5440 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:31:50.0256 5440 TabletInputService - ok
23:31:50.0412 5440 [ B70DF208E97536CA9F29289E609F5B16 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
23:31:50.0458 5440 taphss - ok
23:31:50.0527 5440 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:31:50.0717 5440 TapiSrv - ok
23:31:50.0764 5440 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:31:50.0832 5440 TBS - ok
23:31:51.0039 5440 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:31:51.0200 5440 Tcpip - ok
23:31:51.0403 5440 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:31:51.0501 5440 TCPIP6 - ok
23:31:51.0542 5440 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:31:51.0673 5440 tcpipreg - ok
23:31:51.0742 5440 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:31:51.0845 5440 TDPIPE - ok
23:31:51.0901 5440 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:31:51.0954 5440 TDTCP - ok
23:31:52.0011 5440 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:31:52.0071 5440 tdx - ok
23:31:52.0164 5440 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:31:52.0192 5440 TermDD - ok
23:31:52.0283 5440 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:31:52.0452 5440 TermService - ok
23:31:52.0537 5440 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:31:52.0629 5440 Themes - ok
23:31:52.0682 5440 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:31:52.0742 5440 THREADORDER - ok
23:31:52.0821 5440 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:31:52.0942 5440 TrkWks - ok
23:31:53.0017 5440 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:31:53.0193 5440 TrustedInstaller - ok
23:31:53.0263 5440 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:31:53.0342 5440 tssecsrv - ok
23:31:53.0403 5440 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:31:53.0491 5440 TsUsbFlt - ok
23:31:53.0593 5440 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:31:53.0797 5440 tunnel - ok
23:31:53.0881 5440 [ C45A3E051C65106A28982CAED125F855 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
23:31:53.0907 5440 TurboB - ok
23:31:54.0087 5440 [ BAEF86EBEAECE76573FA822DEA256F6C ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
23:31:54.0119 5440 TurboBoost - ok
23:31:54.0200 5440 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:31:54.0241 5440 uagp35 - ok
23:31:54.0356 5440 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:31:54.0447 5440 udfs - ok
23:31:54.0544 5440 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:31:54.0622 5440 UI0Detect - ok
23:31:54.0799 5440 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:31:54.0833 5440 uliagpkx - ok
23:31:54.0882 5440 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
23:31:54.0956 5440 umbus - ok
23:31:55.0003 5440 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:31:55.0077 5440 UmPass - ok
23:31:55.0154 5440 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
23:31:55.0222 5440 UmRdpService - ok
23:31:55.0700 5440 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:31:55.0805 5440 UNS ( UnsignedFile.Multi.Generic ) - warning
23:31:55.0806 5440 UNS - detected UnsignedFile.Multi.Generic (1)
23:31:55.0873 5440 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:31:55.0957 5440 upnphost - ok
23:31:56.0012 5440 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:31:56.0061 5440 USBAAPL64 - ok
23:31:56.0124 5440 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:31:56.0218 5440 usbccgp - ok
23:31:56.0302 5440 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:31:56.0335 5440 usbcir - ok
23:31:56.0375 5440 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:31:56.0441 5440 usbehci - ok
23:31:56.0537 5440 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:31:56.0703 5440 usbhub - ok
23:31:56.0755 5440 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:31:56.0797 5440 usbohci - ok
23:31:56.0853 5440 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:31:56.0942 5440 usbprint - ok
23:31:57.0015 5440 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:31:57.0056 5440 usbscan - ok
23:31:57.0147 5440 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
23:31:57.0226 5440 USBSTOR - ok
23:31:57.0290 5440 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:31:57.0402 5440 usbuhci - ok
23:31:57.0529 5440 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:31:57.0635 5440 usbvideo - ok
23:31:57.0719 5440 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:31:57.0804 5440 UxSms - ok
23:31:57.0840 5440 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:31:57.0912 5440 VaultSvc - ok
23:31:58.0005 5440 [ B996117F6202464A56901CBC13999FE2 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
23:31:58.0044 5440 VBoxNetAdp - ok
23:31:58.0062 5440 VBoxNetFlt - ok
23:31:58.0104 5440 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:31:58.0124 5440 vdrvroot - ok
23:31:58.0263 5440 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:31:58.0391 5440 vds - ok
23:31:58.0442 5440 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:31:58.0501 5440 vga - ok
23:31:58.0559 5440 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:31:58.0702 5440 VgaSave - ok
23:31:58.0812 5440 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:31:58.0868 5440 vhdmp - ok
23:31:58.0922 5440 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:31:59.0001 5440 viaide - ok
23:31:59.0270 5440 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:31:59.0310 5440 vmbus - ok
23:31:59.0423 5440 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:31:59.0488 5440 VMBusHID - ok
23:31:59.0547 5440 [ 8E06CA41344B90BF60701CA61515C3C4 ] vodafone_K3805-z_cdc_acm C:\Windows\system32\DRIVERS\vodafone_K3805-z_cdc_acm.sys
23:31:59.0671 5440 vodafone_K3805-z_cdc_acm - ok
23:31:59.0798 5440 [ EC1DF5164B659C59EA796843A9D290DD ] vodafone_K3805-z_cdc_ecm C:\Windows\system32\DRIVERS\vodafone_K3805-z_cdc_ecm.sys
23:31:59.0866 5440 vodafone_K3805-z_cdc_ecm - ok
23:31:59.0928 5440 [ CBEAE8F0FE727386DA202E67B3760294 ] vodafone_K3805-z_cpo C:\Windows\system32\DRIVERS\vodafone_K3805-z_cpo.sys
23:32:00.0021 5440 vodafone_K3805-z_cpo - ok
23:32:00.0056 5440 [ 1E4D31FEC921300C5F262C52F5FCC666 ] vodafone_K3805-z_dc_enum C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
23:32:00.0121 5440 vodafone_K3805-z_dc_enum - ok
23:32:00.0169 5440 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:32:00.0198 5440 volmgr - ok
23:32:00.0283 5440 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:32:00.0365 5440 volmgrx - ok
23:32:00.0422 5440 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:32:00.0464 5440 volsnap - ok
23:32:00.0542 5440 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:32:00.0575 5440 vsmraid - ok
23:32:00.0800 5440 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:32:00.0978 5440 VSS - ok
23:32:01.0022 5440 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:32:01.0243 5440 vwifibus - ok
23:32:01.0297 5440 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:32:01.0368 5440 vwififlt - ok
23:32:01.0411 5440 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:32:01.0477 5440 vwifimp - ok
23:32:01.0535 5440 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:32:01.0654 5440 W32Time - ok
23:32:01.0689 5440 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:32:01.0766 5440 WacomPen - ok
23:32:01.0844 5440 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:32:01.0942 5440 WANARP - ok
23:32:02.0017 5440 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:32:02.0109 5440 Wanarpv6 - ok
23:32:02.0432 5440 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:32:02.0531 5440 WatAdminSvc - ok
23:32:02.0741 5440 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:32:02.0866 5440 wbengine - ok
23:32:02.0908 5440 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:32:02.0954 5440 WbioSrvc - ok
23:32:03.0003 5440 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:32:03.0108 5440 wcncsvc - ok
23:32:03.0137 5440 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:32:03.0230 5440 WcsPlugInService - ok
23:32:03.0321 5440 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:32:03.0353 5440 Wd - ok
23:32:03.0435 5440 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
23:32:03.0463 5440 WDC_SAM - ok
23:32:03.0618 5440 [ E6050FE6B60FA91188B8ABDB5B1E339F ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
23:32:03.0787 5440 WDDMService ( UnsignedFile.Multi.Generic ) - warning
23:32:03.0788 5440 WDDMService - detected UnsignedFile.Multi.Generic (1)
23:32:03.0869 5440 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:32:03.0978 5440 Wdf01000 - ok
23:32:04.0299 5440 [ B83D5071B32A70BEBDB3330BFA7ACB80 ] WDFME C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
23:32:04.0421 5440 WDFME - ok
23:32:04.0444 5440 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:32:04.0521 5440 WdiServiceHost - ok
23:32:04.0526 5440 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:32:04.0577 5440 WdiSystemHost - ok
23:32:04.0649 5440 [ 517DE2C5568CBA6B2A24A557AC60C30B ] WDSC C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
23:32:04.0721 5440 WDSC - ok
23:32:04.0815 5440 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:32:04.0878 5440 WebClient - ok
23:32:04.0927 5440 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:32:05.0025 5440 Wecsvc - ok
23:32:05.0065 5440 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:32:05.0204 5440 wercplsupport - ok
23:32:05.0251 5440 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:32:05.0348 5440 WerSvc - ok
23:32:05.0402 5440 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:32:05.0481 5440 WfpLwf - ok
23:32:05.0546 5440 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
23:32:05.0581 5440 WimFltr - ok
23:32:05.0619 5440 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:32:05.0649 5440 WIMMount - ok
23:32:05.0761 5440 WinDefend - ok
23:32:05.0768 5440 WinHttpAutoProxySvc - ok
23:32:05.0891 5440 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:32:06.0027 5440 Winmgmt - ok
23:32:06.0225 5440 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:32:06.0359 5440 WinRM - ok
23:32:06.0529 5440 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:32:06.0591 5440 WinUsb - ok
23:32:06.0738 5440 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:32:06.0826 5440 Wlansvc - ok
23:32:06.0862 5440 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:32:06.0914 5440 WmiAcpi - ok
23:32:06.0983 5440 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:32:07.0036 5440 wmiApSrv - ok
23:32:07.0155 5440 WMPNetworkSvc - ok
23:32:07.0187 5440 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:32:07.0252 5440 WPCSvc - ok
23:32:07.0303 5440 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:32:07.0335 5440 WPDBusEnum - ok
23:32:07.0369 5440 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:32:07.0449 5440 ws2ifsl - ok
23:32:07.0629 5440 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudioDevice_383S(1) C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys
23:32:07.0651 5440 WsAudioDevice_383S(1) - ok
23:32:07.0860 5440 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
23:32:07.0904 5440 wscsvc - ok
23:32:07.0910 5440 WSearch - ok
23:32:08.0239 5440 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:32:08.0314 5440 wuauserv - ok
23:32:08.0359 5440 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:32:08.0428 5440 WudfPf - ok
23:32:08.0500 5440 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:32:08.0659 5440 WUDFRd - ok
23:32:08.0715 5440 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:32:08.0805 5440 wudfsvc - ok
23:32:08.0894 5440 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:32:09.0026 5440 WwanSvc - ok
23:32:09.0161 5440 ================ Scan global ===============================
23:32:09.0187 5440 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:32:09.0288 5440 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:32:09.0306 5440 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:32:09.0327 5440 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:32:09.0501 5440 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:32:09.0514 5440 [Global] - ok
23:32:09.0514 5440 ================ Scan MBR ==================================
23:32:09.0557 5440 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:32:13.0657 5440 \Device\Harddisk0\DR0 - ok
23:32:13.0965 5440 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
23:32:14.0146 5440 \Device\Harddisk1\DR1 - ok
23:32:14.0147 5440 ================ Scan VBR ==================================
23:32:14.0173 5440 [ 3AAB2384AFD6E9AEB91412C92B4B8242 ] \Device\Harddisk0\DR0\Partition1
23:32:14.0178 5440 \Device\Harddisk0\DR0\Partition1 - ok
23:32:14.0257 5440 [ 63CBE200590ECF27ADAD2F7409925CDF ] \Device\Harddisk0\DR0\Partition2
23:32:14.0261 5440 \Device\Harddisk0\DR0\Partition2 - ok
23:32:14.0264 5440 [ E164AB8671C941BE3D308AA6E0E547D4 ] \Device\Harddisk1\DR1\Partition1
23:32:14.0268 5440 \Device\Harddisk1\DR1\Partition1 - ok
23:32:14.0271 5440 ================ Scan active images ========================
23:32:14.0273 5440 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
23:32:14.0273 5440 C:\Windows\System32\drivers\crashdmp.sys - ok
23:32:14.0276 5440 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
23:32:14.0276 5440 C:\Windows\System32\drivers\dumpfve.sys - ok
23:32:14.0282 5440 [ ABBF174CB394F5C437410A788B7E404A ] C:\Windows\System32\drivers\iaStor.sys
23:32:14.0282 5440 C:\Windows\System32\drivers\iaStor.sys - ok
23:32:14.0285 5440 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
23:32:14.0285 5440 C:\Windows\System32\drivers\cdrom.sys - ok
23:32:14.0292 5440 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] C:\Windows\System32\drivers\aswSnx.sys
23:32:14.0292 5440 C:\Windows\System32\drivers\aswSnx.sys - ok
23:32:14.0295 5440 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
23:32:14.0295 5440 C:\Windows\System32\drivers\null.sys - ok
23:32:14.0299 5440 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
23:32:14.0299 5440 C:\Windows\System32\drivers\beep.sys - ok
23:32:14.0307 5440 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
23:32:14.0307 5440 C:\Windows\System32\drivers\vga.sys - ok
23:32:14.0310 5440 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
23:32:14.0310 5440 C:\Windows\System32\drivers\videoprt.sys - ok
23:32:14.0313 5440 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
23:32:14.0313 5440 C:\Windows\System32\drivers\watchdog.sys - ok
23:32:14.0318 5440 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
23:32:14.0318 5440 C:\Windows\System32\drivers\RDPCDD.sys - ok
23:32:14.0323 5440 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
23:32:14.0323 5440 C:\Windows\System32\drivers\RDPENCDD.sys - ok
23:32:14.0326 5440 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
23:32:14.0326 5440 C:\Windows\System32\drivers\RDPREFMP.sys - ok
23:32:14.0329 5440 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
23:32:14.0329 5440 C:\Windows\System32\drivers\msfs.sys - ok
23:32:14.0333 5440 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
23:32:14.0333 5440 C:\Windows\System32\drivers\npfs.sys - ok
23:32:14.0337 5440 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
23:32:14.0337 5440 C:\Windows\System32\drivers\tdi.sys - ok
23:32:14.0342 5440 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
23:32:14.0342 5440 C:\Windows\System32\drivers\tdx.sys - ok
23:32:14.0345 5440 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
23:32:14.0345 5440 C:\Windows\System32\drivers\afd.sys - ok
23:32:14.0349 5440 [ C3EC420451AC5300A22190AE38418FBA ] C:\Windows\System32\drivers\aswTdi.sys
23:32:14.0349 5440 C:\Windows\System32\drivers\aswTdi.sys - ok
23:32:14.0353 5440 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] C:\Windows\System32\drivers\aswRdr2.sys
23:32:14.0353 5440 C:\Windows\System32\drivers\aswRdr2.sys - ok
23:32:14.0359 5440 [ 9F98D7AFA293947A0DFC6FFD4671FE70 ] C:\Windows\System32\drivers\dtsoftbus01.sys
23:32:14.0359 5440 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
23:32:14.0361 5440 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
23:32:14.0361 5440 C:\Windows\System32\drivers\netbios.sys - ok
23:32:14.0365 5440 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
23:32:14.0365 5440 C:\Windows\System32\drivers\netbt.sys - ok
23:32:14.0369 5440 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
23:32:14.0369 5440 C:\Windows\System32\drivers\pacer.sys - ok
23:32:14.0372 5440 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
23:32:14.0372 5440 C:\Windows\System32\drivers\vwififlt.sys - ok
23:32:14.0376 5440 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
23:32:14.0376 5440 C:\Windows\System32\drivers\wfplwf.sys - ok
23:32:14.0379 5440 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
23:32:14.0379 5440 C:\Windows\System32\drivers\ws2ifsl.sys - ok
23:32:14.0382 5440 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
23:32:14.0382 5440 C:\Windows\System32\drivers\rdbss.sys - ok
23:32:14.0386 5440 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
23:32:14.0386 5440 C:\Windows\System32\drivers\termdd.sys - ok
23:32:14.0390 5440 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
23:32:14.0390 5440 C:\Windows\System32\drivers\wanarp.sys - ok
23:32:14.0394 5440 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
23:32:14.0394 5440 C:\Windows\System32\drivers\csc.sys - ok
23:32:14.0397 5440 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
23:32:14.0398 5440 C:\Windows\System32\drivers\dfsc.sys - ok
23:32:14.0401 5440 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
23:32:14.0401 5440 C:\Windows\System32\drivers\discache.sys - ok
23:32:14.0405 5440 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
23:32:14.0405 5440 C:\Windows\System32\drivers\mssmbios.sys - ok
23:32:14.0409 5440 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
23:32:14.0409 5440 C:\Windows\System32\drivers\nsiproxy.sys - ok
23:32:14.0412 5440 [ 9A49D80D65451AF22913AEF772CC3DA9 ] C:\Windows\System32\drivers\aswSP.sys
23:32:14.0412 5440 C:\Windows\System32\drivers\aswSP.sys - ok
23:32:14.0416 5440 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
23:32:14.0416 5440 C:\Windows\System32\drivers\blbdrive.sys - ok
23:32:14.0420 5440 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
23:32:14.0420 5440 C:\Windows\System32\drivers\tunnel.sys - ok
23:32:14.0423 5440 [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
23:32:14.0423 5440 C:\Windows\System32\smss.exe - ok
23:32:14.0427 5440 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
23:32:14.0427 5440 C:\Windows\System32\ntdll.dll - ok
23:32:14.0430 5440 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
23:32:14.0430 5440 C:\Windows\System32\autochk.exe - ok
23:32:14.0433 5440 [ F4F91789C7C7A159CE8215C1F69F2A85 ] C:\Windows\System32\drivers\igdkmd64.sys
23:32:14.0434 5440 C:\Windows\System32\drivers\igdkmd64.sys - ok
23:32:14.0437 5440 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
23:32:14.0437 5440 C:\Windows\System32\drivers\dxgkrnl.sys - ok
23:32:14.0440 5440 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
23:32:14.0440 5440 C:\Windows\System32\drivers\dxgmms1.sys - ok
23:32:14.0444 5440 [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
23:32:14.0444 5440 C:\Windows\System32\drivers\HECIx64.sys - ok
23:32:14.0447 5440 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
23:32:14.0447 5440 C:\Windows\System32\drivers\usbport.sys - ok
23:32:14.0451 5440 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
23:32:14.0451 5440 C:\Windows\System32\drivers\hdaudbus.sys - ok
23:32:14.0454 5440 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
23:32:14.0454 5440 C:\Windows\System32\drivers\usbehci.sys - ok
23:32:14.0458 5440 [ F8633CDD09647A64EE8DB550630427FF ] C:\Windows\System32\drivers\athrx.sys
23:32:14.0458 5440 C:\Windows\System32\drivers\athrx.sys - ok
23:32:14.0461 5440 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
23:32:14.0461 5440 C:\Windows\System32\drivers\vwifibus.sys - ok
23:32:14.0464 5440 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
23:32:14.0464 5440 C:\Windows\System32\drivers\i8042prt.sys - ok
23:32:14.0468 5440 [ DB917B998CBC15A153C00DD6EFC34C13 ] C:\Windows\System32\drivers\jmcr.sys
23:32:14.0468 5440 C:\Windows\System32\drivers\jmcr.sys - ok
23:32:14.0470 5440 [ DE4B2249D95C7815D06A39EA5FF4EE53 ] C:\Windows\System32\drivers\JME.sys
23:32:14.0470 5440 C:\Windows\System32\drivers\JME.sys - ok
23:32:14.0474 5440 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
23:32:14.0474 5440 C:\Windows\System32\drivers\scsiport.sys - ok
23:32:14.0477 5440 [ 06C94BE9D9E1E6411429433A64A76936 ] C:\Windows\System32\drivers\ETD.sys
23:32:14.0477 5440 C:\Windows\System32\drivers\ETD.sys - ok
23:32:14.0480 5440 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
23:32:14.0480 5440 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
23:32:14.0484 5440 [ DD587A55390ED2295BCE6D36AD567DA9 ] C:\Windows\System32\drivers\Impcd.sys
23:32:14.0484 5440 C:\Windows\System32\drivers\Impcd.sys - ok
23:32:14.0488 5440 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
23:32:14.0488 5440 C:\Windows\System32\drivers\kbdclass.sys - ok
23:32:14.0491 5440 [ E63EF8C3271D014F14E2469CE75FECB4 ] C:\Windows\System32\drivers\kbfiltr.sys
23:32:14.0491 5440 C:\Windows\System32\drivers\kbfiltr.sys - ok
23:32:14.0494 5440 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
23:32:14.0494 5440 C:\Windows\System32\drivers\mouclass.sys - ok
23:32:14.0498 5440 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
23:32:14.0499 5440 C:\Windows\System32\drivers\CmBatt.sys - ok
23:32:14.0502 5440 [ 032D35C996F21D19A205A7C8F0B76F3C ] C:\Windows\System32\drivers\ATK64AMD.sys
23:32:14.0503 5440 C:\Windows\System32\drivers\ATK64AMD.sys - ok
23:32:14.0507 5440 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
23:32:14.0507 5440 C:\Windows\System32\drivers\CompositeBus.sys - ok
23:32:14.0511 5440 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
23:32:14.0511 5440 C:\Windows\System32\drivers\drmk.sys - ok
23:32:14.0515 5440 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
23:32:14.0515 5440 C:\Windows\System32\drivers\intelppm.sys - ok
23:32:14.0519 5440 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
23:32:14.0519 5440 C:\Windows\System32\drivers\ks.sys - ok
23:32:14.0523 5440 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
23:32:14.0523 5440 C:\Windows\System32\drivers\ksthunk.sys - ok
23:32:14.0527 5440 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
23:32:14.0527 5440 C:\Windows\System32\drivers\portcls.sys - ok
23:32:14.0531 5440 [ AD12F5C7251BB8D575D560894E73CBBA ] C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys
23:32:14.0531 5440 C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys - ok
23:32:14.0534 5440 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
23:32:14.0534 5440 C:\Windows\System32\drivers\agilevpn.sys - ok
23:32:14.0538 5440 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
23:32:14.0538 5440 C:\Windows\System32\drivers\ndistapi.sys - ok
23:32:14.0542 5440 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
23:32:14.0542 5440 C:\Windows\System32\drivers\ndiswan.sys - ok
23:32:14.0545 5440 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
23:32:14.0545 5440 C:\Windows\System32\drivers\rasl2tp.sys - ok
23:32:14.0549 5440 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
23:32:14.0549 5440 C:\Windows\System32\drivers\raspppoe.sys - ok
23:32:14.0553 5440 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
23:32:14.0553 5440 C:\Windows\System32\drivers\raspptp.sys - ok
23:32:14.0556 5440 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
23:32:14.0556 5440 C:\Windows\System32\drivers\rassstp.sys - ok
23:32:14.0560 5440 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
23:32:14.0560 5440 C:\Windows\System32\drivers\rdpbus.sys - ok
23:32:14.0563 5440 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
23:32:14.0563 5440 C:\Windows\System32\drivers\swenum.sys - ok
23:32:14.0567 5440 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
23:32:14.0567 5440 C:\Windows\System32\drivers\umbus.sys - ok
23:32:14.0571 5440 [ 1E4D31FEC921300C5F262C52F5FCC666 ] C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys
23:32:14.0571 5440 C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys - ok
23:32:14.0574 5440 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
23:32:14.0574 5440 C:\Windows\System32\drivers\usbhub.sys - ok
23:32:14.0578 5440 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
23:32:14.0578 5440 C:\Windows\System32\gdi32.dll - ok
23:32:14.0582 5440 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
23:32:14.0582 5440 C:\Windows\System32\rpcrt4.dll - ok
23:32:14.0587 5440 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
23:32:14.0587 5440 C:\Windows\System32\lpk.dll - ok
23:32:14.0591 5440 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
23:32:14.0591 5440 C:\Windows\System32\nsi.dll - ok
23:32:14.0595 5440 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
23:32:14.0595 5440 C:\Windows\System32\sechost.dll - ok
23:32:14.0598 5440 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
23:32:14.0598 5440 C:\Windows\System32\usp10.dll - ok
23:32:14.0601 5440 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
23:32:14.0601 5440 C:\Windows\System32\imm32.dll - ok
23:32:14.0606 5440 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
23:32:14.0606 5440 C:\Windows\System32\imagehlp.dll - ok
23:32:14.0610 5440 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
23:32:14.0610 5440 C:\Windows\System32\oleaut32.dll - ok
23:32:14.0614 5440 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
23:32:14.0614 5440 C:\Windows\System32\advapi32.dll - ok
23:32:14.0617 5440 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
23:32:14.0617 5440 C:\Windows\System32\shell32.dll - ok
23:32:14.0621 5440 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
23:32:14.0621 5440 C:\Windows\System32\drivers\ndproxy.sys - ok
23:32:14.0624 5440 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
23:32:14.0624 5440 C:\Windows\System32\user32.dll - ok
23:32:14.0627 5440 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
23:32:14.0627 5440 C:\Windows\System32\shlwapi.dll - ok
23:32:14.0631 5440 [ A4F6142CABA82FB7293ECE5FF864B440 ] C:\Windows\System32\wininet.dll
23:32:14.0631 5440 C:\Windows\System32\wininet.dll - ok
23:32:14.0634 5440 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
23:32:14.0634 5440 C:\Windows\System32\kernel32.dll - ok
23:32:14.0638 5440 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
23:32:14.0638 5440 C:\Windows\System32\normaliz.dll - ok
23:32:14.0641 5440 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
23:32:14.0641 5440 C:\Windows\System32\psapi.dll - ok
23:32:14.0644 5440 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
23:32:14.0644 5440 C:\Windows\System32\setupapi.dll - ok
23:32:14.0648 5440 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
23:32:14.0648 5440 C:\Windows\System32\Wldap32.dll - ok
23:32:14.0651 5440 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
23:32:14.0651 5440 C:\Windows\System32\comdlg32.dll - ok
23:32:14.0655 5440 [ D3A6792AED4841B4D055C7C80C815BB7 ] C:\Windows\System32\urlmon.dll
23:32:14.0655 5440 C:\Windows\System32\urlmon.dll - ok
23:32:14.0658 5440 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
23:32:14.0658 5440 C:\Windows\System32\msvcrt.dll - ok
23:32:14.0661 5440 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
23:32:14.0661 5440 C:\Windows\System32\ws2_32.dll - ok
23:32:14.0664 5440 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
23:32:14.0664 5440 C:\Windows\System32\ole32.dll - ok
23:32:14.0668 5440 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
23:32:14.0668 5440 C:\Windows\System32\clbcatq.dll - ok
23:32:14.0671 5440 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
23:32:14.0671 5440 C:\Windows\System32\difxapi.dll - ok
23:32:14.0675 5440 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
23:32:14.0675 5440 C:\Windows\System32\msctf.dll - ok
23:32:14.0678 5440 [ 8D4DEA45FCDF9FCFD9E31232A07E6EF9 ] C:\Windows\System32\iertutil.dll
23:32:14.0678 5440 C:\Windows\System32\iertutil.dll - ok
23:32:14.0682 5440 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
23:32:14.0682 5440 C:\Windows\System32\crypt32.dll - ok
23:32:14.0686 5440 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
23:32:14.0686 5440 C:\Windows\System32\wintrust.dll - ok
23:32:14.0690 5440 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
23:32:14.0690 5440 C:\Windows\System32\comctl32.dll - ok
23:32:14.0693 5440 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
23:32:14.0693 5440 C:\Windows\System32\cfgmgr32.dll - ok
23:32:14.0697 5440 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
23:32:14.0697 5440 C:\Windows\System32\devobj.dll - ok
23:32:14.0700 5440 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
23:32:14.0700 5440 C:\Windows\System32\KernelBase.dll - ok
23:32:14.0704 5440 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
23:32:14.0704 5440 C:\Windows\System32\msasn1.dll - ok
23:32:14.0708 5440 [ F7CA3ACCF5AA0E2182546C5BE42B2E96 ] C:\Windows\System32\drivers\CHDRT64.sys
23:32:14.0708 5440 C:\Windows\System32\drivers\CHDRT64.sys - ok
23:32:14.0712 5440 [ 58CF58DEE26C909BD6F977B61D246295 ] C:\Windows\System32\drivers\IntcDAud.sys
23:32:14.0712 5440 C:\Windows\System32\drivers\IntcDAud.sys - ok
23:32:14.0715 5440 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
23:32:14.0715 5440 C:\Windows\SysWOW64\normaliz.dll - ok
23:32:14.0719 5440 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
23:32:14.0719 5440 C:\Windows\System32\drivers\dxapi.sys - ok
23:32:14.0721 5440 [ 86F96630D28523F1C402C783F046DEF1 ] C:\Windows\System32\win32k.sys
23:32:14.0721 5440 C:\Windows\System32\win32k.sys - ok
23:32:14.0725 5440 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
23:32:14.0725 5440 C:\Windows\System32\csrss.exe - ok
23:32:14.0728 5440 [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
23:32:14.0728 5440 C:\Windows\System32\csrsrv.dll - ok
23:32:14.0731 5440 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
23:32:14.0731 5440 C:\Windows\System32\basesrv.dll - ok
23:32:14.0735 5440 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
23:32:14.0735 5440 C:\Windows\System32\winsrv.dll - ok
23:32:14.0740 5440 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
23:32:14.0740 5440 C:\Windows\System32\drivers\usbd.sys - ok
23:32:14.0743 5440 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
23:32:14.0743 5440 C:\Windows\System32\drivers\USBSTOR.SYS - ok
23:32:14.0746 5440 [ A3D04EBF5227886029B4532F20D026F7 ] C:\Windows\System32\drivers\wdcsam64.sys
23:32:14.0746 5440 C:\Windows\System32\drivers\wdcsam64.sys - ok
23:32:14.0750 5440 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
23:32:14.0750 5440 C:\Windows\System32\drivers\monitor.sys - ok
23:32:14.0754 5440 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
23:32:14.0754 5440 C:\Windows\System32\drivers\usbccgp.sys - ok
23:32:14.0757 5440 [ 001CC10FA5E71AE1119115E126C8750D ] C:\Windows\System32\drivers\stream.sys
23:32:14.0757 5440 C:\Windows\System32\drivers\stream.sys - ok
23:32:14.0760 5440 [ 19D8F6FF8344C47872BA351D04A190DD ] C:\Windows\System32\drivers\sncduvc.sys
23:32:14.0760 5440 C:\Windows\System32\drivers\sncduvc.sys - ok
23:32:14.0764 5440 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] C:\Windows\System32\drivers\snp2uvc.sys
23:32:14.0764 5440 C:\Windows\System32\drivers\snp2uvc.sys - ok
23:32:14.0768 5440 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
23:32:14.0768 5440 C:\Windows\System32\sxssrv.dll - ok
23:32:14.0772 5440 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
23:32:14.0772 5440 C:\Windows\System32\tsddd.dll - ok
23:32:14.0776 5440 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
23:32:14.0776 5440 C:\Windows\System32\wininit.exe - ok
23:32:14.0780 5440 [ 79983483BC764E2CAB1799793170F4FE ] C:\Windows\System32\KBDIT.DLL
23:32:14.0780 5440 C:\Windows\System32\KBDIT.DLL - ok
23:32:14.0783 5440 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
23:32:14.0783 5440 C:\Windows\System32\profapi.dll - ok
23:32:14.0787 5440 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
23:32:14.0787 5440 C:\Windows\System32\RpcRtRemote.dll - ok
23:32:14.0790 5440 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
23:32:14.0790 5440 C:\Windows\System32\cdd.dll - ok
23:32:14.0794 5440 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
23:32:14.0794 5440 C:\Windows\System32\KBDUS.DLL - ok
23:32:14.0797 5440 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
23:32:14.0797 5440 C:\Windows\System32\sxs.dll - ok
23:32:14.0800 5440 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
23:32:14.0800 5440 C:\Windows\System32\WlS0WndH.dll - ok
23:32:14.0804 5440 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
23:32:14.0804 5440 C:\Windows\System32\cryptbase.dll - ok
23:32:14.0808 5440 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
23:32:14.0808 5440 C:\Windows\System32\apphelp.dll - ok
23:32:14.0811 5440 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
23:32:14.0811 5440 C:\Windows\System32\lsass.exe - ok
23:32:14.0815 5440 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
23:32:14.0815 5440 C:\Windows\System32\lsm.exe - ok
23:32:14.0818 5440 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
23:32:14.0818 5440 C:\Windows\System32\services.exe - ok
23:32:14.0821 5440 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
23:32:14.0822 5440 C:\Windows\System32\lsasrv.dll - ok
23:32:14.0825 5440 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
23:32:14.0825 5440 C:\Windows\System32\scesrv.dll - ok
23:32:14.0829 5440 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
23:32:14.0829 5440 C:\Windows\System32\scext.dll - ok
23:32:14.0832 5440 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
23:32:14.0832 5440 C:\Windows\System32\secur32.dll - ok
23:32:14.0835 5440 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
23:32:14.0835 5440 C:\Windows\System32\sspicli.dll - ok
23:32:14.0839 5440 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
23:32:14.0839 5440 C:\Windows\System32\sspisrv.dll - ok
23:32:14.0842 5440 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
23:32:14.0842 5440 C:\Windows\System32\sysntfy.dll - ok
23:32:14.0846 5440 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
23:32:14.0846 5440 C:\Windows\System32\wmsgapi.dll - ok
23:32:14.0850 5440 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
23:32:14.0850 5440 C:\Windows\System32\samsrv.dll - ok
23:32:14.0854 5440 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
23:32:14.0854 5440 C:\Windows\System32\srvcli.dll - ok
23:32:14.0858 5440 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
23:32:14.0858 5440 C:\Windows\System32\cryptdll.dll - ok
23:32:14.0862 5440 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
23:32:14.0862 5440 C:\Windows\System32\wevtapi.dll - ok
23:32:14.0866 5440 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
23:32:14.0866 5440 C:\Windows\System32\winlogon.exe - ok
23:32:14.0869 5440 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
23:32:14.0869 5440 C:\Windows\System32\winsta.dll - ok
23:32:14.0874 5440 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
23:32:14.0874 5440 C:\Windows\System32\authz.dll - ok
23:32:14.0878 5440 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
23:32:14.0878 5440 C:\Windows\System32\cngaudit.dll - ok
23:32:14.0882 5440 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] C:\Windows\System32\drivers\TsUsbFlt.sys
23:32:14.0882 5440 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
23:32:14.0887 5440 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
23:32:14.0887 5440 C:\Windows\System32\ncrypt.dll - ok
23:32:14.0892 5440 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
23:32:14.0893 5440 C:\Windows\System32\bcrypt.dll - ok
23:32:14.0896 5440 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
23:32:14.0897 5440 C:\Windows\System32\msprivs.dll - ok
23:32:14.0900 5440 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
23:32:14.0901 5440 C:\Windows\System32\netjoin.dll - ok
23:32:14.0905 5440 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
23:32:14.0905 5440 C:\Windows\System32\negoexts.dll - ok
23:32:14.0909 5440 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
23:32:14.0910 5440 C:\Windows\System32\kerberos.dll - ok
23:32:14.0914 5440 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
23:32:14.0914 5440 C:\Windows\System32\cryptsp.dll - ok
23:32:14.0918 5440 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
23:32:14.0918 5440 C:\Windows\System32\mswsock.dll - ok
23:32:14.0922 5440 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
23:32:14.0922 5440 C:\Windows\System32\msv1_0.dll - ok
23:32:14.0926 5440 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
23:32:14.0926 5440 C:\Windows\System32\wship6.dll - ok
23:32:14.0930 5440 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
23:32:14.0930 5440 C:\Windows\System32\netlogon.dll - ok
23:32:14.0935 5440 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
23:32:14.0935 5440 C:\Windows\System32\atmfd.dll - ok
23:32:14.0940 5440 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
23:32:14.0940 5440 C:\Windows\System32\dnsapi.dll - ok
23:32:14.0943 5440 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
23:32:14.0943 5440 C:\Windows\System32\logoncli.dll - ok
23:32:14.0946 5440 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
23:32:14.0947 5440 C:\Windows\System32\schannel.dll - ok
23:32:14.0950 5440 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
23:32:14.0950 5440 C:\Windows\System32\wdigest.dll - ok
23:32:14.0954 5440 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
23:32:14.0954 5440 C:\Windows\System32\rsaenh.dll - ok
23:32:14.0957 5440 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
23:32:14.0957 5440 C:\Windows\System32\pku2u.dll - ok
23:32:14.0960 5440 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
23:32:14.0960 5440 C:\Windows\System32\TSpkg.dll - ok
23:32:14.0964 5440 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
23:32:14.0964 5440 C:\Windows\System32\bcryptprimitives.dll - ok
23:32:14.0969 5440 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
23:32:14.0969 5440 C:\Windows\System32\credssp.dll - ok
23:32:14.0971 5440 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
23:32:14.0971 5440 C:\Windows\System32\efslsaext.dll - ok
23:32:14.0975 5440 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
23:32:14.0975 5440 C:\Windows\System32\scecli.dll - ok
23:32:14.0978 5440 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
23:32:14.0979 5440 C:\Windows\System32\ubpm.dll - ok
23:32:14.0982 5440 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
23:32:14.0982 5440 C:\Windows\System32\svchost.exe - ok
23:32:14.0986 5440 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
23:32:14.0986 5440 C:\Windows\System32\SPInf.dll - ok
23:32:14.0990 5440 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
23:32:14.0990 5440 C:\Windows\System32\umpnpmgr.dll - ok
23:32:14.0993 5440 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
23:32:14.0993 5440 C:\Windows\System32\devrtl.dll - ok
23:32:14.0997 5440 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
23:32:14.0997 5440 C:\Windows\System32\gpapi.dll - ok
23:32:15.0000 5440 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
23:32:15.0000 5440 C:\Windows\System32\userenv.dll - ok
23:32:15.0004 5440 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
23:32:15.0004 5440 C:\Windows\System32\pcwum.dll - ok
23:32:15.0008 5440 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
23:32:15.0008 5440 C:\Windows\System32\umpo.dll - ok
23:32:15.0011 5440 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
23:32:15.0011 5440 C:\Windows\System32\powrprof.dll - ok
23:32:15.0014 5440 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
23:32:15.0014 5440 C:\Windows\System32\drivers\luafv.sys - ok
23:32:15.0018 5440 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] C:\Windows\System32\drivers\aswFsBlk.sys
23:32:15.0018 5440 C:\Windows\System32\drivers\aswFsBlk.sys - ok
23:32:15.0021 5440 [ AA9FDE3D630160B47DAB21BF8250111C ] C:\Windows\System32\drivers\aswMonFlt.sys
23:32:15.0021 5440 C:\Windows\System32\drivers\aswMonFlt.sys - ok
23:32:15.0025 5440 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
23:32:15.0025 5440 C:\Windows\System32\drivers\WUDFPf.sys - ok
23:32:15.0028 5440 [ 8B73D0A86BF104A884B3F1DCBFE94126 ] C:\Windows\System32\nvvsvc.exe
23:32:15.0028 5440 C:\Windows\System32\nvvsvc.exe - ok
23:32:15.0032 5440 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
23:32:15.0032 5440 C:\Windows\System32\rpcss.dll - ok
23:32:15.0035 5440 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
23:32:15.0036 5440 C:\Windows\System32\RpcEpMap.dll - ok
23:32:15.0039 5440 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
23:32:15.0039 5440 C:\Windows\System32\wshqos.dll - ok
23:32:15.0044 5440 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
23:32:15.0044 5440 C:\Windows\System32\WSHTCPIP.DLL - ok
23:32:15.0049 5440 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
23:32:15.0049 5440 C:\Windows\System32\FirewallAPI.dll - ok
23:32:15.0054 5440 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
23:32:15.0054 5440 C:\Windows\System32\LogonUI.exe - ok
23:32:15.0058 5440 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
23:32:15.0058 5440 C:\Windows\System32\version.dll - ok
23:32:15.0062 5440 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
23:32:15.0062 5440 C:\Windows\System32\wevtsvc.dll - ok
23:32:15.0065 5440 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
23:32:15.0065 5440 C:\Windows\System32\authui.dll - ok
23:32:15.0068 5440 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
23:32:15.0069 5440 C:\Windows\System32\cryptui.dll - ok
23:32:15.0073 5440 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
23:32:15.0073 5440 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
23:32:15.0077 5440 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
23:32:15.0077 5440 C:\Windows\System32\audiosrv.dll - ok
23:32:15.0080 5440 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
23:32:15.0080 5440 C:\Windows\System32\netprofm.dll - ok
23:32:15.0084 5440 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
23:32:15.0084 5440 C:\Windows\System32\avrt.dll - ok
23:32:15.0087 5440 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
23:32:15.0088 5440 C:\Windows\System32\mmcss.dll - ok
23:32:15.0092 5440 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
23:32:15.0092 5440 C:\Windows\System32\adtschema.dll - ok
23:32:15.0095 5440 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
23:32:15.0095 5440 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
23:32:15.0099 5440 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
23:32:15.0099 5440 C:\Windows\System32\MPSSVC.dll - ok
23:32:15.0103 5440 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
23:32:15.0103 5440 C:\Windows\System32\MMDevAPI.dll - ok
23:32:15.0108 5440 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
23:32:15.0108 5440 C:\Windows\System32\propsys.dll - ok
23:32:15.0111 5440 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
23:32:15.0112 5440 C:\Windows\System32\drivers\fltMgr.sys - ok
23:32:15.0115 5440 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
23:32:15.0115 5440 C:\Windows\System32\samlib.dll - ok
23:32:15.0118 5440 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
23:32:15.0118 5440 C:\Windows\System32\shacct.dll - ok
23:32:15.0122 5440 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
23:32:15.0122 5440 C:\Windows\System32\PSHED.DLL - ok
23:32:15.0126 5440 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
23:32:15.0126 5440 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
23:32:15.0129 5440 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
23:32:15.0129 5440 C:\Windows\System32\profsvc.dll - ok
23:32:15.0132 5440 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
23:32:15.0132 5440 C:\Windows\System32\uxtheme.dll - ok
23:32:15.0136 5440 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
23:32:15.0136 5440 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
23:32:15.0140 5440 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
23:32:15.0140 5440 C:\Windows\System32\dui70.dll - ok
23:32:15.0143 5440 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
23:32:15.0143 5440 C:\Windows\System32\audiodg.exe - ok
23:32:15.0147 5440 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
23:32:15.0147 5440 C:\Windows\System32\duser.dll - ok
23:32:15.0150 5440 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
23:32:15.0150 5440 C:\Windows\System32\SndVolSSO.dll - ok
23:32:15.0154 5440 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
23:32:15.0154 5440 C:\Windows\System32\dwmapi.dll - ok
23:32:15.0159 5440 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
23:32:15.0159 5440 C:\Windows\System32\hid.dll - ok
23:32:15.0163 5440 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
23:32:15.0163 5440 C:\Windows\System32\ntmarta.dll - ok
23:32:15.0167 5440 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
23:32:15.0167 5440 C:\Windows\System32\xmllite.dll - ok
23:32:15.0171 5440 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
23:32:15.0171 5440 C:\Windows\System32\cscsvc.dll - ok
23:32:15.0175 5440 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
23:32:15.0175 5440 C:\Windows\System32\gpsvc.dll - ok
23:32:15.0179 5440 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
23:32:15.0179 5440 C:\Windows\System32\winmm.dll - ok
23:32:15.0182 5440 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
23:32:15.0182 5440 C:\Windows\System32\wdmaud.drv - ok
23:32:15.0186 5440 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
23:32:15.0186 5440 C:\Windows\System32\ksuser.dll - ok
23:32:15.0190 5440 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
23:32:15.0190 5440 C:\Windows\System32\AudioSes.dll - ok
23:32:15.0193 5440 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
23:32:15.0193 5440 C:\Windows\System32\nlaapi.dll - ok
23:32:15.0196 5440 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
23:32:15.0196 5440 C:\Windows\System32\atl.dll - ok
23:32:15.0199 5440 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
23:32:15.0199 5440 C:\Windows\System32\WindowsCodecs.dll - ok
23:32:15.0203 5440 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
23:32:15.0203 5440 C:\Windows\System32\PeerDist.dll - ok
23:32:15.0207 5440 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
23:32:15.0207 5440 C:\Windows\System32\themeservice.dll - ok
23:32:15.0211 5440 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
23:32:15.0211 5440 C:\Windows\System32\dsrole.dll - ok
23:32:15.0214 5440 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
23:32:15.0214 5440 C:\Windows\System32\slc.dll - ok
23:32:15.0217 5440 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
23:32:15.0217 5440 C:\Windows\System32\taskschd.dll - ok
23:32:15.0220 5440 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
23:32:15.0220 5440 C:\Windows\System32\es.dll - ok
23:32:15.0224 5440 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
23:32:15.0224 5440 C:\Windows\System32\comres.dll - ok
23:32:15.0227 5440 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
23:32:15.0227 5440 C:\Windows\System32\Sens.dll - ok
23:32:15.0230 5440 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
23:32:15.0230 5440 C:\Windows\System32\mstask.dll - ok
23:32:15.0234 5440 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
23:32:15.0234 5440 C:\Windows\System32\uxsms.dll - ok
23:32:15.0237 5440 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
23:32:15.0237 5440 C:\Windows\System32\wtsapi32.dll - ok
23:32:15.0241 5440 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
23:32:15.0241 5440 C:\Windows\System32\msacm32.dll - ok
23:32:15.0244 5440 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
23:32:15.0244 5440 C:\Windows\System32\msacm32.drv - ok
23:32:15.0247 5440 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
23:32:15.0247 5440 C:\Windows\System32\WUDFPlatform.dll - ok
23:32:15.0251 5440 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
23:32:15.0251 5440 C:\Windows\System32\WUDFSvc.dll - ok
23:32:15.0254 5440 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
23:32:15.0255 5440 C:\Windows\System32\midimap.dll - ok
23:32:15.0258 5440 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
23:32:15.0258 5440 C:\Windows\System32\AudioEng.dll - ok
23:32:15.0262 5440 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
23:32:15.0262 5440 C:\Windows\System32\winbrand.dll - ok
23:32:15.0267 5440 [ 0DD5E2549322A029BEAFCD99A7465F8B ] C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll
23:32:15.0267 5440 C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll - ok
23:32:15.0271 5440 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
23:32:15.0271 5440 C:\Windows\System32\AUDIOKSE.dll - ok
23:32:15.0275 5440 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
23:32:15.0275 5440 C:\Windows\System32\drivers\lltdio.sys - ok
23:32:15.0279 5440 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
23:32:15.0279 5440 C:\Windows\System32\drivers\nwifi.sys - ok
23:32:15.0283 5440 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
23:32:15.0283 5440 C:\Windows\System32\drivers\ndisuio.sys - ok
23:32:15.0288 5440 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
23:32:15.0288 5440 C:\Windows\System32\drivers\rspndr.sys - ok
23:32:15.0292 5440 [ C45A3E051C65106A28982CAED125F855 ] C:\Windows\System32\drivers\TurboB.sys
23:32:15.0292 5440 C:\Windows\System32\drivers\TurboB.sys - ok
23:32:15.0295 5440 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
23:32:15.0295 5440 C:\Windows\System32\lmhsvc.dll - ok
23:32:15.0298 5440 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
23:32:15.0298 5440 C:\Windows\System32\dhcpcore.dll - ok
23:32:15.0302 5440 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
23:32:15.0302 5440 C:\Windows\System32\IPHLPAPI.DLL - ok
23:32:15.0305 5440 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
23:32:15.0305 5440 C:\Windows\System32\netapi32.dll - ok
23:32:15.0309 5440 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
23:32:15.0309 5440 C:\Windows\System32\nrpsrv.dll - ok
23:32:15.0312 5440 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
23:32:15.0312 5440 C:\Windows\System32\nsisvc.dll - ok
23:32:15.0316 5440 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
23:32:15.0316 5440 C:\Windows\System32\winnsi.dll - ok
23:32:15.0319 5440 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
23:32:15.0319 5440 C:\Windows\System32\dhcpcore6.dll - ok
23:32:15.0323 5440 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
23:32:15.0323 5440 C:\Windows\System32\dnsrslvr.dll - ok
23:32:15.0326 5440 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
23:32:15.0326 5440 C:\Windows\System32\eapphost.dll - ok
23:32:15.0330 5440 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
23:32:15.0330 5440 C:\Windows\System32\eapsvc.dll - ok
23:32:15.0333 5440 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
23:32:15.0333 5440 C:\Windows\System32\keyiso.dll - ok
23:32:15.0336 5440 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
23:32:15.0336 5440 C:\Windows\System32\netutils.dll - ok
23:32:15.0339 5440 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
23:32:15.0340 5440 C:\Windows\System32\wkscli.dll - ok
23:32:15.0343 5440 [ E30B3F06C859FD307C6D191BAF5E9D40 ] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll
23:32:15.0343 5440 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll - ok
23:32:15.0347 5440 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
23:32:15.0347 5440 C:\Windows\System32\dhcpcsvc.dll - ok
23:32:15.0350 5440 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
23:32:15.0350 5440 C:\Windows\System32\nlasvc.dll - ok
23:32:15.0354 5440 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
23:32:15.0354 5440 C:\Windows\System32\samcli.dll - ok
23:32:15.0359 5440 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
23:32:15.0359 5440 C:\Windows\System32\ncsi.dll - ok
23:32:15.0362 5440 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
23:32:15.0362 5440 C:\Windows\System32\umb.dll - ok
23:32:15.0366 5440 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
23:32:15.0366 5440 C:\Windows\System32\winhttp.dll - ok
23:32:15.0369 5440 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
23:32:15.0369 5440 C:\Windows\System32\wlansvc.dll - ok
23:32:15.0373 5440 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
23:32:15.0373 5440 C:\Windows\System32\wlanmsm.dll - ok
23:32:15.0376 5440 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
23:32:15.0376 5440 C:\Windows\System32\wlansec.dll - ok
23:32:15.0380 5440 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
23:32:15.0380 5440 C:\Windows\System32\webio.dll - ok
23:32:15.0383 5440 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
23:32:15.0383 5440 C:\Windows\System32\onex.dll - ok
23:32:15.0387 5440 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
23:32:15.0387 5440 C:\Windows\System32\eappcfg.dll - ok
23:32:15.0391 5440 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
23:32:15.0391 5440 C:\Windows\System32\eappprxy.dll - ok
23:32:15.0394 5440 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
23:32:15.0394 5440 C:\Windows\System32\VaultCredProvider.dll - ok
23:32:15.0398 5440 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
23:32:15.0398 5440 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
23:32:15.0401 5440 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
23:32:15.0401 5440 C:\Windows\System32\l2gpstore.dll - ok
23:32:15.0404 5440 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
23:32:15.0405 5440 C:\Windows\System32\WinSCard.dll - ok
23:32:15.0410 5440 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
23:32:15.0410 5440 C:\Windows\System32\wlanutil.dll - ok
23:32:15.0413 5440 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
23:32:15.0413 5440 C:\Windows\System32\wlgpclnt.dll - ok
23:32:15.0417 5440 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
23:32:15.0417 5440 C:\Windows\System32\BioCredProv.dll - ok
23:32:15.0422 5440 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
23:32:15.0422 5440 C:\Windows\System32\FWPUCLNT.DLL - ok
23:32:15.0427 5440 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
23:32:15.0427 5440 C:\Windows\System32\dnsext.dll - ok
23:32:15.0432 5440 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
23:32:15.0432 5440 C:\Windows\System32\winbio.dll - ok
23:32:15.0436 5440 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
23:32:15.0436 5440 C:\Windows\System32\credui.dll - ok
23:32:15.0440 5440 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
23:32:15.0440 5440 C:\Windows\System32\dhcpcsvc6.dll - ok
23:32:15.0443 5440 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
23:32:15.0443 5440 C:\Windows\System32\msxml6.dll - ok
23:32:15.0446 5440 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
23:32:15.0446 5440 C:\Windows\System32\ssdpapi.dll - ok
23:32:15.0450 5440 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
23:32:15.0450 5440 C:\Windows\System32\vaultcli.dll - ok
23:32:15.0453 5440 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
23:32:15.0453 5440 C:\Windows\System32\certCredProvider.dll - ok
23:32:15.0457 5440 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
23:32:15.0457 5440 C:\Windows\System32\rasplap.dll - ok
23:32:15.0460 5440 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
23:32:15.0460 5440 C:\Windows\System32\rasapi32.dll - ok
23:32:15.0463 5440 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
23:32:15.0463 5440 C:\Windows\System32\rasman.dll - ok
23:32:15.0466 5440 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
23:32:15.0466 5440 C:\Windows\System32\rtutils.dll - ok
23:32:15.0470 5440 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
23:32:15.0470 5440 C:\Windows\System32\UXInit.dll - ok
23:32:15.0473 5440 [ 336A5FD5A6E2B255BAF28F16B13469BD ] C:\Windows\System32\nvsvc64.dll
23:32:15.0473 5440 C:\Windows\System32\nvsvc64.dll - ok
23:32:15.0476 5440 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
23:32:15.0476 5440 C:\Windows\System32\oleacc.dll - ok
23:32:15.0479 5440 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
23:32:15.0479 5440 C:\Windows\System32\rastls.dll - ok
23:32:15.0483 5440 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
23:32:15.0483 5440 C:\Windows\System32\UIAutomationCore.dll - ok
23:32:15.0487 5440 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
23:32:15.0487 5440 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
23:32:15.0492 5440 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
23:32:15.0492 5440 C:\Windows\System32\wwansvc.dll - ok
23:32:15.0496 5440 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
23:32:15.0496 5440 C:\Windows\System32\wmi.dll - ok
23:32:15.0499 5440 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
23:32:15.0499 5440 C:\Windows\System32\msimg32.dll - ok
23:32:15.0503 5440 [ DC893FAB5E18E383DC7147F37C8C0CA2 ] C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
23:32:15.0503 5440 C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - ok
23:32:15.0508 5440 [ 76109F753AF121CD142D7877FE1ED46F ] C:\Windows\System32\nvapi64.dll
23:32:15.0508 5440 C:\Windows\System32\nvapi64.dll - ok
23:32:15.0512 5440 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
23:32:15.0512 5440 C:\Windows\System32\imageres.dll - ok
23:32:15.0515 5440 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
23:32:15.0515 5440 C:\Windows\SysWOW64\ntdll.dll - ok
23:32:15.0518 5440 [ 2D00D3DADC1D3326BA788EB071F2726E ] C:\Windows\System32\FBAgent.exe
23:32:15.0518 5440 C:\Windows\System32\FBAgent.exe - ok
23:32:15.0522 5440 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
23:32:15.0522 5440 C:\Windows\System32\msi.dll - ok
23:32:15.0525 5440 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
23:32:15.0525 5440 C:\Windows\System32\wow64.dll - ok
23:32:15.0529 5440 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
23:32:15.0529 5440 C:\Windows\System32\wow64win.dll - ok
23:32:15.0532 5440 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
23:32:15.0532 5440 C:\Windows\System32\wow64cpu.dll - ok
23:32:15.0535 5440 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
23:32:15.0535 5440 C:\Windows\SysWOW64\kernel32.dll - ok
23:32:15.0539 5440 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
23:32:15.0539 5440 C:\Windows\System32\netcfgx.dll - ok
23:32:15.0543 5440 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
23:32:15.0543 5440 C:\Windows\SysWOW64\KernelBase.dll - ok
23:32:15.0548 5440 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
23:32:15.0548 5440 C:\Windows\SysWOW64\user32.dll - ok
23:32:15.0550 5440 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
23:32:15.0550 5440 C:\Windows\SysWOW64\gdi32.dll - ok
23:32:15.0555 5440 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
23:32:15.0555 5440 C:\Windows\SysWOW64\lpk.dll - ok
23:32:15.0558 5440 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
23:32:15.0558 5440 C:\Windows\SysWOW64\usp10.dll - ok
23:32:15.0561 5440 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
23:32:15.0561 5440 C:\Windows\SysWOW64\msvcrt.dll - ok
23:32:15.0565 5440 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
23:32:15.0565 5440 C:\Windows\SysWOW64\advapi32.dll - ok
23:32:15.0568 5440 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
23:32:15.0568 5440 C:\Windows\SysWOW64\rpcrt4.dll - ok
23:32:15.0574 5440 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
23:32:15.0574 5440 C:\Windows\SysWOW64\sechost.dll - ok
23:32:15.0578 5440 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
23:32:15.0578 5440 C:\Windows\SysWOW64\comdlg32.dll - ok
23:32:15.0582 5440 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
23:32:15.0582 5440 C:\Windows\SysWOW64\cryptbase.dll - ok
23:32:15.0587 5440 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
23:32:15.0587 5440 C:\Windows\SysWOW64\msimg32.dll - ok
23:32:15.0592 5440 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
23:32:15.0592 5440 C:\Windows\SysWOW64\sspicli.dll - ok
23:32:15.0596 5440 [ 18E5C2F937F9DEB8C282DF66A3761925 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
23:32:15.0596 5440 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe - ok
23:32:15.0600 5440 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
23:32:15.0600 5440 C:\Windows\SysWOW64\shlwapi.dll - ok
23:32:15.0604 5440 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
23:32:15.0604 5440 C:\Windows\System32\pdh.dll - ok
23:32:15.0608 5440 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
23:32:15.0608 5440 C:\Windows\SysWOW64\imm32.dll - ok
23:32:15.0611 5440 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
23:32:15.0611 5440 C:\Windows\SysWOW64\profapi.dll - ok
23:32:15.0615 5440 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
23:32:15.0615 5440 C:\Windows\SysWOW64\userenv.dll - ok
23:32:15.0618 5440 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
23:32:15.0618 5440 C:\Windows\SysWOW64\wtsapi32.dll - ok
23:32:15.0622 5440 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
23:32:15.0622 5440 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
23:32:15.0626 5440 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
23:32:15.0626 5440 C:\Windows\SysWOW64\msctf.dll - ok
23:32:15.0629 5440 [ 4C016FD76ED5C05E84CA8CAB77993961 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:32:15.0629 5440 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - ok
23:32:15.0632 5440 [ 0E9C57106A1D93861743D6EC3C6B46A5 ] C:\Windows\SysWOW64\nvinit.dll
23:32:15.0632 5440 C:\Windows\SysWOW64\nvinit.dll - ok
23:32:15.0636 5440 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
23:32:15.0636 5440 C:\Windows\SysWOW64\winsta.dll - ok
23:32:15.0640 5440 [ 7910158929571214A959D5A6D16DD9C0 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:32:15.0640 5440 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - ok
23:32:15.0643 5440 [ 04AC21E821F259845BD7367CEE057290 ] C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
23:32:15.0644 5440 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - ok
23:32:15.0647 5440 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
23:32:15.0647 5440 C:\Windows\SysWOW64\ws2_32.dll - ok
23:32:15.0650 5440 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
23:32:15.0650 5440 C:\Windows\SysWOW64\nsi.dll - ok
23:32:15.0654 5440 [ 46856447F0EBF2F7B2473660B056B419 ] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll
23:32:15.0654 5440 C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - ok
23:32:15.0657 5440 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
23:32:15.0657 5440 C:\Windows\SysWOW64\shell32.dll - ok
23:32:15.0660 5440 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
23:32:15.0660 5440 C:\Windows\System32\drivers\vwifimp.sys - ok
23:32:15.0664 5440 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
23:32:15.0664 5440 C:\Windows\SysWOW64\winspool.drv - ok
23:32:15.0668 5440 [ 3C1EE2FFFCBEF877934EFDF3A5C3BCB1 ] C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll
23:32:15.0668 5440 C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - ok
23:32:15.0671 5440 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
23:32:15.0671 5440 C:\Windows\SysWOW64\ole32.dll - ok
23:32:15.0675 5440 [ 061E11A56CDCAB73188E216280C05D66 ] C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll
23:32:15.0675 5440 C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - ok
23:32:15.0678 5440 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
23:32:15.0678 5440 C:\Windows\SysWOW64\oleaut32.dll - ok
23:32:15.0682 5440 [ 32DF6FAC9745FDC3CB90AC75AB259861 ] C:\Windows\System32\CX64OP19.dll
23:32:15.0682 5440 C:\Windows\System32\CX64OP19.dll - ok
23:32:15.0685 5440 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
23:32:15.0685 5440 C:\Windows\System32\WMALFXGFXDSP.dll - ok
23:32:15.0690 5440 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
23:32:15.0691 5440 C:\Windows\System32\mfplat.dll - ok
23:32:15.0694 5440 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
23:32:15.0694 5440 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
23:32:15.0698 5440 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
23:32:15.0698 5440 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
23:32:15.0702 5440 [ 1D716EB7BCC07F5B1EF442B13A5FDDFE ] C:\Program Files\Alwil Software\Avast5\ashBase.dll
23:32:15.0702 5440 C:\Program Files\Alwil Software\Avast5\ashBase.dll - ok
23:32:15.0705 5440 [ 42A6DC8B861EF5BD6AF8DC2CBD7DF321 ] C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll
23:32:15.0705 5440 C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - ok
23:32:15.0711 5440 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
23:32:15.0711 5440 C:\Windows\SysWOW64\version.dll - ok
23:32:15.0714 5440 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
23:32:15.0714 5440 C:\Windows\SysWOW64\wsock32.dll - ok
23:32:15.0719 5440 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
23:32:15.0719 5440 C:\Windows\SysWOW64\psapi.dll - ok
23:32:15.0721 5440 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
23:32:15.0721 5440 C:\Windows\SysWOW64\dbghelp.dll - ok
23:32:15.0724 5440 [ 52359D15C33B9BC2665A00607F2FED57 ] C:\Program Files\Alwil Software\Avast5\1040\Base.dll
23:32:15.0724 5440 C:\Program Files\Alwil Software\Avast5\1040\Base.dll - ok
23:32:15.0728 5440 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
23:32:15.0728 5440 C:\Windows\SysWOW64\netapi32.dll - ok
23:32:15.0731 5440 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
23:32:15.0731 5440 C:\Windows\SysWOW64\netutils.dll - ok
23:32:15.0734 5440 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
23:32:15.0734 5440 C:\Windows\SysWOW64\srvcli.dll - ok
23:32:15.0738 5440 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
23:32:15.0738 5440 C:\Windows\SysWOW64\wkscli.dll - ok
23:32:15.0742 5440 [ 7E118D66ECACCF3299F732ED0F3CE467 ] C:\Program Files\Alwil Software\Avast5\ashServ.dll
23:32:15.0742 5440 C:\Program Files\Alwil Software\Avast5\ashServ.dll - ok
23:32:15.0745 5440 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
23:32:15.0745 5440 C:\Windows\System32\shsvcs.dll - ok
23:32:15.0749 5440 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
23:32:15.0749 5440 C:\Windows\SysWOW64\cscapi.dll - ok
23:32:15.0752 5440 [ DEA2847BFCD2BCCE777C27DB47A69EB8 ] C:\Program Files\Alwil Software\Avast5\ashTask.dll
23:32:15.0752 5440 C:\Program Files\Alwil Software\Avast5\ashTask.dll - ok
23:32:15.0757 5440 [ 3C1513365EFF8D185C5BB2BDEBBE5D3A ] C:\Program Files\Alwil Software\Avast5\aswAux.dll
23:32:15.0757 5440 C:\Program Files\Alwil Software\Avast5\aswAux.dll - ok
23:32:15.0760 5440 [ 2566C94919F8F46215E38F3357011EBF ] C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
23:32:15.0760 5440 C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll - ok
23:32:15.0764 5440 [ 3079F9345ED39D0E9DA1D5E8CC407235 ] C:\Program Files\Alwil Software\Avast5\aswLog.dll
23:32:15.0764 5440 C:\Program Files\Alwil Software\Avast5\aswLog.dll - ok
23:32:15.0768 5440 [ 662E62F776A508CA4C997F7DA8007769 ] C:\Program Files\Alwil Software\Avast5\aswProperty.dll
23:32:15.0768 5440 C:\Program Files\Alwil Software\Avast5\aswProperty.dll - ok
23:32:15.0772 5440 [ 1D445E0FD43BE0F81C07DFFBF6AB92EC ] C:\Program Files\Alwil Software\Avast5\aswSqLt.dll
23:32:15.0772 5440 C:\Program Files\Alwil Software\Avast5\aswSqLt.dll - ok
23:32:15.0776 5440 [ 3A2CF698443EAD2C14CF528B4F2A51A0 ] C:\Program Files\Alwil Software\Avast5\Aavm4h.dll
23:32:15.0776 5440 C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - ok
23:32:15.0779 5440 [ C5DBD35CF4EB0CB8E72A7B6DA2EDEA51 ] C:\Program Files\Alwil Software\Avast5\AavmRpch.dll
23:32:15.0779 5440 C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - ok
23:32:15.0785 5440 [ 0F84219E9FC89D4FEC963F78E4983E0B ] C:\Program Files\Alwil Software\Avast5\aswDld.dll
23:32:15.0785 5440 C:\Program Files\Alwil Software\Avast5\aswDld.dll - ok
23:32:15.0789 5440 [ 35BD2AABE21E86D760D4FB93225D8BB4 ] C:\Program Files\Alwil Software\Avast5\aswIdle.dll
23:32:15.0789 5440 C:\Program Files\Alwil Software\Avast5\aswIdle.dll - ok
23:32:15.0793 5440 [ 3B3AD17FAAA838CC0368F0947B5D43DB ] C:\Program Files\Alwil Software\Avast5\aswStrm.dll
23:32:15.0793 5440 C:\Program Files\Alwil Software\Avast5\aswStrm.dll - ok
23:32:15.0798 5440 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
23:32:15.0798 5440 C:\Windows\SysWOW64\cfgmgr32.dll - ok
23:32:15.0800 5440 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
23:32:15.0800 5440 C:\Windows\System32\schedsvc.dll - ok
23:32:15.0804 5440 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
23:32:15.0804 5440 C:\Windows\System32\ktmw32.dll - ok
23:32:15.0807 5440 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
23:32:15.0807 5440 C:\Windows\System32\fveapi.dll - ok
23:32:15.0811 5440 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
23:32:15.0811 5440 C:\Windows\System32\fvecerts.dll - ok
23:32:15.0815 5440 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
23:32:15.0815 5440 C:\Windows\System32\tbs.dll - ok
23:32:15.0818 5440 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
23:32:15.0818 5440 C:\Windows\System32\taskcomp.dll - ok
23:32:15.0821 5440 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
23:32:15.0821 5440 C:\Windows\System32\wiarpc.dll - ok
23:32:15.0825 5440 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
23:32:15.0825 5440 C:\Windows\System32\drivers\http.sys - ok
23:32:15.0828 5440 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
23:32:15.0828 5440 C:\Windows\System32\taskeng.exe - ok
23:32:15.0831 5440 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
23:32:15.0831 5440 C:\Windows\System32\spoolsv.exe - ok
23:32:15.0834 5440 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
23:32:15.0834 5440 C:\Windows\System32\BFE.DLL - ok
23:32:15.0839 5440 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
23:32:15.0839 5440 C:\Windows\System32\drivers\srvnet.sys - ok
23:32:15.0843 5440 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
23:32:15.0843 5440 C:\Windows\System32\TSChannel.dll - ok
23:32:15.0847 5440 [ 50D28F3F8B7C17056520C80A29EFE17C ] C:\Windows\System32\lpksetup.exe
23:32:15.0847 5440 C:\Windows\System32\lpksetup.exe - ok
23:32:15.0850 5440 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
23:32:15.0850 5440 C:\Windows\System32\dpx.dll - ok
23:32:15.0855 5440 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
23:32:15.0855 5440 C:\Windows\System32\drivers\bowser.sys - ok
23:32:15.0859 5440 [ F1C09EE3A594B19DD1F4B4AEA9E353C9 ] C:\Windows\System32\comsvcs.dll
23:32:15.0859 5440 C:\Windows\System32\comsvcs.dll - ok
23:32:15.0862 5440 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
23:32:15.0862 5440 C:\Windows\System32\drivers\mpsdrv.sys - ok
23:32:15.0865 5440 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
23:32:15.0865 5440 C:\Windows\System32\drivers\mrxsmb.sys - ok
23:32:15.0869 5440 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
23:32:15.0869 5440 C:\Windows\System32\drivers\mrxsmb10.sys - ok
23:32:15.0873 5440 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
23:32:15.0873 5440 C:\Windows\System32\drivers\mrxsmb20.sys - ok
23:32:15.0877 5440 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
23:32:15.0877 5440 C:\Windows\System32\drivers\srv2.sys - ok
23:32:15.0880 5440 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
23:32:15.0881 5440 C:\Windows\System32\drivers\srv.sys - ok
23:32:15.0884 5440 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
23:32:15.0884 5440 C:\Windows\System32\wkssvc.dll - ok
23:32:15.0888 5440 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
23:32:15.0888 5440 C:\Windows\System32\browser.dll - ok
23:32:15.0892 5440 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
23:32:15.0892 5440 C:\Windows\System32\srvsvc.dll - ok
23:32:15.0896 5440 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
23:32:15.0896 5440 C:\Windows\System32\netmsg.dll - ok
23:32:15.0899 5440 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
23:32:15.0899 5440 C:\Windows\System32\wfapigp.dll - ok
23:32:15.0902 5440 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
23:32:15.0902 5440 C:\Windows\System32\clusapi.dll - ok
23:32:15.0907 5440 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
23:32:15.0907 5440 C:\Windows\System32\sscore.dll - ok
23:32:15.0911 5440 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
23:32:15.0911 5440 C:\Windows\System32\resutils.dll - ok
23:32:15.0915 5440 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
23:32:15.0915 5440 C:\Windows\System32\mscms.dll - ok
23:32:15.0918 5440 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
23:32:15.0918 5440 C:\Windows\System32\pcasvc.dll - ok
23:32:15.0923 5440 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
23:32:15.0923 5440 C:\Windows\System32\snmptrap.exe - ok
23:32:15.0928 5440 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
23:32:15.0928 5440 C:\Windows\System32\PeerDistSh.dll - ok
23:32:15.0933 5440 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
23:32:15.0933 5440 C:\Windows\System32\provsvc.dll - ok
23:32:15.0938 5440 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
23:32:15.0938 5440 C:\Windows\System32\sstpsvc.dll - ok
23:32:15.0942 5440 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
23:32:15.0942 5440 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
23:32:15.0946 5440 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
23:32:15.0946 5440 C:\Windows\SysWOW64\wscapi.dll - ok
23:32:15.0949 5440 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
23:32:15.0950 5440 C:\Windows\SysWOW64\wscisvif.dll - ok
23:32:15.0953 5440 [ BC1297CC45CF63DBA4CA9EAC1BEEDC30 ] C:\Program Files\Alwil Software\Avast5\defs\13043000\aswEngin.dll
23:32:15.0953 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\aswEngin.dll - ok
23:32:15.0958 5440 [ 64790077F7574E0EB97F3CD2C7B46796 ] C:\Program Files\Alwil Software\Avast5\defs\13043000\aswCmnIS.dll
23:32:15.0958 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\aswCmnIS.dll - ok
23:32:15.0962 5440 [ 09C5CB1DEEFFB23C29FDF135C70E506E ] C:\Program Files\Alwil Software\Avast5\defs\13043000\aswCmnOS.dll
23:32:15.0962 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\aswCmnOS.dll - ok
23:32:15.0966 5440 [ 0D0E62D3D1BB73238A15E55AA5EF0099 ] C:\Program Files\Alwil Software\Avast5\defs\13043000\aswCmnBS.dll
23:32:15.0966 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\aswCmnBS.dll - ok
23:32:15.0970 5440 [ F4B53E84EBD4EDC4938E9B40B583D6FE ] C:\Program Files\Alwil Software\Avast5\defs\13043000\aswScan.dll
23:32:15.0970 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\aswScan.dll - ok
23:32:15.0973 5440 [ 631EAABB9F82ACEDF8DE3DD20FD5ACC6 ] C:\Program Files\Alwil Software\Avast5\defs\13043000\aswRep.dll
23:32:15.0973 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\aswRep.dll - ok
23:32:15.0977 5440 [ 2399F8068E969D9C25A05B6F779A790A ] C:\Program Files\Alwil Software\Avast5\defs\13043000\aswFiDb.dll
23:32:15.0977 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\aswFiDb.dll - ok
23:32:15.0981 5440 [ AD446C0C2789A08A1FD9088CD4937081 ] C:\Program Files\Alwil Software\Avast5\defs\13043000\algo.dll
23:32:15.0981 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\algo.dll - ok
23:32:15.0985 5440 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
23:32:15.0985 5440 C:\Windows\System32\winspool.drv - ok
23:32:15.0990 5440 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
23:32:15.0990 5440 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
23:32:15.0994 5440 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
23:32:15.0994 5440 C:\Windows\SysWOW64\crypt32.dll - ok
23:32:15.0998 5440 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
23:32:15.0998 5440 C:\Windows\SysWOW64\samcli.dll - ok
23:32:16.0001 5440 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
23:32:16.0001 5440 C:\Windows\SysWOW64\msasn1.dll - ok
23:32:16.0006 5440 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
23:32:16.0006 5440 C:\Windows\SysWOW64\uxtheme.dll - ok
23:32:16.0011 5440 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
23:32:16.0012 5440 C:\Program Files\Bonjour\mdnsNSP.dll - ok
23:32:16.0017 5440 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
23:32:16.0017 5440 C:\Windows\System32\rasadhlp.dll - ok
23:32:16.0022 5440 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
23:32:16.0022 5440 C:\Windows\SysWOW64\clbcatq.dll - ok
23:32:16.0028 5440 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
23:32:16.0028 5440 C:\Windows\SysWOW64\quartz.dll - ok
23:32:16.0033 5440 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
23:32:16.0033 5440 C:\Windows\SysWOW64\winmm.dll - ok
23:32:16.0037 5440 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
23:32:16.0037 5440 C:\Windows\SysWOW64\dwmapi.dll - ok
23:32:16.0041 5440 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
23:32:16.0041 5440 C:\Windows\SysWOW64\msvfw32.dll - ok
23:32:16.0045 5440 [ CC5BF60E9D3F181C0B62AC91AD8634B8 ] C:\Windows\SysWOW64\qcap.dll
23:32:16.0045 5440 C:\Windows\SysWOW64\qcap.dll - ok
23:32:16.0050 5440 [ 9B1B3C9FC4011CB5A6C6423ABEEB3793 ] C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll
23:32:16.0050 5440 C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll - ok
23:32:16.0055 5440 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
23:32:16.0055 5440 C:\Windows\System32\localspl.dll - ok
23:32:16.0060 5440 [ EC98366AD462383659681BDFFD384CED ] C:\Windows\System32\CNBLM4.DLL
23:32:16.0060 5440 C:\Windows\System32\CNBLM4.DLL - ok
23:32:16.0065 5440 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
23:32:16.0065 5440 C:\Windows\System32\PrintIsolationProxy.dll - ok
23:32:16.0070 5440 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
23:32:16.0070 5440 C:\Windows\System32\spoolss.dll - ok
23:32:16.0074 5440 [ 488256C0AFA4D9C1CB3084C2956288DF ] C:\Windows\System32\CNMLMAA.DLL
23:32:16.0074 5440 C:\Windows\System32\CNMLMAA.DLL - ok
23:32:16.0078 5440 [ EC55351788F229C98BCD657ED0B46893 ] C:\Windows\System32\CNMLM94.DLL
23:32:16.0078 5440 C:\Windows\System32\CNMLM94.DLL - ok
23:32:16.0083 5440 [ 8884D0BC7565319D08654438DAF53191 ] C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll
23:32:16.0083 5440 C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll - ok
23:32:16.0089 5440 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
23:32:16.0089 5440 C:\Windows\System32\FXSMON.dll - ok
23:32:16.0094 5440 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
23:32:16.0094 5440 C:\Windows\System32\tcpmon.dll - ok
23:32:16.0097 5440 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
23:32:16.0097 5440 C:\Windows\System32\snmpapi.dll - ok
23:32:16.0101 5440 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
23:32:16.0101 5440 C:\Windows\System32\wsnmp32.dll - ok
23:32:16.0104 5440 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
23:32:16.0104 5440 C:\Windows\System32\usbmon.dll - ok
23:32:16.0108 5440 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
23:32:16.0108 5440 C:\Windows\System32\WSDMon.dll - ok
23:32:16.0111 5440 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
23:32:16.0111 5440 C:\Windows\System32\WSDApi.dll - ok
23:32:16.0115 5440 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
23:32:16.0115 5440 C:\Windows\System32\webservices.dll - ok
23:32:16.0118 5440 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
23:32:16.0118 5440 C:\Windows\System32\fundisc.dll - ok
23:32:16.0121 5440 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
23:32:16.0122 5440 C:\Windows\System32\fdPnp.dll - ok
23:32:16.0126 5440 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
23:32:16.0126 5440 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
23:32:16.0130 5440 [ 389B0EEE1FFB490D76A556F04C0B268E ] C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL
23:32:16.0130 5440 C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL - ok
23:32:16.0133 5440 [ FC31518FAC3D66998EB5DA9D7AD32111 ] C:\Windows\System32\spool\prtprocs\x64\CNMPD94.DLL
23:32:16.0133 5440 C:\Windows\System32\spool\prtprocs\x64\CNMPD94.DLL - ok
23:32:16.0137 5440 [ B5ED5424F3719BA248C6A1497DF2407C ] C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL
23:32:16.0137 5440 C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL - ok
23:32:16.0141 5440 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
23:32:16.0141 5440 C:\Windows\System32\win32spl.dll - ok
23:32:16.0145 5440 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
23:32:16.0145 5440 C:\Windows\System32\inetpp.dll - ok
23:32:16.0148 5440 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:32:16.0148 5440 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
23:32:16.0152 5440 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
23:32:16.0152 5440 C:\Windows\SysWOW64\wintrust.dll - ok
23:32:16.0155 5440 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:32:16.0155 5440 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
23:32:16.0159 5440 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
23:32:16.0159 5440 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
23:32:16.0163 5440 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
23:32:16.0163 5440 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
23:32:16.0167 5440 [ 605C6370240FC79CADBCD34960A741D2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
23:32:16.0167 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
23:32:16.0172 5440 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
23:32:16.0173 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
23:32:16.0177 5440 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
23:32:16.0177 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
23:32:16.0181 5440 [ 0EEE814627F4384291687671F76419F6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
23:32:16.0181 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
23:32:16.0185 5440 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
23:32:16.0185 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
23:32:16.0189 5440 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
23:32:16.0189 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
23:32:16.0193 5440 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
23:32:16.0193 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
23:32:16.0197 5440 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
23:32:16.0197 5440 C:\Windows\SysWOW64\secur32.dll - ok
23:32:16.0201 5440 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
23:32:16.0201 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
23:32:16.0205 5440 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
23:32:16.0205 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
23:32:16.0211 5440 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
23:32:16.0211 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
23:32:16.0216 5440 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
23:32:16.0216 5440 C:\Windows\SysWOW64\fltLib.dll - ok
23:32:16.0221 5440 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
23:32:16.0221 5440 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
23:32:16.0225 5440 [ 545DE96D552AEDCDE95D1C86BDC9B95B ] C:\Program Files\Alwil Software\Avast5\AhResBhv.dll
23:32:16.0225 5440 C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - ok
23:32:16.0229 5440 [ D7BF4E050440CF0B7B2A2596F0F370F3 ] C:\Program Files\Alwil Software\Avast5\AhResJs.dll
23:32:16.0229 5440 C:\Program Files\Alwil Software\Avast5\AhResJs.dll - ok
23:32:16.0233 5440 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
23:32:16.0233 5440 C:\Windows\SysWOW64\setupapi.dll - ok
23:32:16.0236 5440 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
23:32:16.0237 5440 C:\Windows\SysWOW64\devobj.dll - ok
23:32:16.0240 5440 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
23:32:16.0241 5440 C:\Windows\SysWOW64\dnssd.dll - ok
23:32:16.0244 5440 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
23:32:16.0244 5440 C:\Windows\SysWOW64\ntmarta.dll - ok
23:32:16.0248 5440 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
23:32:16.0248 5440 C:\Windows\SysWOW64\Wldap32.dll - ok
23:32:16.0251 5440 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
23:32:16.0251 5440 C:\Windows\SysWOW64\mswsock.dll - ok
23:32:16.0255 5440 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
23:32:16.0255 5440 C:\Program Files\Bonjour\mDNSResponder.exe - ok
23:32:16.0259 5440 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
23:32:16.0259 5440 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
23:32:16.0262 5440 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
23:32:16.0262 5440 C:\Windows\System32\efssvc.dll - ok
23:32:16.0265 5440 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
23:32:16.0265 5440 C:\Windows\System32\FDResPub.dll - ok
23:32:16.0269 5440 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
23:32:16.0269 5440 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
23:32:16.0272 5440 [ C5B6468422DB1C8AA36C32CBB0197E5E ] C:\Windows\SysWOW64\wininet.dll
23:32:16.0272 5440 C:\Windows\SysWOW64\wininet.dll - ok
23:32:16.0276 5440 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
23:32:16.0276 5440 C:\Windows\System32\cscapi.dll - ok
23:32:16.0280 5440 [ 37DAD7CA011038616E067C8F62029FD0 ] C:\Program Files\Alwil Software\Avast5\AhResMai.dll
23:32:16.0280 5440 C:\Program Files\Alwil Software\Avast5\AhResMai.dll - ok
23:32:16.0284 5440 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
23:32:16.0284 5440 C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe - ok
23:32:16.0287 5440 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
23:32:16.0288 5440 C:\Windows\System32\cryptnet.dll - ok
23:32:16.0291 5440 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
23:32:16.0291 5440 C:\Windows\System32\cryptsvc.dll - ok
23:32:16.0294 5440 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
23:32:16.0295 5440 C:\Windows\System32\dps.dll - ok
23:32:16.0298 5440 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
23:32:16.0298 5440 C:\Windows\System32\httpapi.dll - ok
23:32:16.0302 5440 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
23:32:16.0302 5440 C:\Windows\System32\wdi.dll - ok
23:32:16.0305 5440 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
23:32:16.0305 5440 C:\Windows\System32\IKEEXT.DLL - ok
23:32:16.0310 5440 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
23:32:16.0310 5440 C:\Windows\System32\vssapi.dll - ok
23:32:16.0313 5440 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
23:32:16.0313 5440 C:\Windows\System32\vsstrace.dll - ok
23:32:16.0317 5440 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
23:32:16.0317 5440 C:\Windows\System32\efscore.dll - ok
23:32:16.0320 5440 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
23:32:16.0320 5440 C:\Windows\System32\efsutil.dll - ok
23:32:16.0324 5440 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
23:32:16.0324 5440 C:\Windows\System32\vpnikeapi.dll - ok
23:32:16.0327 5440 [ 8122EE05F327EF470670E2CDDFFEB929 ] C:\Program Files\Alwil Software\Avast5\AhResMes.dll
23:32:16.0328 5440 C:\Program Files\Alwil Software\Avast5\AhResMes.dll - ok
23:32:16.0331 5440 [ EFFA04908678EF527EA32B2E2EE6EC93 ] C:\Program Files\Alwil Software\Avast5\AhResNS.dll
23:32:16.0331 5440 C:\Program Files\Alwil Software\Avast5\AhResNS.dll - ok
23:32:16.0335 5440 [ A5905C582C88AE8D56834CE4A3627FD1 ] C:\Program Files\Alwil Software\Avast5\AhResP2P.dll
23:32:16.0335 5440 C:\Program Files\Alwil Software\Avast5\AhResP2P.dll - ok
23:32:16.0339 5440 [ 9207F1A1440EAF18BE0D0C1D487E4F02 ] C:\Program Files\Alwil Software\Avast5\AhResStd.dll
23:32:16.0339 5440 C:\Program Files\Alwil Software\Avast5\AhResStd.dll - ok
23:32:16.0343 5440 [ 4509D54DF9276534AC433F80E8392206 ] C:\Program Files\Alwil Software\Avast5\AhResWS.dll
23:32:16.0343 5440 C:\Program Files\Alwil Software\Avast5\AhResWS.dll - ok
23:32:16.0346 5440 [ AAC3C0194EEBA939E18590411130CF43 ] C:\Program Files\Alwil Software\Avast5\defs\13043000\ArPot.dll
23:32:16.0346 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\ArPot.dll - ok
23:32:16.0350 5440 [ A1C148801B4AF64847AEB9F3AD9594EF ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:32:16.0350 5440 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
23:32:16.0354 5440 [ 285AC1245590372A88B75144A8656A5F ] C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll
23:32:16.0354 5440 C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll - ok
23:32:16.0359 5440 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
23:32:16.0359 5440 C:\Windows\SysWOW64\cryptsp.dll - ok
23:32:16.0363 5440 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
23:32:16.0363 5440 C:\Windows\SysWOW64\dnsapi.dll - ok
23:32:16.0366 5440 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
23:32:16.0366 5440 C:\Windows\SysWOW64\rsaenh.dll - ok
23:32:16.0370 5440 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
23:32:16.0370 5440 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
23:32:16.0374 5440 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
23:32:16.0374 5440 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
23:32:16.0378 5440 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
23:32:16.0378 5440 C:\Windows\SysWOW64\NapiNSP.dll - ok
23:32:16.0382 5440 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
23:32:16.0382 5440 C:\Windows\SysWOW64\pnrpnsp.dll - ok
23:32:16.0385 5440 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
23:32:16.0385 5440 C:\Windows\SysWOW64\winnsi.dll - ok
23:32:16.0390 5440 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
23:32:16.0390 5440 C:\Windows\SysWOW64\rasadhlp.dll - ok
23:32:16.0393 5440 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
23:32:16.0393 5440 C:\Windows\SysWOW64\winrnr.dll - ok
23:32:16.0397 5440 [ B6D90C99A72044AEF85A2B7D78FEBEF4 ] C:\Program Files\Alwil Software\Avast5\defs\13043000\exts.dll
23:32:16.0397 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\exts.dll - ok
23:32:16.0401 5440 [ F787D427F7EB96FBA1E495600BB8CD30 ] C:\Program Files\Alwil Software\Avast5\ashWebSv.dll
23:32:16.0401 5440 C:\Program Files\Alwil Software\Avast5\ashWebSv.dll - ok
23:32:16.0404 5440 [ 4130D86B0642EFCBB65AD6B2C9BD022E ] C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll
23:32:16.0405 5440 C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll - ok
23:32:16.0411 5440 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
23:32:16.0411 5440 C:\Windows\SysWOW64\security.dll - ok
23:32:16.0415 5440 [ 9BDDA34DC4890169DE5BA21134B33EFB ] C:\Windows\SysWOW64\iertutil.dll
23:32:16.0415 5440 C:\Windows\SysWOW64\iertutil.dll - ok
23:32:16.0419 5440 [ 4E7F83E1F6AEFA38E270EA7353D6911E ] C:\Windows\SysWOW64\urlmon.dll
23:32:16.0419 5440 C:\Windows\SysWOW64\urlmon.dll - ok
23:32:16.0424 5440 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
23:32:16.0424 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
23:32:16.0429 5440 [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
23:32:16.0429 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
23:32:16.0433 5440 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
23:32:16.0433 5440 C:\Windows\SysWOW64\wship6.dll - ok
23:32:16.0438 5440 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
23:32:16.0438 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
23:32:16.0443 5440 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
23:32:16.0443 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
23:32:16.0448 5440 [ 2FFBCD4394E60013EAF45427EC4E6A1E ] C:\Program Files\Alwil Software\Avast5\defs\13043000\aswAR.dll
23:32:16.0448 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\aswAR.dll - ok
23:32:16.0452 5440 [ 9EC1D983086E5FA14FFB3518B7E3B596 ] C:\Program Files\Alwil Software\Avast5\defs\13043000\aswRawFS.dll
23:32:16.0452 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\aswRawFS.dll - ok
23:32:16.0457 5440 [ 2B460CA1AC9A2249C92E54E39A8ACF42 ] C:\Program Files\Alwil Software\Avast5\snxhk.dll
23:32:16.0457 5440 C:\Program Files\Alwil Software\Avast5\snxhk.dll - ok
23:32:16.0461 5440 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
23:32:16.0461 5440 C:\Windows\System32\mpr.dll - ok
23:32:16.0465 5440 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
23:32:16.0465 5440 C:\Windows\System32\netman.dll - ok
23:32:16.0471 5440 [ 1B399CC9E24C9D65CEBA5A807C4036D7 ] C:\Program Files\Alwil Software\Avast5\snxhk64.dll
23:32:16.0471 5440 C:\Program Files\Alwil Software\Avast5\snxhk64.dll - ok
23:32:16.0475 5440 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
23:32:16.0475 5440 C:\Windows\System32\dllhost.exe - ok
23:32:16.0480 5440 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
23:32:16.0480 5440 C:\Windows\System32\IDStore.dll - ok
23:32:16.0485 5440 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
23:32:16.0485 5440 C:\Windows\System32\taskhost.exe - ok
23:32:16.0491 5440 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
23:32:16.0491 5440 C:\Windows\System32\HotStartUserAgent.dll - ok
23:32:16.0494 5440 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
23:32:16.0494 5440 C:\Windows\System32\AtBroker.exe - ok
23:32:16.0499 5440 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
23:32:16.0499 5440 C:\Windows\System32\PlaySndSrv.dll - ok
23:32:16.0503 5440 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
23:32:16.0503 5440 C:\Windows\System32\userinit.exe - ok
23:32:16.0509 5440 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:32:16.0509 5440 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
23:32:16.0514 5440 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
23:32:16.0514 5440 C:\Windows\System32\dwm.exe - ok
23:32:16.0518 5440 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
23:32:16.0518 5440 C:\Windows\System32\dwmredir.dll - ok
23:32:16.0522 5440 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
23:32:16.0522 5440 C:\Windows\System32\MsCtfMonitor.dll - ok
23:32:16.0527 5440 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
23:32:16.0527 5440 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
23:32:16.0532 5440 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
23:32:16.0532 5440 C:\Windows\System32\dwmcore.dll - ok
23:32:16.0537 5440 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
23:32:16.0537 5440 C:\Windows\System32\msutb.dll - ok
23:32:16.0541 5440 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
23:32:16.0541 5440 C:\Windows\explorer.exe - ok
23:32:16.0545 5440 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
23:32:16.0545 5440 C:\Windows\SysWOW64\imagehlp.dll - ok
23:32:16.0548 5440 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
23:32:16.0549 5440 C:\Windows\SysWOW64\msi.dll - ok
23:32:16.0552 5440 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
23:32:16.0552 5440 C:\Windows\System32\d3d10_1.dll - ok
23:32:16.0556 5440 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
23:32:16.0556 5440 C:\Windows\System32\d3d10_1core.dll - ok
23:32:16.0560 5440 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
23:32:16.0560 5440 C:\Windows\System32\dxgi.dll - ok
23:32:16.0564 5440 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
23:32:16.0564 5440 C:\Windows\System32\ExplorerFrame.dll - ok
23:32:16.0568 5440 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
23:32:16.0568 5440 C:\Windows\System32\alg.exe - ok
23:32:16.0572 5440 [ D1CEEA2B47CB998321C579651CE3E4F8 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:32:16.0572 5440 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe - ok
23:32:16.0576 5440 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:32:16.0576 5440 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
23:32:16.0581 5440 [ C58687487F15A3C14B6A18416F055A5B ] C:\Program Files\Alwil Software\Avast5\ashShA64.dll
23:32:16.0581 5440 C:\Program Files\Alwil Software\Avast5\ashShA64.dll - ok
23:32:16.0586 5440 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
23:32:16.0586 5440 C:\Windows\ehome\ehrecvr.exe - ok
23:32:16.0592 5440 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
23:32:16.0592 5440 C:\Windows\ehome\ehsched.exe - ok
23:32:16.0597 5440 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
23:32:16.0597 5440 C:\Windows\System32\FXSSVC.exe - ok
23:32:16.0601 5440 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:32:16.0601 5440 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe - ok
23:32:16.0605 5440 [ 0F261EC4F514926177C70C1832374231 ] C:\Program Files\iPod\bin\iPodService.exe
23:32:16.0605 5440 C:\Program Files\iPod\bin\iPodService.exe - ok
23:32:16.0610 5440 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] C:\Windows\System32\msdtc.exe
23:32:16.0610 5440 C:\Windows\System32\msdtc.exe - ok
23:32:16.0614 5440 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
23:32:16.0614 5440 C:\Windows\System32\msiexec.exe - ok
23:32:16.0619 5440 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
23:32:16.0619 5440 C:\Windows\System32\Locator.exe - ok
23:32:16.0624 5440 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
23:32:16.0624 5440 C:\Windows\System32\sppsvc.exe - ok
23:32:16.0629 5440 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
23:32:16.0629 5440 C:\Windows\servicing\TrustedInstaller.exe - ok
23:32:16.0632 5440 [ BAEF86EBEAECE76573FA822DEA256F6C ] C:\Program Files\Intel\TurboBoost\TurboBoost.exe
23:32:16.0632 5440 C:\Program Files\Intel\TurboBoost\TurboBoost.exe - ok
23:32:16.0636 5440 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
23:32:16.0636 5440 C:\Windows\System32\UI0Detect.exe - ok
23:32:16.0640 5440 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
23:32:16.0640 5440 C:\Windows\System32\vds.exe - ok
23:32:16.0644 5440 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
23:32:16.0644 5440 C:\Windows\System32\VSSVC.exe - ok
23:32:16.0648 5440 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] C:\Windows\System32\Wat\WatAdminSvc.exe
23:32:16.0648 5440 C:\Windows\System32\Wat\WatAdminSvc.exe - ok
23:32:16.0652 5440 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
23:32:16.0652 5440 C:\Windows\System32\wbengine.exe - ok
23:32:16.0656 5440 [ E6050FE6B60FA91188B8ABDB5B1E339F ] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
23:32:16.0656 5440 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe - ok
23:32:16.0660 5440 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
23:32:16.0660 5440 C:\Windows\SysWOW64\apphelp.dll - ok
23:32:16.0664 5440 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
23:32:16.0664 5440 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
23:32:16.0668 5440 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
23:32:16.0668 5440 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
23:32:16.0672 5440 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
23:32:16.0672 5440 C:\Windows\SysWOW64\mstask.dll - ok
23:32:16.0677 5440 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
23:32:16.0677 5440 C:\Windows\System32\dbghelp.dll - ok
23:32:16.0682 5440 [ 517DE2C5568CBA6B2A24A557AC60C30B ] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
23:32:16.0682 5440 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe - ok
23:32:16.0688 5440 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
23:32:16.0688 5440 C:\Windows\System32\wbem\WmiApSrv.exe - ok
23:32:16.0693 5440 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
23:32:16.0693 5440 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
23:32:16.0697 5440 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
23:32:16.0697 5440 C:\Windows\System32\SearchIndexer.exe - ok
23:32:16.0702 5440 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
23:32:16.0702 5440 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
23:32:16.0708 5440 [ F4DCD4912B185C3AAEB92A7040832AD1 ] C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
23:32:16.0708 5440 C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe - ok
23:32:16.0712 5440 [ DF72CE5D4DC1BDD7D57D936A969B7FC8 ] C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
23:32:16.0712 5440 C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe - ok
23:32:16.0718 5440 [ BDD790326FABC31FB635130810245062 ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
23:32:16.0718 5440 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ok
23:32:16.0722 5440 [ FE29D829BC0044FE699EDC997BB1FE72 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
23:32:16.0722 5440 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe - ok
23:32:16.0728 5440 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
23:32:16.0728 5440 C:\Windows\SysWOW64\mscoree.dll - ok
23:32:16.0733 5440 [ F36521883D8DBA4F803FB4355C685142 ] C:\Program Files\P4G\BatteryLife.exe
23:32:16.0733 5440 C:\Program Files\P4G\BatteryLife.exe - ok
23:32:16.0737 5440 [ 41DDEAAAC3CA1574190004982FB639B8 ] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
23:32:16.0737 5440 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll - ok
23:32:16.0743 5440 [ 8BC7F8F0B7AE856D910B3FDD895EC50E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
23:32:16.0743 5440 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
23:32:16.0747 5440 [ DD439A3AB75B1E5D693FE89BB509E417 ] C:\Windows\System32\igd10umd64.dll
23:32:16.0747 5440 C:\Windows\System32\igd10umd64.dll - ok
23:32:16.0751 5440 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
23:32:16.0751 5440 C:\Windows\System32\uDWM.dll - ok
23:32:16.0754 5440 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
23:32:16.0754 5440 C:\Windows\System32\shdocvw.dll - ok
23:32:16.0758 5440 [ 7D4DF3E078A0EC810604B3DEC23ABC98 ] C:\Program Files\P4G\DevMng.dll
23:32:16.0758 5440 C:\Program Files\P4G\DevMng.dll - ok
23:32:16.0762 5440 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
23:32:16.0762 5440 C:\Windows\System32\linkinfo.dll - ok
23:32:16.0765 5440 [ FF6EDA29F532995FCC1F18E3B5FA8F2C ] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
23:32:16.0765 5440 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll - ok
23:32:16.0769 5440 [ 6FCAFCB0820C9BC0EE363F26A9A9D8F3 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
23:32:16.0769 5440 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll - ok
23:32:16.0773 5440 [ DCC2D8A64776B9C545AA4F53760A7690 ] C:\Program Files\P4G\OvrClk.dll
23:32:16.0773 5440 C:\Program Files\P4G\OvrClk.dll - ok
23:32:16.0778 5440 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
23:32:16.0778 5440 C:\Windows\System32\wbemcomn.dll - ok
23:32:16.0783 5440 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
23:32:16.0783 5440 C:\Windows\System32\wbem\wbemprox.dll - ok
23:32:16.0789 5440 [ 53281BC7812F67534489FF4001A2887E ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
23:32:16.0789 5440 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe - ok
23:32:16.0794 5440 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
23:32:16.0794 5440 C:\Windows\System32\aepic.dll - ok
23:32:16.0799 5440 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
23:32:16.0799 5440 C:\Windows\System32\drivers\PEAuth.sys - ok
23:32:16.0805 5440 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
23:32:16.0805 5440 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
23:32:16.0809 5440 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\SysWOW64\mfc42u.dll
23:32:16.0809 5440 C:\Windows\SysWOW64\mfc42u.dll - ok
23:32:16.0813 5440 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
23:32:16.0813 5440 C:\Windows\SysWOW64\MMDevAPI.dll - ok
23:32:16.0816 5440 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
23:32:16.0816 5440 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
23:32:16.0820 5440 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
23:32:16.0820 5440 C:\Windows\System32\drivers\secdrv.sys - ok
23:32:16.0823 5440 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
23:32:16.0823 5440 C:\Windows\System32\IPSECSVC.DLL - ok
23:32:16.0828 5440 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
23:32:16.0828 5440 C:\Windows\System32\seclogon.dll - ok
23:32:16.0832 5440 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
23:32:16.0832 5440 C:\Windows\System32\sfc.dll - ok
23:32:16.0837 5440 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
23:32:16.0837 5440 C:\Windows\System32\sfc_os.dll - ok
23:32:16.0842 5440 [ 868E3486E7EC522330344152A5535783 ] C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
23:32:16.0842 5440 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe - ok
23:32:16.0848 5440 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
23:32:16.0848 5440 C:\Windows\System32\FwRemoteSvr.dll - ok
23:32:16.0854 5440 [ A6C20CBD1B10FEF25DAA4F1CF9FBC4FF ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
23:32:16.0854 5440 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - ok
23:32:16.0860 5440 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
23:32:16.0860 5440 C:\Windows\SysWOW64\propsys.dll - ok
23:32:16.0866 5440 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
23:32:16.0866 5440 C:\Windows\SysWOW64\taskschd.dll - ok
23:32:16.0871 5440 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
23:32:16.0871 5440 C:\Windows\SysWOW64\odbc32.dll - ok
23:32:16.0875 5440 [ 9AB802C4321BA2BD6D5F41CCCE6CDB9E ] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
23:32:16.0875 5440 C:\Program Files (x86)\ASUS\Splendid\OVS.dll - ok
23:32:16.0880 5440 [ 06B4C8D5D9708A7494AC7C02CD54650E ] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
23:32:16.0880 5440 C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll - ok
23:32:16.0884 5440 [ 5368DAC1D13B2331A4F6E7530EBCDBE8 ] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
23:32:16.0885 5440 C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll - ok
23:32:16.0890 5440 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
23:32:16.0890 5440 C:\Windows\SysWOW64\odbcint.dll - ok
23:32:16.0894 5440 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
23:32:16.0894 5440 C:\Windows\SysWOW64\AudioSes.dll - ok
23:32:16.0900 5440 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
23:32:16.0900 5440 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
23:32:16.0905 5440 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
23:32:16.0905 5440 C:\Windows\SysWOW64\wbemcomn.dll - ok
23:32:16.0911 5440 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
23:32:16.0911 5440 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
23:32:16.0916 5440 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
23:32:16.0916 5440 C:\Windows\System32\aeevts.dll - ok
23:32:16.0920 5440 [ D6E497D23F4D7593145349F6E6BD56CA ] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
23:32:16.0920 5440 C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll - ok
23:32:16.0925 5440 [ 388CE212A119271EEA68F42712F3F64F ] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
23:32:16.0925 5440 C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL - ok
23:32:16.0929 5440 [ E7C665D4AFAAB45A9086D02FFC87A4B4 ] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
23:32:16.0929 5440 C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll - ok
23:32:16.0933 5440 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
23:32:16.0933 5440 C:\Windows\SysWOW64\mfc42.dll - ok
23:32:16.0937 5440 [ 41A5048E49372F091B2AE5A5B705B72D ] C:\Windows\SysWOW64\ACEngSvr.exe
23:32:16.0937 5440 C:\Windows\SysWOW64\ACEngSvr.exe - ok
23:32:16.0941 5440 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
23:32:16.0941 5440 C:\Windows\System32\ddraw.dll - ok
23:32:16.0944 5440 [ 891B0581937923C729765C0147C75937 ] C:\Program Files\Elantech\ETDCtrl.exe
23:32:16.0944 5440 C:\Program Files\Elantech\ETDCtrl.exe - ok
23:32:16.0948 5440 [ F30AA962D602D1A0377DFB99031E7B5C ] C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
23:32:16.0948 5440 C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe - ok
23:32:16.0953 5440 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
23:32:16.0953 5440 C:\Windows\System32\fltLib.dll - ok
23:32:16.0957 5440 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
23:32:16.0957 5440 C:\Windows\System32\rundll32.exe - ok
23:32:16.0961 5440 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
23:32:16.0961 5440 C:\Windows\SysWOW64\xmllite.dll - ok
23:32:16.0964 5440 [ 1ED3834B42CD6ED09ACA29739EE55DC0 ] C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
23:32:16.0964 5440 C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe - ok
23:32:16.0968 5440 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
23:32:16.0968 5440 C:\Windows\System32\dciman32.dll - ok
23:32:16.0972 5440 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
23:32:16.0972 5440 C:\Windows\SysWOW64\oledlg.dll - ok
23:32:16.0975 5440 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
23:32:16.0975 5440 C:\Windows\SysWOW64\winhttp.dll - ok
23:32:16.0979 5440 [ B47BC7138241E1B836384D5211AE34C8 ] C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
23:32:16.0979 5440 C:\Program Files\Alwil Software\Avast5\Setup\avast.setup - ok
23:32:16.0982 5440 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
23:32:16.0982 5440 C:\Windows\SysWOW64\webio.dll - ok
23:32:16.0986 5440 [ 810A5F70CEB063CEC85360394BEC2C56 ] C:\Windows\System32\igfxtray.exe
23:32:16.0986 5440 C:\Windows\System32\igfxtray.exe - ok
23:32:16.0990 5440 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
23:32:16.0990 5440 C:\Windows\SysWOW64\oleacc.dll - ok
23:32:16.0994 5440 [ 2FE8F6A30802B69A3F501607F346DEEA ] C:\Windows\System32\hkcmd.exe
23:32:16.0994 5440 C:\Windows\System32\hkcmd.exe - ok
23:32:16.0997 5440 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
23:32:16.0997 5440 C:\Windows\System32\sysmain.dll - ok
23:32:17.0001 5440 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
23:32:17.0001 5440 C:\Windows\System32\drivers\tcpipreg.sys - ok
23:32:17.0005 5440 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
23:32:17.0005 5440 C:\Windows\System32\wiaservc.dll - ok
23:32:17.0010 5440 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
23:32:17.0010 5440 C:\Windows\System32\tapisrv.dll - ok
23:32:17.0016 5440 [ CA1941B93BA45B7EA4D7D9F451B25C84 ] C:\Windows\System32\igfxpers.exe
23:32:17.0016 5440 C:\Windows\System32\igfxpers.exe - ok
23:32:17.0022 5440 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
23:32:17.0022 5440 C:\Windows\System32\wiatrace.dll - ok
23:32:17.0026 5440 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
23:32:17.0027 5440 C:\Windows\System32\trkwks.dll - ok
23:32:17.0031 5440 [ 8629773FE7379BB7095A61936CC6BD24 ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
23:32:17.0031 5440 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok
23:32:17.0035 5440 [ 3C05868191B33A729CC1CC90B264D467 ] C:\PROGRA~1\WESTER~1\WDSMAR~1\WDDRIV~1\WDDMST~1.EXE
23:32:17.0035 5440 C:\PROGRA~1\WESTER~1\WDSMAR~1\WDDRIV~1\WDDMST~1.EXE - ok
23:32:17.0038 5440 [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
23:32:17.0038 5440 C:\Users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
23:32:17.0042 5440 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
23:32:17.0042 5440 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
23:32:17.0046 5440 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
23:32:17.0046 5440 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
23:32:17.0049 5440 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
23:32:17.0049 5440 C:\Windows\SysWOW64\powrprof.dll - ok
23:32:17.0053 5440 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
23:32:17.0053 5440 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
23:32:17.0057 5440 [ B5B2896034D8ADEBD79E0C281B52508F ] C:\Windows\AppPatch\AcGenral.dll
23:32:17.0057 5440 C:\Windows\AppPatch\AcGenral.dll - ok
23:32:17.0060 5440 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
23:32:17.0060 5440 C:\Windows\System32\EhStorShell.dll - ok
23:32:17.0064 5440 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
23:32:17.0064 5440 C:\Windows\System32\cscui.dll - ok
23:32:17.0067 5440 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
23:32:17.0067 5440 C:\Windows\SysWOW64\msacm32.dll - ok
23:32:17.0071 5440 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
23:32:17.0071 5440 C:\Windows\System32\cscdll.dll - ok
23:32:17.0075 5440 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
23:32:17.0075 5440 C:\Windows\System32\IconCodecService.dll - ok
23:32:17.0081 5440 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
23:32:17.0081 5440 C:\Windows\SysWOW64\mpr.dll - ok
23:32:17.0084 5440 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
23:32:17.0084 5440 C:\Windows\SysWOW64\sfc.dll - ok
23:32:17.0089 5440 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
23:32:17.0089 5440 C:\Windows\SysWOW64\sfc_os.dll - ok
23:32:17.0093 5440 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
23:32:17.0093 5440 C:\Windows\SysWOW64\dssenh.dll - ok
23:32:17.0097 5440 [ 3ECCDD3FE310DD8F82D085447089ADB0 ] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
23:32:17.0097 5440 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe - ok
23:32:17.0101 5440 [ B83D5071B32A70BEBDB3330BFA7ACB80 ] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
23:32:17.0101 5440 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe - ok
23:32:17.0105 5440 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
23:32:17.0105 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
23:32:17.0112 5440 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
23:32:17.0112 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
23:32:17.0118 5440 [ FBA4773ECFEFFC6566FB2AD13CEC4940 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
23:32:17.0118 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll - ok
23:32:17.0122 5440 [ 1E3CB1435EC745058628AE40FEA9F471 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
23:32:17.0122 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll - ok
23:32:17.0126 5440 [ EE74A0FF7C5752E49911986F22BBAEEF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
23:32:17.0126 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll - ok
23:32:17.0130 5440 [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
23:32:17.0130 5440 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
23:32:17.0135 5440 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
23:32:17.0135 5440 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
23:32:17.0139 5440 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
23:32:17.0139 5440 C:\Windows\SysWOW64\riched20.dll - ok
23:32:17.0143 5440 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
23:32:17.0143 5440 C:\Windows\SysWOW64\ncrypt.dll - ok
23:32:17.0147 5440 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
23:32:17.0147 5440 C:\Windows\SysWOW64\bcrypt.dll - ok
23:32:17.0151 5440 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
23:32:17.0151 5440 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
23:32:17.0157 5440 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
23:32:17.0157 5440 C:\Windows\SysWOW64\gpapi.dll - ok
23:32:17.0162 5440 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
23:32:17.0162 5440 C:\Windows\SysWOW64\cryptnet.dll - ok
23:32:17.0167 5440 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
23:32:17.0167 5440 C:\Windows\SysWOW64\SensApi.dll - ok
23:32:17.0172 5440 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
23:32:17.0172 5440 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
23:32:17.0176 5440 [ 5C396DDE6AAFFB64ABC0E0FD88F53553 ] C:\Windows\AsScrPro.exe
23:32:17.0176 5440 C:\Windows\AsScrPro.exe - ok
23:32:17.0181 5440 [ 7B37F8EC25C9AD853E8126C1D0992201 ] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\msvcm90.dll
23:32:17.0181 5440 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\msvcm90.dll - ok
23:32:17.0186 5440 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
23:32:17.0186 5440 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
23:32:17.0193 5440 [ 7765680E25E329708CB034B180CF9FCD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
23:32:17.0193 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll - ok
23:32:17.0199 5440 [ 9D8F3B5E2FACDAF0183CAA834AAD7171 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_169.ocx
23:32:17.0199 5440 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_169.ocx - ok
23:32:17.0205 5440 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
23:32:17.0205 5440 C:\Windows\SysWOW64\regsvr32.exe - ok
23:32:17.0211 5440 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
23:32:17.0211 5440 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
23:32:17.0217 5440 [ 26F576A53AA20E61637A009109D886EA ] C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
23:32:17.0217 5440 C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll - ok
23:32:17.0223 5440 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
23:32:17.0223 5440 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
23:32:17.0227 5440 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
23:32:17.0227 5440 C:\Windows\SysWOW64\d3d9.dll - ok
23:32:17.0232 5440 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
23:32:17.0232 5440 C:\Windows\SysWOW64\d3d8thk.dll - ok
23:32:17.0237 5440 [ C679F9E548ECB2E75A2879A3AACB6104 ] C:\Windows\SysWOW64\igdumdx32.dll
23:32:17.0237 5440 C:\Windows\SysWOW64\igdumdx32.dll - ok
23:32:17.0241 5440 [ 8020C0923CB26676E998D0BD246CFAEF ] C:\Windows\SysWOW64\igdumd32.dll
23:32:17.0241 5440 C:\Windows\SysWOW64\igdumd32.dll - ok
23:32:17.0246 5440 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
23:32:17.0246 5440 C:\Windows\SysWOW64\dsound.dll - ok
23:32:17.0251 5440 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
23:32:17.0252 5440 C:\Windows\SysWOW64\mscms.dll - ok
23:32:17.0257 5440 [ DFE118C95C6571B87D1923DAB3FA0A77 ] C:\Windows\SysWOW64\ieframe.dll
23:32:17.0257 5440 C:\Windows\SysWOW64\ieframe.dll - ok
23:32:17.0263 5440 [ BE39E22059A3082D5289739299C33C01 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
23:32:17.0263 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll - ok
23:32:17.0269 5440 [ 80CAECD939497A17BD8CEEDD94691B40 ] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFMEIPC.dll
23:32:17.0269 5440 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFMEIPC.dll - ok
23:32:17.0274 5440 [ 4D03CA609E68F4C90CF66515218017F8 ] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\msvcr90.dll
23:32:17.0274 5440 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\msvcr90.dll - ok
23:32:17.0279 5440 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
23:32:17.0279 5440 C:\Windows\System32\mscoree.dll - ok
23:32:17.0285 5440 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
23:32:17.0285 5440 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
23:32:17.0291 5440 [ EF982260A3102B065D94F1E5959EC8B9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
23:32:17.0291 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll - ok
23:32:17.0298 5440 [ 35CAB7CF3754C41AEB69DCE1D5ACA5A4 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
23:32:17.0298 5440 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
23:32:17.0303 5440 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
23:32:17.0303 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
23:32:17.0308 5440 [ 51D2F66C0C55419CA4A797C8D1B0AD8D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
23:32:17.0308 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll - ok
23:32:17.0314 5440 [ 8B1590C627138166C015A5680ABF6BB2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
23:32:17.0315 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll - ok
23:32:17.0320 5440 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
23:32:17.0320 5440 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
23:32:17.0326 5440 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
23:32:17.0326 5440 C:\Windows\SysWOW64\rasapi32.dll - ok
23:32:17.0331 5440 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
23:32:17.0331 5440 C:\Windows\SysWOW64\rasman.dll - ok
23:32:17.0336 5440 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
23:32:17.0336 5440 C:\Windows\SysWOW64\rtutils.dll - ok
23:32:17.0342 5440 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
23:32:17.0342 5440 C:\Windows\SysWOW64\netprofm.dll - ok
23:32:17.0347 5440 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
23:32:17.0347 5440 C:\Windows\SysWOW64\nlaapi.dll - ok
23:32:17.0353 5440 [ 5E4EB12A399889BFBEF1412ACBB797FC ] C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
23:32:17.0353 5440 C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll - ok
23:32:17.0360 5440 [ 972DCC74D4CDCB64086E7CFACBDB74CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
23:32:17.0360 5440 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
23:32:17.0366 5440 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
23:32:17.0366 5440 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
23:32:17.0372 5440 [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
23:32:17.0372 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
23:32:17.0379 5440 [ 8B8356F2F1A6E6D2DAB195B61454BED1 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\ExternSHIMU.exe
23:32:17.0379 5440 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\ExternSHIMU.exe - ok
23:32:17.0385 5440 [ 361D28DD546B8BC580A0F8FA4D44568F ] C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
23:32:17.0385 5440 C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll - ok
23:32:17.0391 5440 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
23:32:17.0391 5440 C:\Windows\System32\conhost.exe - ok
23:32:17.0396 5440 [ 980F2C9524E07E6DF7B67E601A0FC4FF ] C:\Windows\SysWOW64\nvapi.dll
23:32:17.0396 5440 C:\Windows\SysWOW64\nvapi.dll - ok
23:32:17.0400 5440 [ D44DFE60BCBB223C0120DDAC09DEA20D ] C:\Windows\System32\nvcpl.dll
23:32:17.0400 5440 C:\Windows\System32\nvcpl.dll - ok
23:32:17.0404 5440 [ B428536DBD5B29AB45951CC522326357 ] C:\Windows\System32\nvd3dumx.dll
23:32:17.0404 5440 C:\Windows\System32\nvd3dumx.dll - ok
23:32:17.0409 5440 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
23:32:17.0409 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
23:32:17.0413 5440 [ 69C85737F4CA5634E7A19B818579D176 ] C:\Windows\SysWOW64\dxdiagn.dll
23:32:17.0413 5440 C:\Windows\SysWOW64\dxdiagn.dll - ok
23:32:17.0417 5440 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
23:32:17.0417 5440 C:\Windows\SysWOW64\dxgi.dll - ok
23:32:17.0422 5440 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
23:32:17.0422 5440 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
23:32:17.0426 5440 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
23:32:17.0426 5440 C:\Windows\SysWOW64\d3d10.dll - ok
23:32:17.0431 5440 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
23:32:17.0431 5440 C:\Windows\System32\riched20.dll - ok
23:32:17.0436 5440 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
23:32:17.0437 5440 C:\Windows\SysWOW64\d3d10core.dll - ok
23:32:17.0442 5440 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
23:32:17.0442 5440 C:\Windows\SysWOW64\d3d10_1.dll - ok
23:32:17.0447 5440 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
23:32:17.0447 5440 C:\Windows\SysWOW64\d3d10_1core.dll - ok
23:32:17.0451 5440 [ 33D933951E1DD39BA9A973CA5651BC90 ] C:\Windows\SysWOW64\d3d11.dll
23:32:17.0451 5440 C:\Windows\SysWOW64\d3d11.dll - ok
23:32:17.0455 5440 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
23:32:17.0455 5440 C:\Windows\System32\SensApi.dll - ok
23:32:17.0460 5440 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
23:32:17.0460 5440 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
23:32:17.0465 5440 [ 425D035880430FBED64DD6205C77F5B2 ] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\msvcr90.dll
23:32:17.0465 5440 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\msvcr90.dll - ok
23:32:17.0470 5440 [ 1E7CE519349CA4B49930AD843470A3F9 ] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\msvcm90.dll
23:32:17.0470 5440 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\msvcm90.dll - ok
23:32:17.0474 5440 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
23:32:17.0474 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
23:32:17.0480 5440 [ D36AE1B392FAA88FBEF39DE1142DF051 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f5ec8051a7f0dc49a56aa2563039702e\System.ServiceProcess.ni.dll
23:32:17.0480 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f5ec8051a7f0dc49a56aa2563039702e\System.ServiceProcess.ni.dll - ok
23:32:17.0486 5440 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
23:32:17.0486 5440 C:\Windows\System32\wbem\WMIsvc.dll - ok
23:32:17.0491 5440 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
23:32:17.0491 5440 C:\Windows\System32\rasmans.dll - ok
23:32:17.0497 5440 [ 8965A4CAA8E006F5F32D084CABD3679E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll
23:32:17.0497 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll - ok
23:32:17.0502 5440 [ 543F66B34D76F3A3B0C318E2BCEB9978 ] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFMEIPC.dll
23:32:17.0502 5440 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFMEIPC.dll - ok
23:32:17.0507 5440 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
23:32:17.0507 5440 C:\Windows\System32\rastapi.dll - ok
23:32:17.0512 5440 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
23:32:17.0512 5440 C:\Windows\System32\tapi32.dll - ok
23:32:17.0517 5440 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
23:32:17.0517 5440 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
23:32:17.0522 5440 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
23:32:17.0522 5440 C:\Windows\System32\iphlpsvc.dll - ok
23:32:17.0528 5440 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
23:32:17.0528 5440 C:\Windows\System32\wbem\WinMgmtR.dll - ok
23:32:17.0533 5440 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
23:32:17.0533 5440 C:\Windows\System32\wbem\fastprox.dll - ok
23:32:17.0538 5440 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
23:32:17.0538 5440 C:\Windows\System32\sqmapi.dll - ok
23:32:17.0543 5440 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
23:32:17.0543 5440 C:\Windows\System32\wdscore.dll - ok
23:32:17.0547 5440 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
23:32:17.0547 5440 C:\Windows\System32\ntdsapi.dll - ok
23:32:17.0552 5440 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
23:32:17.0552 5440 C:\Windows\System32\unimdm.tsp - ok
23:32:17.0557 5440 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
23:32:17.0557 5440 C:\Windows\System32\hnetcfg.dll - ok
23:32:17.0563 5440 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
23:32:17.0563 5440 C:\Windows\System32\uniplat.dll - ok
23:32:17.0566 5440 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
23:32:17.0566 5440 C:\Windows\System32\kmddsp.tsp - ok
23:32:17.0570 5440 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
23:32:17.0570 5440 C:\Windows\System32\nci.dll - ok
23:32:17.0574 5440 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
23:32:17.0574 5440 C:\Windows\System32\ndptsp.tsp - ok
23:32:17.0578 5440 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
23:32:17.0578 5440 C:\Windows\System32\hidphone.tsp - ok
23:32:17.0583 5440 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
23:32:17.0583 5440 C:\Windows\System32\wbem\wbemcore.dll - ok
23:32:17.0587 5440 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
23:32:17.0587 5440 C:\Windows\System32\wbem\esscli.dll - ok
23:32:17.0591 5440 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
23:32:17.0591 5440 C:\Windows\System32\rasppp.dll - ok
23:32:17.0596 5440 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
23:32:17.0596 5440 C:\Windows\System32\vpnike.dll - ok
23:32:17.0601 5440 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
23:32:17.0601 5440 C:\Windows\System32\wbem\wbemsvc.dll - ok
23:32:17.0606 5440 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
23:32:17.0606 5440 C:\Windows\System32\wbem\wmiutils.dll - ok
23:32:17.0611 5440 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
23:32:17.0611 5440 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
23:32:17.0616 5440 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
23:32:17.0616 5440 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
23:32:17.0621 5440 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
23:32:17.0621 5440 C:\Windows\System32\raschap.dll - ok
23:32:17.0625 5440 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
23:32:17.0625 5440 C:\Windows\SysWOW64\ntdsapi.dll - ok
23:32:17.0630 5440 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
23:32:17.0630 5440 C:\Windows\System32\wbem\repdrvfs.dll - ok
23:32:17.0634 5440 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
23:32:17.0634 5440 C:\Windows\System32\ipnathlp.dll - ok
23:32:17.0638 5440 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
23:32:17.0638 5440 C:\Windows\System32\mprapi.dll - ok
23:32:17.0643 5440 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
23:32:17.0643 5440 C:\Windows\System32\netshell.dll - ok
23:32:17.0647 5440 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
23:32:17.0647 5440 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
23:32:17.0651 5440 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
23:32:17.0651 5440 C:\Windows\System32\ncobjapi.dll - ok
23:32:17.0656 5440 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
23:32:17.0656 5440 C:\Windows\System32\wbem\wbemess.dll - ok
23:32:17.0660 5440 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
23:32:17.0660 5440 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
23:32:17.0664 5440 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
23:32:17.0664 5440 C:\Windows\System32\wbem\wmiprov.dll - ok
23:32:17.0668 5440 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
23:32:17.0668 5440 C:\Windows\System32\wbem\NCProv.dll - ok
23:32:17.0673 5440 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
23:32:17.0673 5440 C:\Windows\System32\wbem\cimwin32.dll - ok
23:32:17.0677 5440 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
23:32:17.0677 5440 C:\Windows\System32\framedynos.dll - ok
23:32:17.0681 5440 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
23:32:17.0681 5440 C:\Windows\System32\browcli.dll - ok
23:32:17.0685 5440 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
23:32:17.0685 5440 C:\Windows\System32\schedcli.dll - ok
23:32:17.0690 5440 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
23:32:17.0690 5440 C:\Windows\SysWOW64\winbrand.dll - ok
23:32:17.0694 5440 [ C3670CD073CAF4866F600CDA2E8CD0E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
23:32:17.0694 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll - ok
23:32:17.0700 5440 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
23:32:17.0700 5440 C:\Windows\SysWOW64\ddraw.dll - ok
23:32:17.0706 5440 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
23:32:17.0706 5440 C:\Windows\SysWOW64\shfolder.dll - ok
23:32:17.0712 5440 [ 9892E0D72EEDF3DA1CDCFDAC318D556C ] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll
23:32:17.0712 5440 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll - ok
23:32:17.0718 5440 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
23:32:17.0718 5440 C:\Windows\System32\perfos.dll - ok
23:32:17.0722 5440 [ 085534064E63A544DEE8B699FEE69E7F ] C:\Program Files\P4G\Lang\V0410.dll
23:32:17.0722 5440 C:\Program Files\P4G\Lang\V0410.dll - ok
23:32:17.0728 5440 [ 5F3F1BF5F5B43293953FC915845910C4 ] C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
23:32:17.0728 5440 C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
23:32:17.0732 5440 [ 8F1913EE046F16D263A793D53BC108DB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll
23:32:17.0732 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll - ok
23:32:17.0737 5440 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
23:32:17.0737 5440 C:\Windows\System32\ndiscapCfg.dll - ok
23:32:17.0741 5440 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
23:32:17.0741 5440 C:\Windows\System32\rascfg.dll - ok
23:32:17.0746 5440 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
23:32:17.0746 5440 C:\Windows\System32\mprmsg.dll - ok
23:32:17.0750 5440 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
23:32:17.0750 5440 C:\Windows\System32\tcpipcfg.dll - ok
23:32:17.0755 5440 [ 4F72C8B661DEC62F4DF0F15D33106372 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll
23:32:17.0755 5440 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll - ok
23:32:17.0760 5440 [ 511E32DF8681C3DD344D4E971F625911 ] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Vista\Shadow.dll
23:32:17.0760 5440 C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Vista\Shadow.dll - ok
23:32:17.0765 5440 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
23:32:17.0765 5440 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
23:32:17.0769 5440 [ ECF18C562BD3604293944120CA1DC208 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll
23:32:17.0770 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll - ok
23:32:17.0774 5440 [ 7EC0743DBACC4F137BBAEF2E9DE05417 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\1ea01658676f73cf48ebde8e904a0464\System.Configuration.Install.ni.dll
23:32:17.0774 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\1ea01658676f73cf48ebde8e904a0464\System.Configuration.Install.ni.dll - ok
23:32:17.0780 5440 [ A941FA30DE292B3247A0322E0124F830 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\9d2a9fc04e660079633eb74b37a1d77c\Microsoft.VisualC.ni.dll
23:32:17.0780 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\9d2a9fc04e660079633eb74b37a1d77c\Microsoft.VisualC.ni.dll - ok
23:32:17.0784 5440 [ E22B0F45D6E97A4386067587DEAFA77D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab2d590a7a1566fe78e3275a90a30ceb\System.Configuration.ni.dll
23:32:17.0785 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab2d590a7a1566fe78e3275a90a30ceb\System.Configuration.ni.dll - ok
23:32:17.0790 5440 [ BACD83A35760CD6281761F2F139C11E9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll
23:32:17.0790 5440 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll - ok
23:32:17.0796 5440 [ 6EF13B2475CA1301259BF8680786D6A7 ] C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
23:32:17.0796 5440 C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll - ok
23:32:17.0800 5440 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
23:32:17.0800 5440 C:\Windows\System32\npmproxy.dll - ok
23:32:17.0804 5440 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
23:32:17.0804 5440 C:\Windows\SysWOW64\npmproxy.dll - ok
23:32:17.0808 5440 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
23:32:17.0808 5440 C:\Windows\System32\appinfo.dll - ok
23:32:17.0813 5440 [ 149126216A694E6BA84E92ECA77AAE3B ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
23:32:17.0813 5440 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe - ok
23:32:17.0817 5440 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
23:32:17.0817 5440 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
23:32:17.0821 5440 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
23:32:17.0821 5440 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
23:32:17.0827 5440 [ 3B15EFE5847E058FDE1D057112443085 ] C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
23:32:17.0827 5440 C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll - ok
23:32:17.0833 5440 [ 67911F2AE18BD7EC1FCAA05B48CCA445 ] C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
23:32:17.0833 5440 C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll - ok
23:32:17.0839 5440 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
23:32:17.0839 5440 C:\Windows\System32\runonce.exe - ok
23:32:17.0844 5440 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
23:32:17.0844 5440 C:\Windows\SysWOW64\runonce.exe - ok
23:32:17.0850 5440 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
23:32:17.0850 5440 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
23:32:17.0856 5440 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
23:32:17.0856 5440 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
23:32:17.0861 5440 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
23:32:17.0861 5440 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
23:32:17.0866 5440 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
23:32:17.0866 5440 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
23:32:17.0871 5440 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
23:32:17.0871 5440 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
23:32:17.0875 5440 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
23:32:17.0875 5440 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
23:32:17.0879 5440 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
23:32:17.0879 5440 C:\Windows\SysWOW64\msxml3.dll - ok
23:32:17.0882 5440 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
23:32:17.0882 5440 C:\Windows\SysWOW64\cmd.exe - ok
23:32:17.0885 5440 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
23:32:17.0885 5440 C:\Windows\SysWOW64\shdocvw.dll - ok
23:32:17.0889 5440 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Lorusso\AppData\Local\Temp\56212872-893D-4EA8-BB03-A5380572DD83.exe
23:32:17.0889 5440 C:\Users\Lorusso\AppData\Local\Temp\56212872-893D-4EA8-BB03-A5380572DD83.exe - ok
23:32:17.0893 5440 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
23:32:17.0893 5440 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe - ok
23:32:17.0898 5440 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
23:32:17.0898 5440 C:\Windows\System32\wpdbusenum.dll - ok
23:32:17.0902 5440 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
23:32:17.0902 5440 C:\Windows\System32\diagperf.dll - ok
23:32:17.0906 5440 [ 8CF4B0337B06CCC624C20EE4C934767E ] C:\Windows\System32\lpksetupproxyserv.dll
23:32:17.0906 5440 C:\Windows\System32\lpksetupproxyserv.dll - ok
23:32:17.0910 5440 [ D1A463BB1ED1B1D30A4FC1E1650FAD3F ] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\FPSup\AT8Sup.dll
23:32:17.0910 5440 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\FPSup\AT8Sup.dll - ok
23:32:17.0915 5440 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
23:32:17.0915 5440 C:\Windows\System32\perftrack.dll - ok
23:32:17.0919 5440 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
23:32:17.0919 5440 C:\Windows\System32\PortableDeviceApi.dll - ok
23:32:17.0923 5440 [ 1917BE7C440DC7CF04304F0AFD7FDD16 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
23:32:17.0923 5440 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe - ok
23:32:17.0928 5440 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
23:32:17.0928 5440 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
23:32:17.0932 5440 [ EE7CEDE5A7AC78866D47C7A48D2A136D ] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\FPSup\ATSup.dll
23:32:17.0932 5440 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\FPSup\ATSup.dll - ok
23:32:17.0936 5440 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
23:32:17.0936 5440 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
23:32:17.0940 5440 [ BD4A4F9065E420F5B4FFC028C65ABFA1 ] C:\Program Files\Elantech\ETDApi.dll
23:32:17.0940 5440 C:\Program Files\Elantech\ETDApi.dll - ok
23:32:17.0945 5440 [ FBDB3F922E9247EBED7A535CBB4A4FA0 ] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\FPSup\UpkSup.dll
23:32:17.0945 5440 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\FPSup\UpkSup.dll - ok
23:32:17.0949 5440 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
23:32:17.0949 5440 C:\Windows\System32\wer.dll - ok
23:32:17.0953 5440 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
23:32:17.0954 5440 C:\Windows\System32\Apphlpdm.dll - ok
23:32:17.0958 5440 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
23:32:17.0958 5440 C:\Windows\System32\pnpts.dll - ok
23:32:17.0963 5440 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
23:32:17.0963 5440 C:\Windows\System32\wdiasqmmodule.dll - ok
23:32:17.0967 5440 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
23:32:17.0967 5440 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
23:32:17.0972 5440 [ C759FF2C5880DE29284A53A5FF976B0C ] C:\Windows\System32\pcadm.dll
23:32:17.0972 5440 C:\Windows\System32\pcadm.dll - ok
23:32:17.0975 5440 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
23:32:17.0975 5440 C:\Windows\System32\radardt.dll - ok
23:32:17.0978 5440 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
23:32:17.0978 5440 C:\Windows\SysWOW64\credssp.dll - ok
23:32:17.0982 5440 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
23:32:17.0982 5440 C:\Windows\System32\aelupsvc.dll - ok
23:32:17.0986 5440 [ AA11E1368EEB237DD100BAC6AFFE1C57 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
23:32:17.0986 5440 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe - ok
23:32:17.0990 5440 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
23:32:17.0990 5440 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
23:32:17.0994 5440 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
23:32:17.0994 5440 C:\Windows\System32\srclient.dll - ok
23:32:17.0998 5440 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
23:32:17.0998 5440 C:\Windows\System32\spp.dll - ok
23:32:18.0003 5440 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
23:32:18.0003 5440 C:\Windows\System32\sxsstore.dll - ok
23:32:18.0007 5440 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
23:32:18.0007 5440 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
23:32:18.0011 5440 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
23:32:18.0011 5440 C:\Windows\System32\dimsjob.dll - ok
23:32:18.0016 5440 [ 4A7C441D99D86704D194E7678873B95D ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
23:32:18.0016 5440 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe - ok
23:32:18.0020 5440 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
23:32:18.0020 5440 C:\Windows\SysWOW64\hid.dll - ok
23:32:18.0025 5440 [ AF0E883F0D59C64CFEB72ADDA772EA34 ] C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_it_31bf3856ad364e35\PresentationCore.resources.dll
23:32:18.0025 5440 C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_it_31bf3856ad364e35\PresentationCore.resources.dll - ok
23:32:18.0031 5440 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
23:32:18.0031 5440 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
23:32:18.0036 5440 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
23:32:18.0036 5440 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
23:32:18.0040 5440 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
23:32:18.0040 5440 C:\Windows\SysWOW64\icm32.dll - ok
23:32:18.0045 5440 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
23:32:18.0045 5440 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
23:32:18.0049 5440 [ 89344657836F91640F3DDB235D0E7F73 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll
23:32:18.0049 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll - ok
23:32:18.0053 5440 [ 7BB710183AAD6C420A8FAF7C4ABC6384 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll
23:32:18.0053 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll - ok
23:32:18.0057 5440 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
23:32:18.0057 5440 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
23:32:18.0062 5440 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
23:32:18.0062 5440 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
23:32:18.0067 5440 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
23:32:18.0067 5440 C:\Windows\System32\NapiNSP.dll - ok
23:32:18.0072 5440 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
23:32:18.0072 5440 C:\Windows\System32\shfolder.dll - ok
23:32:18.0078 5440 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
23:32:18.0078 5440 C:\Windows\System32\pnrpnsp.dll - ok
23:32:18.0083 5440 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
23:32:18.0083 5440 C:\Windows\System32\winrnr.dll - ok
23:32:18.0088 5440 [ 80739D6157FDF84E444C659AC3B0E41E ] C:\Windows\SysWOW64\PresentationNative_v0300.dll
23:32:18.0088 5440 C:\Windows\SysWOW64\PresentationNative_v0300.dll - ok
23:32:18.0092 5440 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
23:32:18.0092 5440 C:\Windows\servicing\CbsApi.dll - ok
23:32:18.0097 5440 [ DB70FE36AC8F594E9E69479C076BADB8 ] C:\Windows\System32\HelpPaneProxy.dll
23:32:18.0097 5440 C:\Windows\System32\HelpPaneProxy.dll - ok
23:32:18.0101 5440 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
23:32:18.0101 5440 C:\Windows\System32\pautoenr.dll - ok
23:32:18.0106 5440 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
23:32:18.0106 5440 C:\Windows\System32\certcli.dll - ok
23:32:18.0109 5440 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
23:32:18.0109 5440 C:\Windows\System32\CertEnroll.dll - ok
23:32:18.0113 5440 [ A95209B0323131E40309207D4C2616A8 ] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
23:32:18.0114 5440 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll - ok
23:32:18.0118 5440 [ 44CB8F8C28BC8CC2AE73740B3A1502F3 ] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
23:32:18.0118 5440 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll - ok
23:32:18.0122 5440 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
23:32:18.0122 5440 C:\Windows\SysWOW64\EhStorShell.dll - ok
23:32:18.0126 5440 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
23:32:18.0126 5440 C:\Windows\SysWOW64\ntshrui.dll - ok
23:32:18.0130 5440 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
23:32:18.0130 5440 C:\Windows\SysWOW64\slc.dll - ok
23:32:18.0134 5440 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
23:32:18.0134 5440 C:\Windows\SysWOW64\imageres.dll - ok
23:32:18.0138 5440 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
23:32:18.0138 5440 C:\Windows\System32\drivers\fastfat.sys - ok
23:32:18.0141 5440 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
23:32:18.0141 5440 C:\Windows\System32\esent.dll - ok
23:32:18.0145 5440 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
23:32:18.0145 5440 C:\Windows\SysWOW64\devrtl.dll - ok
23:32:18.0149 5440 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
23:32:18.0149 5440 C:\Windows\System32\ie4uinit.exe - ok
23:32:18.0154 5440 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
23:32:18.0154 5440 C:\Windows\System32\iedkcs32.dll - ok
23:32:18.0158 5440 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
23:32:18.0158 5440 C:\Windows\System32\timedate.cpl - ok
23:32:18.0163 5440 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
23:32:18.0163 5440 C:\Windows\System32\actxprxy.dll - ok
23:32:18.0169 5440 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
23:32:18.0169 5440 C:\Windows\System32\msiltcfg.dll - ok
23:32:18.0173 5440 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
23:32:18.0173 5440 C:\Windows\System32\msftedit.dll - ok
23:32:18.0177 5440 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
23:32:18.0177 5440 C:\Windows\System32\msls31.dll - ok
23:32:18.0183 5440 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
23:32:18.0183 5440 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
23:32:18.0187 5440 [ 652B60C9C4D5391FF0970B9086702E8F ] C:\Windows\System32\ieframe.dll
23:32:18.0187 5440 C:\Windows\System32\ieframe.dll - ok
23:32:18.0191 5440 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
23:32:18.0191 5440 C:\Windows\SysWOW64\wlanapi.dll - ok
23:32:18.0196 5440 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
23:32:18.0196 5440 C:\Windows\SysWOW64\wlanutil.dll - ok
23:32:18.0202 5440 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
23:32:18.0202 5440 C:\Windows\System32\DeviceCenter.dll - ok
23:32:18.0207 5440 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
23:32:18.0207 5440 C:\Windows\System32\oledlg.dll - ok
23:32:18.0212 5440 [ DDF55AB1E3BE3B2114D830701CF86883 ] C:\Program Files\Elantech\ETDFavorite.dll
23:32:18.0212 5440 C:\Program Files\Elantech\ETDFavorite.dll - ok
23:32:18.0216 5440 [ 22E69B6C4D09F43A31AFFE5B5B92277C ] C:\Program Files\Elantech\ETDApix.dll
23:32:18.0216 5440 C:\Program Files\Elantech\ETDApix.dll - ok
23:32:18.0220 5440 [ 25754D5D59C1507E5C39A94CA05D73CC ] C:\Program Files\Elantech\ETDCmds.dll
23:32:18.0220 5440 C:\Program Files\Elantech\ETDCmds.dll - ok
23:32:18.0224 5440 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
23:32:18.0224 5440 C:\Windows\System32\SearchFolder.dll - ok
23:32:18.0226 5440 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
23:32:18.0227 5440 C:\Windows\System32\StructuredQuery.dll - ok
23:32:18.0232 5440 [ B5D0D6CA5A59FBE1365B6A499BF550FA ] C:\Program Files\Elantech\ETDCtrlHelper.exe
23:32:18.0233 5440 C:\Program Files\Elantech\ETDCtrlHelper.exe - ok
23:32:18.0238 5440 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
23:32:18.0238 5440 C:\Windows\System32\gameux.dll - ok
23:32:18.0244 5440 [ 9DEA654E4D9820958D6B4D1EBAF2F31E ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
23:32:18.0244 5440 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe - ok
23:32:18.0249 5440 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
23:32:18.0249 5440 C:\Windows\System32\consent.exe - ok
23:32:18.0254 5440 [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll
23:32:18.0254 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok
23:32:18.0260 5440 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
23:32:18.0260 5440 C:\Windows\System32\networkexplorer.dll - ok
23:32:18.0265 5440 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
23:32:18.0265 5440 C:\Windows\System32\thumbcache.dll - ok
23:32:18.0271 5440 [ 5B3719BDBF1F035558F2D73BA166A99C ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
23:32:18.0271 5440 C:\Program Files\CONEXANT\SAII\SAIICpl.exe - ok
23:32:18.0277 5440 [ B78E390C802B8F0D2BAF4F8B181318A0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e644aa1f8f3898d38876168757db0d9b\System.Windows.Forms.ni.dll
23:32:18.0277 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e644aa1f8f3898d38876168757db0d9b\System.Windows.Forms.ni.dll - ok
23:32:18.0283 5440 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
23:32:18.0283 5440 C:\Windows\System32\ntshrui.dll - ok
23:32:18.0289 5440 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
23:32:18.0289 5440 C:\Windows\System32\stobject.dll - ok
23:32:18.0294 5440 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
23:32:18.0294 5440 C:\Windows\System32\batmeter.dll - ok
23:32:18.0299 5440 [ FEDB6110D3E0A7EFE6996F93CD8C48E7 ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
23:32:18.0299 5440 C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE - ok
23:32:18.0305 5440 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
23:32:18.0305 5440 C:\Windows\System32\mlang.dll - ok
23:32:18.0309 5440 [ 5447AF432CDA61159ADDE218C468FFD9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
23:32:18.0309 5440 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
23:32:18.0314 5440 [ BDC2D6E6BE4CF189A5D316320916AF4A ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLRES.DLL
23:32:18.0314 5440 C:\Program Files (x86)\Canon\SolutionMenu\CNSLRES.DLL - ok
23:32:18.0318 5440 [ 4D79D8F95143184B9C05F21396DE7645 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ef8150a4b9439bd8fe200670681db670\System.Data.ni.dll
23:32:18.0318 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ef8150a4b9439bd8fe200670681db670\System.Data.ni.dll - ok
23:32:18.0324 5440 [ 98D53BB2DB8E11762D30C3CF41FA140B ] C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
23:32:18.0324 5440 C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
23:32:18.0329 5440 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
23:32:18.0329 5440 C:\Windows\System32\prnfldr.dll - ok
23:32:18.0334 5440 [ 3E94D32FD23950465BB94F7352E77FFC ] C:\Windows\System32\hccutils.dll
23:32:18.0334 5440 C:\Windows\System32\hccutils.dll - ok
23:32:18.0339 5440 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
23:32:18.0340 5440 C:\Windows\System32\UIAnimation.dll - ok
23:32:18.0345 5440 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
23:32:18.0345 5440 C:\Windows\System32\DXP.dll - ok
23:32:18.0350 5440 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
23:32:18.0351 5440 C:\Windows\System32\Syncreg.dll - ok
23:32:18.0356 5440 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
23:32:18.0356 5440 C:\Windows\ehome\ehSSO.dll - ok
23:32:18.0361 5440 [ 70DC94749409DF274776902F5583C710 ] C:\Windows\System32\igfxsrvc.exe
23:32:18.0361 5440 C:\Windows\System32\igfxsrvc.exe - ok
23:32:18.0366 5440 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
23:32:18.0366 5440 C:\Windows\System32\AltTab.dll - ok
23:32:18.0369 5440 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
23:32:18.0369 5440 C:\Windows\System32\pnidui.dll - ok
23:32:18.0373 5440 [ C8598917640A816C9C5C3E30FE8A8204 ] C:\Windows\System32\igfxsrvc.dll
23:32:18.0373 5440 C:\Windows\System32\igfxsrvc.dll - ok
23:32:18.0377 5440 [ 3788FA5392A6E596CA4A3A7B2732AB03 ] C:\Windows\System32\igfxdev.dll
23:32:18.0377 5440 C:\Windows\System32\igfxdev.dll - ok
23:32:18.0382 5440 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
23:32:18.0382 5440 C:\Windows\System32\QUTIL.DLL - ok
23:32:18.0388 5440 [ 98B2D9822012AACF8592545A84D12B68 ] C:\Windows\System32\igfxrita.lrc
23:32:18.0388 5440 C:\Windows\System32\igfxrita.lrc - ok
23:32:18.0393 5440 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
23:32:18.0394 5440 C:\Windows\System32\WPDShServiceObj.dll - ok
23:32:18.0399 5440 [ 5CCD5B62076D4432D4728BB6CB3DEBFD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll
23:32:18.0399 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll - ok
23:32:18.0405 5440 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
23:32:18.0405 5440 C:\Windows\System32\bthprops.cpl - ok
23:32:18.0410 5440 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
23:32:18.0410 5440 C:\Windows\System32\PortableDeviceTypes.dll - ok
23:32:18.0414 5440 [ 0181B4C10F409299E0D8EE130EF87353 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\c54fc0cac648a174c5e35bd6589c9390\System.Management.ni.dll
23:32:18.0415 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\c54fc0cac648a174c5e35bd6589c9390\System.Management.ni.dll - ok
23:32:18.0419 5440 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
23:32:18.0419 5440 C:\Windows\System32\cscobj.dll - ok
23:32:18.0423 5440 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
23:32:18.0423 5440 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
23:32:18.0428 5440 [ 52B1F8A8372E7529EF1585AAAD055B52 ] C:\Windows\System32\igfxress.dll
23:32:18.0428 5440 C:\Windows\System32\igfxress.dll - ok
23:32:18.0432 5440 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
23:32:18.0432 5440 C:\Windows\System32\srchadmin.dll - ok
23:32:18.0436 5440 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
23:32:18.0436 5440 C:\Windows\System32\rasdlg.dll - ok
23:32:18.0440 5440 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
23:32:18.0440 5440 C:\Windows\System32\tquery.dll - ok
23:32:18.0444 5440 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
23:32:18.0444 5440 C:\Windows\System32\dot3api.dll - ok
23:32:18.0449 5440 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
23:32:18.0449 5440 C:\Windows\System32\wlanhlp.dll - ok
23:32:18.0454 5440 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
23:32:18.0454 5440 C:\Windows\System32\wlanapi.dll - ok
23:32:18.0458 5440 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
23:32:18.0458 5440 C:\Windows\System32\mssrch.dll - ok
23:32:18.0463 5440 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
23:32:18.0463 5440 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
23:32:18.0467 5440 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
23:32:18.0467 5440 C:\Windows\System32\WWanAPI.dll - ok
23:32:18.0471 5440 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
23:32:18.0471 5440 C:\Windows\System32\wwapi.dll - ok
23:32:18.0477 5440 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
23:32:18.0477 5440 C:\Windows\System32\QAGENT.DLL - ok
23:32:18.0480 5440 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
23:32:18.0480 5440 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
23:32:18.0484 5440 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
23:32:18.0484 5440 C:\Windows\System32\IccLibDll_x64.dll - ok
23:32:18.0488 5440 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
23:32:18.0488 5440 C:\Windows\System32\FXSST.dll - ok
23:32:18.0496 5440 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
23:32:18.0496 5440 C:\Windows\System32\wsock32.dll - ok
23:32:18.0499 5440 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
23:32:18.0499 5440 C:\Windows\System32\msidle.dll - ok
23:32:18.0503 5440 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
23:32:18.0503 5440 C:\Windows\System32\wmdrmdev.dll - ok
23:32:18.0507 5440 [ E2F862E750127FBF5D509321D8C3EB7D ] C:\Program Files (x86)\BitTorrent\BitTorrent.exe
23:32:18.0507 5440 C:\Program Files (x86)\BitTorrent\BitTorrent.exe - ok
23:32:18.0512 5440 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
23:32:18.0512 5440 C:\Windows\System32\mssprxy.dll - ok
23:32:18.0516 5440 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
23:32:18.0516 5440 C:\Windows\System32\drmv2clt.dll - ok
23:32:18.0520 5440 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
23:32:18.0520 5440 C:\Windows\System32\FXSAPI.dll - ok
23:32:18.0524 5440 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
23:32:18.0524 5440 C:\Windows\System32\FXSRESM.dll - ok
23:32:18.0528 5440 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
23:32:18.0528 5440 C:\Windows\System32\wmp.dll - ok
23:32:18.0533 5440 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
23:32:18.0533 5440 C:\Windows\System32\blackbox.dll - ok
23:32:18.0537 5440 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
23:32:18.0537 5440 C:\Windows\System32\security.dll - ok
23:32:18.0541 5440 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
23:32:18.0542 5440 C:\Windows\System32\upnp.dll - ok
23:32:18.0547 5440 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
23:32:18.0547 5440 C:\Windows\System32\dssenh.dll - ok
23:32:18.0552 5440 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
23:32:18.0552 5440 C:\Windows\System32\ssdpsrv.dll - ok
23:32:18.0557 5440 [ 00D434EBF534AD5241BAB8104EF2B090 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
23:32:18.0557 5440 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe - ok
23:32:18.0562 5440 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
23:32:18.0562 5440 C:\Windows\SysWOW64\FirewallAPI.dll - ok
23:32:18.0566 5440 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
23:32:18.0566 5440 C:\Windows\SysWOW64\hnetcfg.dll - ok
23:32:18.0571 5440 [ 65779D52A95BFAC2EA63E146EB0AEFE0 ] C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll
23:32:18.0571 5440 C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll - ok
23:32:18.0576 5440 [ 8323B32A6FC3FCD7E5C8BA94B36CE162 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll
23:32:18.0577 5440 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll - ok
23:32:18.0582 5440 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
23:32:18.0582 5440 C:\Windows\SysWOW64\atl.dll - ok
23:32:18.0588 5440 [ F841F32AD816DBF130F10D86FAB99B1A ] C:\Program Files (x86)\DAEMON Tools Lite\mfc100u.dll
23:32:18.0588 5440 C:\Program Files (x86)\DAEMON Tools Lite\mfc100u.dll - ok
23:32:18.0594 5440 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll
23:32:18.0594 5440 C:\Windows\SysWOW64\upnp.dll - ok
23:32:18.0599 5440 [ 6F1AC6100B372F22709B24CFC9E2CC16 ] C:\Windows\System32\FirewallControlPanel.dll
23:32:18.0599 5440 C:\Windows\System32\FirewallControlPanel.dll - ok
23:32:18.0604 5440 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
23:32:18.0604 5440 C:\Windows\SysWOW64\ssdpapi.dll - ok
23:32:18.0610 5440 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
23:32:18.0610 5440 C:\Windows\SysWOW64\sxs.dll - ok
23:32:18.0615 5440 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
23:32:18.0615 5440 C:\Windows\System32\wmploc.DLL - ok
23:32:18.0620 5440 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\DAEMON Tools Lite\msvcr100.dll
23:32:18.0620 5440 C:\Program Files (x86)\DAEMON Tools Lite\msvcr100.dll - ok
23:32:18.0624 5440 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\DAEMON Tools Lite\msvcp100.dll
23:32:18.0624 5440 C:\Program Files (x86)\DAEMON Tools Lite\msvcp100.dll - ok
23:32:18.0629 5440 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
23:32:18.0629 5440 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - ok
23:32:18.0634 5440 [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
23:32:18.0634 5440 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - ok
23:32:18.0638 5440 [ CBAA50DFA8946BEE3A093B452BE06DE8 ] C:\Windows\SysWOW64\mfc100ita.dll
23:32:18.0638 5440 C:\Windows\SysWOW64\mfc100ita.dll - ok
23:32:18.0643 5440 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
23:32:18.0643 5440 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - ok
23:32:18.0648 5440 [ 712D9EB4CD8D64AC78FBB3C9AE6A6DAC ] C:\Program Files\Internet Explorer\ieproxy.dll
23:32:18.0648 5440 C:\Program Files\Internet Explorer\ieproxy.dll - ok
23:32:18.0653 5440 [ 0DD0E4DDBC134AADDC90B9524687C10F ] C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll
23:32:18.0653 5440 C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll - ok
23:32:18.0657 5440 [ F8EA3972F14F43A6F71E3F84DE58AAED ] C:\Program Files (x86)\ooVoo\ooVoo.exe
23:32:18.0657 5440 C:\Program Files (x86)\ooVoo\ooVoo.exe - ok
23:32:18.0661 5440 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
23:32:18.0661 5440 C:\Windows\SysWOW64\netshell.dll - ok
23:32:18.0667 5440 [ 2E7029E262A0E0425EB9D893A24BE031 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\SimpleAES64.dll
23:32:18.0667 5440 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\SimpleAES64.dll - ok
23:32:18.0673 5440 [ 889570DC40D48E0CBF4762F3BD67B178 ] C:\Program Files\MATLAB\R2011a\bin\win64\MATLAB.exe
23:32:18.0673 5440 C:\Program Files\MATLAB\R2011a\bin\win64\MATLAB.exe - ok
23:32:18.0677 5440 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
23:32:18.0677 5440 C:\Windows\System32\notepad.exe - ok
23:32:18.0682 5440 [ 850396EE31B36FCC9507AF10036EFBAE ] C:\Windows\Installer\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}\iTunesIco.exe
23:32:18.0682 5440 C:\Windows\Installer\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}\iTunesIco.exe - ok
23:32:18.0687 5440 [ 38A2D5C5ECEE90A795D52A4D8B898751 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.7601.17825_none_83810474ed62c6c4\GdiPlus.dll
23:32:18.0687 5440 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.7601.17825_none_83810474ed62c6c4\GdiPlus.dll - ok
23:32:18.0693 5440 [ 47F0F526AD4982806C54B845B3289DE1 ] C:\Windows\System32\SoundRecorder.exe
23:32:18.0693 5440 C:\Windows\System32\SoundRecorder.exe - ok
23:32:18.0697 5440 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
23:32:18.0697 5440 C:\Windows\System32\wmpps.dll - ok
23:32:18.0702 5440 [ A0F1C8C0935233F36886997759FADE92 ] C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
23:32:18.0702 5440 C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe - ok
23:32:18.0706 5440 [ 2A3FB4C98F139038E23330D2439DB8A4 ] C:\Users\Lorusso\AppData\Local\Facebook\Update\FacebookUpdate.exe
23:32:18.0706 5440 C:\Users\Lorusso\AppData\Local\Facebook\Update\FacebookUpdate.exe - ok
23:32:18.0710 5440 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
23:32:18.0710 5440 C:\Windows\System32\wmpmde.dll - ok
23:32:18.0715 5440 [ 047D41187E1278E5BB8DE12B56967917 ] C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll
23:32:18.0715 5440 C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll - ok
23:32:18.0720 5440 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
23:32:18.0720 5440 C:\Windows\SysWOW64\cryptdll.dll - ok
23:32:18.0724 5440 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
23:32:18.0724 5440 C:\Windows\System32\WinSATAPI.dll - ok
23:32:18.0730 5440 [ DB1976563498431B55D1A5D6F0548663 ] C:\Users\Lorusso\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
23:32:18.0730 5440 C:\Users\Lorusso\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll - ok
23:32:18.0733 5440 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
23:32:18.0733 5440 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
23:32:18.0738 5440 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
23:32:18.0738 5440 C:\Windows\System32\MSMPEG2ENC.DLL - ok
23:32:18.0742 5440 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
23:32:18.0742 5440 C:\Windows\SysWOW64\devenum.dll - ok
23:32:18.0748 5440 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
23:32:18.0748 5440 C:\Windows\System32\devenum.dll - ok
23:32:18.0753 5440 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
23:32:18.0753 5440 C:\Windows\SysWOW64\msdmo.dll - ok
23:32:18.0758 5440 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
23:32:18.0758 5440 C:\Windows\System32\msdmo.dll - ok
23:32:18.0762 5440 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
23:32:18.0763 5440 C:\Windows\SysWOW64\avicap32.dll - ok
23:32:18.0768 5440 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
23:32:18.0768 5440 C:\Windows\System32\upnphost.dll - ok
23:32:18.0773 5440 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
23:32:18.0773 5440 C:\Windows\SysWOW64\vfwwdm32.dll - ok
23:32:18.0777 5440 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax
23:32:18.0777 5440 C:\Windows\SysWOW64\ksproxy.ax - ok
23:32:18.0783 5440 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
23:32:18.0783 5440 C:\Windows\SysWOW64\ksuser.dll - ok
23:32:18.0788 5440 [ 630A31F277349109299E590856A4B004 ] C:\Windows\SysWOW64\Kswdmcap.ax
23:32:18.0788 5440 C:\Windows\SysWOW64\Kswdmcap.ax - ok
23:32:18.0792 5440 [ 423D6F4821F0C9463CCEEBE91664E4AA ] C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
23:32:18.0792 5440 C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax - ok
23:32:18.0796 5440 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
23:32:18.0796 5440 C:\Windows\SysWOW64\olepro32.dll - ok
23:32:18.0799 5440 [ 458F4590F80563EB2A0A72709BFC2BD9 ] C:\Windows\System32\mspaint.exe
23:32:18.0799 5440 C:\Windows\System32\mspaint.exe - ok
23:32:18.0803 5440 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
23:32:18.0803 5440 C:\Windows\System32\msxml3.dll - ok
23:32:18.0807 5440 [ 4458989C34FA84B5A75DD3ABCFBE786A ] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
23:32:18.0807 5440 C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe - ok
23:32:18.0813 5440 [ 18140C8B44AC157309263410ACD460EC ] C:\Program Files (x86)\ASUS\ASUS LifeFrame3\camera_effect.ax
23:32:18.0813 5440 C:\Program Files (x86)\ASUS\ASUS LifeFrame3\camera_effect.ax - ok
23:32:18.0819 5440 [ 327477FD1853EDD05E8A02E1960092BD ] C:\Program Files (x86)\Pando Networks\Media Booster\nspr4.dll
23:32:18.0819 5440 C:\Program Files (x86)\Pando Networks\Media Booster\nspr4.dll - ok
23:32:18.0823 5440 [ 904991696B997C540EFF553B5E775809 ] C:\Program Files (x86)\Pando Networks\Media Booster\plc4.dll
23:32:18.0823 5440 C:\Program Files (x86)\Pando Networks\Media Booster\plc4.dll - ok
23:32:18.0827 5440 [ E67D2876E0892FFF0CF3B4B4630C8E4C ] C:\Program Files (x86)\Pando Networks\Media Booster\BugSplat.dll
23:32:18.0827 5440 C:\Program Files (x86)\Pando Networks\Media Booster\BugSplat.dll - ok
23:32:18.0833 5440 [ C0FD64EB5824071B6B5683AAFDB2C60C ] C:\Program Files (x86)\Pando Networks\Media Booster\nss3.dll
23:32:18.0833 5440 C:\Program Files (x86)\Pando Networks\Media Booster\nss3.dll - ok
23:32:18.0838 5440 [ D1AE6648BB68F9275652E8EDBC32B914 ] C:\Program Files (x86)\Pando Networks\Media Booster\softokn3.dll
23:32:18.0838 5440 C:\Program Files (x86)\Pando Networks\Media Booster\softokn3.dll - ok
23:32:18.0844 5440 [ 82C2CEA9AFA85E483481374621DAE39E ] C:\Program Files (x86)\Pando Networks\Media Booster\plds4.dll
23:32:18.0844 5440 C:\Program Files (x86)\Pando Networks\Media Booster\plds4.dll - ok
23:32:18.0849 5440 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
23:32:18.0849 5440 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
23:32:18.0855 5440 [ E37857FF2E9B95D1C70DF2F68DBBBD2F ] C:\Program Files (x86)\Pando Networks\Media Booster\ssl3.dll
23:32:18.0855 5440 C:\Program Files (x86)\Pando Networks\Media Booster\ssl3.dll - ok
23:32:18.0859 5440 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
23:32:18.0859 5440 C:\Windows\SysWOW64\pdh.dll - ok
23:32:18.0864 5440 [ 5D7542A68AA96C3B69AF1086318AAC54 ] C:\Program Files (x86)\Pando Networks\Media Booster\smime3.dll
23:32:18.0864 5440 C:\Program Files (x86)\Pando Networks\Media Booster\smime3.dll - ok
23:32:18.0869 5440 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
23:32:18.0869 5440 C:\Windows\SysWOW64\duser.dll - ok
23:32:18.0873 5440 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
23:32:18.0873 5440 C:\Windows\System32\udhisapi.dll - ok
23:32:18.0876 5440 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
23:32:18.0876 5440 C:\Windows\SysWOW64\dui70.dll - ok
23:32:18.0879 5440 [ EE3920731FDEAA8CD2D4B218B03B23D0 ] C:\Program Files (x86)\Pando Networks\Media Booster\freebl3.dll
23:32:18.0880 5440 C:\Program Files (x86)\Pando Networks\Media Booster\freebl3.dll - ok
23:32:18.0883 5440 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
23:32:18.0883 5440 C:\Windows\System32\drprov.dll - ok
23:32:18.0886 5440 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
23:32:18.0886 5440 C:\Windows\System32\ntlanman.dll - ok
23:32:18.0890 5440 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
23:32:18.0890 5440 C:\Windows\System32\davclnt.dll - ok
23:32:18.0893 5440 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
23:32:18.0893 5440 C:\Windows\System32\davhlpr.dll - ok
23:32:18.0897 5440 [ BA323907025874262DBD552F5BBBEFBD ] C:\Users\Lorusso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
23:32:18.0897 5440 C:\Users\Lorusso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe - ok
23:32:18.0903 5440 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
23:32:18.0903 5440 C:\Windows\SysWOW64\linkinfo.dll - ok
23:32:18.0907 5440 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\71577531.sys
23:32:18.0907 5440 C:\Windows\System32\drivers\71577531.sys - ok
23:32:18.0911 5440 [ D1F4EF194A129726FBF30E2F514824AA ] C:\Users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
23:32:18.0911 5440 C:\Users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll - ok
23:32:18.0916 5440 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
23:32:18.0916 5440 C:\Windows\SysWOW64\schannel.dll - ok
23:32:18.0920 5440 [ 533631FE7DB9FF2A1D456A3D15A2DD46 ] C:\Windows\SysWOW64\icmp.dll
23:32:18.0920 5440 C:\Windows\SysWOW64\icmp.dll - ok
23:32:18.0924 5440 [ C7C92C88CAC832CCB382526447C7BC09 ] C:\Users\Lorusso\AppData\Roaming\Spotify\spotify.exe
23:32:18.0924 5440 C:\Users\Lorusso\AppData\Roaming\Spotify\spotify.exe - ok
23:32:18.0928 5440 [ C32B36D2168AEA9D4FA77C0A4F56379D ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
23:32:18.0928 5440 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - ok
23:32:18.0932 5440 [ 6FCA49B4085C32D1CC738C16142C0CDD ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
23:32:18.0932 5440 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - ok
23:32:18.0936 5440 [ 5AEBF6FA9805C9101220AA4FB4FA17E7 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
23:32:18.0936 5440 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - ok
23:32:18.0940 5440 [ AA62A9A6CE962107761775C66F49AD53 ] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe
23:32:18.0940 5440 C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe - ok
23:32:18.0944 5440 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
23:32:18.0944 5440 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok
23:32:18.0949 5440 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
23:32:18.0949 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
23:32:18.0954 5440 [ D61B121B8C2E18E5283FE6DCE92AC122 ] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.dll
23:32:18.0954 5440 C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.dll - ok
23:32:18.0958 5440 [ 7048B323E17D2D72862491BF9DB8FB23 ] C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe
23:32:18.0958 5440 C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe - ok
23:32:18.0963 5440 [ D8E66D9D731154CA409DCFC8206F16D3 ] C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.exe
23:32:18.0963 5440 C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.exe - ok
23:32:18.0966 5440 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
23:32:18.0966 5440 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
23:32:18.0972 5440 [ 1B058502C527B2847CD0C59C68EE5736 ] C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
23:32:18.0973 5440 C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe - ok
23:32:18.0976 5440 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
23:32:18.0976 5440 C:\Windows\System32\dsound.dll - ok
23:32:18.0980 5440 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:32:18.0980 5440 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
23:32:18.0984 5440 [ D5B783DACE1BBDD382A63C894BAB8E1E ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
23:32:18.0984 5440 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe - ok
23:32:18.0989 5440 [ BAD0D303EF0A519409C625738F3E10A3 ] C:\Program Files\Alwil Software\Avast5\AvastUI.exe
23:32:18.0989 5440 C:\Program Files\Alwil Software\Avast5\AvastUI.exe - ok
23:32:18.0993 5440 [ 28F9344A4ADFE21D1BE8D05B2529DF4A ] C:\Program Files\Alwil Software\Avast5\aswUtil.dll
23:32:18.0993 5440 C:\Program Files\Alwil Software\Avast5\aswUtil.dll - ok
23:32:18.0997 5440 [ A8BF5F6592A9D5BFD9B8745A8A6F9628 ] C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe
23:32:18.0997 5440 C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe - ok
23:32:19.0001 5440 [ 114E5342884A174F0E261526F07B63A1 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll
23:32:19.0001 5440 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll - ok
23:32:19.0006 5440 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
23:32:19.0006 5440 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
23:32:19.0012 5440 [ 3FAE271F8C1E0C50D9DA7C994C2C6A5B ] C:\Users\Lorusso\AppData\Roaming\Spotify\Data\libcef.dll
23:32:19.0012 5440 C:\Users\Lorusso\AppData\Roaming\Spotify\Data\libcef.dll - ok
23:32:19.0016 5440 [ F3EAF5BCCAE84E81CFB04E3417C1D794 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll
23:32:19.0016 5440 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll - ok
23:32:19.0021 5440 [ 6307849B9BE3C206DB46A62316BF191F ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libeay32.dll
23:32:19.0021 5440 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libeay32.dll - ok
23:32:19.0026 5440 [ AAA55B127EC38BDEBD2A3891A2E5FD54 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\ssleay32.dll
23:32:19.0026 5440 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\ssleay32.dll - ok
23:32:19.0032 5440 [ D7BDC28EE5416E09E072FA513830C888 ] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WdNetworkDiscovery.dll
23:32:19.0032 5440 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WdNetworkDiscovery.dll - ok
23:32:19.0036 5440 [ 907B50DE97ED835EFE151F203818216D ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll
23:32:19.0037 5440 C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll - ok
23:32:19.0041 5440 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:32:19.0041 5440 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
23:32:19.0047 5440 [ 5B9D67912C2F9771EA1E35A47AF34743 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ITA.DLL
23:32:19.0047 5440 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ITA.DLL - ok
23:32:19.0052 5440 [ 26442A4C7344DF68339643098D245C86 ] C:\Users\Lorusso\AppData\Roaming\Spotify\Data\icudt.dll
23:32:19.0052 5440 C:\Users\Lorusso\AppData\Roaming\Spotify\Data\icudt.dll - ok
23:32:19.0057 5440 [ D77B93504CAFE32D9051A241BDC21B33 ] C:\Program Files\Alwil Software\Avast5\aswAra.dll
23:32:19.0057 5440 C:\Program Files\Alwil Software\Avast5\aswAra.dll - ok
23:32:19.0063 5440 [ A4865DD58110A6455921D9B4F2D6D991 ] C:\Program Files\Alwil Software\Avast5\aswData.dll
23:32:19.0063 5440 C:\Program Files\Alwil Software\Avast5\aswData.dll - ok
23:32:19.0068 5440 [ 1A5752CB5CD3A7350673B6E53583612D ] C:\Program Files\Alwil Software\Avast5\1040\uiLangRes.dll
23:32:19.0068 5440 C:\Program Files\Alwil Software\Avast5\1040\uiLangRes.dll - ok
23:32:19.0074 5440 [ C678F64DC988A4AACECDDB459FDB7A25 ] C:\Program Files\Alwil Software\Avast5\CommonRes.dll
23:32:19.0074 5440 C:\Program Files\Alwil Software\Avast5\CommonRes.dll - ok
23:32:19.0079 5440 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
23:32:19.0079 5440 C:\Windows\System32\cabinet.dll - ok
23:32:19.0085 5440 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
23:32:19.0085 5440 C:\Windows\System32\p2pcollab.dll - ok
23:32:19.0091 5440 [ CC96587B1C07F84B95271223B19537A8 ] C:\Program Files\Alwil Software\Avast5\defs\13043000\uiext.dll
23:32:19.0091 5440 C:\Program Files\Alwil Software\Avast5\defs\13043000\uiext.dll - ok
23:32:19.0097 5440 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
23:32:19.0097 5440 C:\Windows\SysWOW64\wdmaud.drv - ok
23:32:19.0103 5440 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
23:32:19.0103 5440 C:\Windows\System32\QAGENTRT.DLL - ok
23:32:19.0109 5440 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
23:32:19.0109 5440 C:\Windows\SysWOW64\avrt.dll - ok
23:32:19.0114 5440 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
23:32:19.0114 5440 C:\Windows\System32\fveui.dll - ok
23:32:19.0120 5440 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
23:32:19.0120 5440 C:\Windows\SysWOW64\msacm32.drv - ok
23:32:19.0125 5440 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
23:32:19.0125 5440 C:\Windows\SysWOW64\midimap.dll - ok
23:32:19.0129 5440 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
23:32:19.0129 5440 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
23:32:19.0136 5440 [ E4401CF27225C1D6E664E86195978562 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
23:32:19.0136 5440 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
23:32:19.0140 5440 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:32:19.0141 5440 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
23:32:19.0145 5440 [ C85ECCBAA179719E658FFDBF99221E1E ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
23:32:19.0145 5440 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
23:32:19.0151 5440 [ 814A169C40B55178BD8E1F79D1ADA649 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
23:32:19.0151 5440 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
23:32:19.0158 5440 [ AAD89886E0DDCFD6B777418232FF18E3 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\it.lproj\iTunesHelperLocalized.dll
23:32:19.0158 5440 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\it.lproj\iTunesHelperLocalized.dll - ok
23:32:19.0164 5440 [ 12DBA51A6D1126E88F78D79AE0F7600F ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
23:32:19.0164 5440 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
23:32:19.0168 5440 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
23:32:19.0168 5440 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
23:32:19.0174 5440 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\SysWOW64\msvcp100.dll
23:32:19.0174 5440 C:\Windows\SysWOW64\msvcp100.dll - ok
23:32:19.0180 5440 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll
23:32:19.0180 5440 C:\Windows\SysWOW64\msvcr100.dll - ok
23:32:19.0186 5440 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
23:32:19.0186 5440 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
23:32:19.0206 5440 [ 5E118E606E2AF56419A699210DFCF450 ] C:\Users\Lorusso\AppData\Roaming\Dropbox\bin\Dropbox.exe
23:32:19.0206 5440 C:\Users\Lorusso\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
23:32:19.0211 5440 [ 5EF8A000C7927E87332D8CB6B7970067 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
23:32:19.0211 5440 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
23:32:19.0216 5440 [ 29E4115F76418DCE9A3A3E78DB442D25 ] C:\Program Files\iPod\bin\iPodService.Resources\it.lproj\iPodServiceLocalized.dll
23:32:19.0216 5440 C:\Program Files\iPod\bin\iPodService.Resources\it.lproj\iPodServiceLocalized.dll - ok
23:32:19.0221 5440 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
23:32:19.0221 5440 C:\Windows\SysWOW64\logoncli.dll - ok
23:32:19.0226 5440 [ 9C2078437D6FC541BD268BA903F6AEB4 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
23:32:19.0226 5440 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe - ok
23:32:19.0232 5440 [ D36FD2B40C3A3C67ACA6E49D705BFB90 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
23:32:19.0232 5440 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll - ok
23:32:19.0236 5440 [ 2FAD69503166BF30ED15B64DAA1B116D ] C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE
23:32:19.0236 5440 C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - ok
23:32:19.0241 5440 [ 32C26797AB646074A2BB562F9D10ADB5 ] C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE
23:32:19.0241 5440 C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE - ok
23:32:19.0247 5440 [ CD254C41056D7F5CF52C4A107CFBC19F ] C:\Program Files (x86)\Microsoft Office\Office12\1040\ONINTL.DLL
23:32:19.0247 5440 C:\Program Files (x86)\Microsoft Office\Office12\1040\ONINTL.DLL - ok
23:32:19.0252 5440 [ FCCDF0ABB88DB2AB02C81810ABE5EE8E ] C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
23:32:19.0252 5440 C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe - ok
23:32:19.0258 5440 [ 4E9592BB2C100E571F82640E59E9ECD5 ] C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\chrome.exe
23:32:19.0258 5440 C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\chrome.exe - ok
23:32:19.0264 5440 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
23:32:19.0264 5440 C:\Windows\System32\wersvc.dll - ok
23:32:19.0268 5440 [ B174DE0DE6C9AA8AFFD3B926653E625F ] C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
23:32:19.0268 5440 C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe - ok
23:32:19.0272 5440 [ FB063A7D64A5F67DE13EFAEA55E60FEB ] C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\chrome.dll
23:32:19.0272 5440 C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\chrome.dll - ok
23:32:19.0276 5440 [ 749949494676218FFA99501F4AA22ECC ] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
23:32:19.0276 5440 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe - ok
23:32:19.0280 5440 [ C97002A83722AD37A37A35CDE3FF3FFA ] C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll
23:32:19.0280 5440 C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll - ok
23:32:19.0284 5440 [ 311DC5224497C93AE966BAC37ACE0690 ] C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\icudt.dll
23:32:19.0284 5440 C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\icudt.dll - ok
23:32:19.0289 5440 [ EDD2AD141DEBD425D74A52A4D7BE6AC4 ] C:\Windows\SysWOW64\perfctrs.dll
23:32:19.0289 5440 C:\Windows\SysWOW64\perfctrs.dll - ok
23:32:19.0294 5440 [ 658EBC74BD38D16805648C4775F7FA82 ] C:\Windows\SysWOW64\mshtml.dll
23:32:19.0294 5440 C:\Windows\SysWOW64\mshtml.dll - ok
23:32:19.0298 5440 [ 5708E937C1C17F598884EC3202C5AE0E ] C:\Windows\SysWOW64\KBDIT.DLL
23:32:19.0298 5440 C:\Windows\SysWOW64\KBDIT.DLL - ok
23:32:19.0303 5440 [ 5BF8E37FA1E25227480F9CD2ACA21FB6 ] C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\d3dcompiler_46.dll
23:32:19.0303 5440 C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\d3dcompiler_46.dll - ok
23:32:19.0307 5440 [ 43C9CF6825CEA58F1815B7C3DBBB385C ] C:\Windows\SysWOW64\Wpc.dll
23:32:19.0307 5440 C:\Windows\SysWOW64\Wpc.dll - ok
23:32:19.0311 5440 [ FD56467B28653F26B4D061E06C2582D3 ] C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
23:32:19.0311 5440 C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll - ok
23:32:19.0315 5440 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
23:32:19.0315 5440 C:\Windows\SysWOW64\wevtapi.dll - ok
23:32:19.0319 5440 [ 462805D756FE1C3E64713D4435F1F6F3 ] C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll
23:32:19.0319 5440 C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll - ok
23:32:19.0324 5440 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
23:32:19.0324 5440 C:\Windows\SysWOW64\samlib.dll - ok
23:32:19.0331 5440 [ 4EE367B8B1964160A1F1B80095183D3A ] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
23:32:19.0331 5440 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin - ok
23:32:19.0337 5440 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
23:32:19.0338 5440 C:\Windows\SysWOW64\mssprxy.dll - ok
23:32:19.0340 5440 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
23:32:19.0340 5440 C:\Windows\SysWOW64\dxva2.dll - ok
23:32:19.0345 5440 [ B89137476D554DF13421DF8F5F5789EC ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll
23:32:19.0345 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll - ok
23:32:19.0350 5440 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
23:32:19.0350 5440 C:\Windows\SysWOW64\msftedit.dll - ok
23:32:19.0355 5440 [ FDBA1DEC4F9BE4274A00B9B850C63484 ] C:\Windows\SysWOW64\mf.dll
23:32:19.0355 5440 C:\Windows\SysWOW64\mf.dll - ok
23:32:19.0360 5440 [ CCFA2FC955EE4CB4157AFDD5F11E52E7 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll
23:32:19.0360 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll - ok
23:32:19.0364 5440 [ 4513B7400878973F9B1BA71153B4F4CF ] C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll
23:32:19.0364 5440 C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll - ok
23:32:19.0369 5440 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
23:32:19.0369 5440 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
23:32:19.0373 5440 [ 6FDF222B791EA2E12F54C320EADF28C4 ] C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
23:32:19.0374 5440 C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll - ok
23:32:19.0379 5440 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
23:32:19.0379 5440 C:\Windows\SysWOW64\mfplat.dll - ok
23:32:19.0385 5440 [ 3DE43BFDAF3F8979699650202AA18B12 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
23:32:19.0385 5440 C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
23:32:19.0391 5440 [ 934EF71F24C5C1641DB6E13E3EFF0A78 ] C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
23:32:19.0391 5440 C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll - ok
23:32:19.0397 5440 [ FCD4E3223AB57109D09F03EF74D9B181 ] C:\Program Files (x86)\OpenOffice.org 3\program\comphelpMSC.dll
23:32:19.0397 5440 C:\Program Files (x86)\OpenOffice.org 3\program\comphelpMSC.dll - ok
23:32:19.0403 5440 [ 88A5FC956921F2E39EC8CA6363B11749 ] C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
23:32:19.0403 5440 C:\Users\Lorusso\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll - ok
23:32:19.0408 5440 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
23:32:19.0409 5440 C:\Windows\SysWOW64\mlang.dll - ok
23:32:19.0414 5440 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
23:32:19.0414 5440 C:\Windows\SysWOW64\actxprxy.dll - ok
23:32:19.0420 5440 [ 9262BF9AF67CA4499F7DAE1FB2AA58E0 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
23:32:19.0420 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll - ok
23:32:19.0425 5440 [ A0849FBA350AA979617856770F8AA1D2 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
23:32:19.0425 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll - ok
23:32:19.0430 5440 [ 7AD794FA7B80EC3F97097DA7E7011347 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll
23:32:19.0430 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll - ok
23:32:19.0435 5440 [ B6F943D2D99307BFD7D2ADFA3B866813 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
23:32:19.0435 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll - ok
23:32:19.0440 5440 [ E6AEF6498578702ED3E8024D9792F30B ] C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll
23:32:19.0440 5440 C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll - ok
23:32:19.0444 5440 [ C820C516CB162FD1845E2612A65536CB ] C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll
23:32:19.0445 5440 C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll - ok
23:32:19.0449 5440 [ 7FB936AA67FA487F59529C9A4907685E ] C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmisc.dll
23:32:19.0450 5440 C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmisc.dll - ok
23:32:19.0455 5440 [ 2FC3769842EB87578032E8B6C1DE9A08 ] C:\Program Files (x86)\OpenOffice.org 3\program\tl.dll
23:32:19.0455 5440 C:\Program Files (x86)\OpenOffice.org 3\program\tl.dll - ok
23:32:19.0461 5440 [ 53AF1750FD45DDD705C9B68C7DC58827 ] C:\Windows\SysWOW64\evr.dll
23:32:19.0461 5440 C:\Windows\SysWOW64\evr.dll - ok
23:32:19.0466 5440 [ 4167AE99A4CC521848E5471FA83A9EED ] C:\Program Files (x86)\OpenOffice.org 3\program\basegfx.dll
23:32:19.0466 5440 C:\Program Files (x86)\OpenOffice.org 3\program\basegfx.dll - ok
23:32:19.0472 5440 [ D2A90407F02E2B2B7D636EF402BEBA59 ] C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll
23:32:19.0472 5440 C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll - ok
23:32:19.0476 5440 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
23:32:19.0477 5440 C:\Windows\SysWOW64\sqmapi.dll - ok
23:32:19.0482 5440 [ 750726E5868345AB2D46850EB1E60DF9 ] C:\Program Files (x86)\OpenOffice.org 3\program\utl.dll
23:32:19.0482 5440 C:\Program Files (x86)\OpenOffice.org 3\program\utl.dll - ok
23:32:19.0486 5440 [ 218B2BA51244F5285904AE03F5898112 ] C:\Program Files (x86)\OpenOffice.org 3\program\xcr.dll
23:32:19.0486 5440 C:\Program Files (x86)\OpenOffice.org 3\program\xcr.dll - ok
23:32:19.0491 5440 [ 365EB15783B9BE4DB9C2A6064532B2BC ] C:\Program Files (x86)\OpenOffice.org 3\program\sfx.dll
23:32:19.0491 5440 C:\Program Files (x86)\OpenOffice.org 3\program\sfx.dll - ok
23:32:19.0496 5440 [ CDD76188ECF2EA78EB816151D0130327 ] C:\Program Files (x86)\OpenOffice.org 3\program\fwe.dll
23:32:19.0496 5440 C:\Program Files (x86)\OpenOffice.org 3\program\fwe.dll - ok
23:32:19.0502 5440 [ CC22C9FB26428FEAB01526F2A23B30FC ] C:\Program Files (x86)\OpenOffice.org 3\program\fwi.dll
23:32:19.0502 5440 C:\Program Files (x86)\OpenOffice.org 3\program\fwi.dll - ok
23:32:19.0508 5440 [ ACF3A47CE86B6E89616C4D3A692A4422 ] C:\Program Files (x86)\OpenOffice.org 3\program\svl.dll
23:32:19.0508 5440 C:\Program Files (x86)\OpenOffice.org 3\program\svl.dll - ok
23:32:19.0514 5440 [ 336B257EC1D65F97B149BA032F41B428 ] C:\Program Files (x86)\OpenOffice.org 3\program\sot.dll
23:32:19.0514 5440 C:\Program Files (x86)\OpenOffice.org 3\program\sot.dll - ok
23:32:19.0519 5440 [ 561714DFA385FA4E35D81DCF8014377F ] C:\Program Files (x86)\OpenOffice.org 3\program\svt.dll
23:32:19.0519 5440 C:\Program Files (x86)\OpenOffice.org 3\program\svt.dll - ok
23:32:19.0523 5440 [ 5F49FBF4E018ABB9C4ADC4A8D57F9C76 ] C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll
23:32:19.0523 5440 C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll - ok
23:32:19.0529 5440 [ F6CB86F2E560E2536BBA522F97BC6039 ] C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll
23:32:19.0529 5440 C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll - ok
23:32:19.0534 5440 [ 570A48F975661221A126FCFE3B38B7E1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
23:32:19.0534 5440 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll - ok
23:32:19.0540 5440 [ 570A48F975661221A126FCFE3B38B7E1 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
23:32:19.0540 5440 C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll - ok
23:32:19.0544 5440 [ F9B92D67D71A1A5D4EEAA2B2B9CD8810 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
23:32:19.0544 5440 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll - ok
23:32:19.0549 5440 [ 1436DC6BF1CB517A07897E5F9A0953EC ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
23:32:19.0549 5440 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll - ok
23:32:19.0555 5440 [ 9C9499B9487C44A3EF1ABF0335F6068C ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
23:32:19.0555 5440 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll - ok
23:32:19.0561 5440 [ AD8DBC6B6DA76FA3CC5AA1CEF3CE90D7 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
23:32:19.0561 5440 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll - ok
23:32:19.0567 5440 [ 155ECBECCB7E4428E6C64C3CF933D200 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
23:32:19.0567 5440 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll - ok
23:32:19.0572 5440 [ 37C3FF564E184A22D58026B32933BDC2 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll
23:32:19.0572 5440 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll - ok
23:32:19.0577 5440 [ 9B5DEA519C6F493E2FEC70724855FB89 ] C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll
23:32:19.0577 5440 C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll - ok
23:32:19.0584 5440 [ F9B92D67D71A1A5D4EEAA2B2B9CD8810 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
23:32:19.0584 5440 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll - ok
23:32:19.0590 5440 [ 1436DC6BF1CB517A07897E5F9A0953EC ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
23:32:19.0590 5440 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll - ok
23:32:19.0596 5440 [ 9C9499B9487C44A3EF1ABF0335F6068C ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
23:32:19.0596 5440 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll - ok
23:32:19.0602 5440 [ AD8DBC6B6DA76FA3CC5AA1CEF3CE90D7 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
23:32:19.0602 5440 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll - ok
23:32:19.0608 5440 [ 155ECBECCB7E4428E6C64C3CF933D200 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
23:32:19.0608 5440 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll - ok
23:32:19.0614 5440 [ 37C3FF564E184A22D58026B32933BDC2 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
23:32:19.0614 5440 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll - ok
23:32:19.0620 5440 [ 9B5DEA519C6F493E2FEC70724855FB89 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
23:32:19.0620 5440 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll - ok
23:32:19.0626 5440 [ B1BB8EDC9D83D8096EE873F04CEE600C ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
23:32:19.0626 5440 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - ok
23:32:19.0630 5440 [ CE252B04FB9F4F773A7DB5338BFEEA5B ] C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
23:32:19.0630 5440 C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - ok
23:32:19.0635 5440 [ E971E06DDE68684CB3957C5D0E133CB0 ] C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
23:32:19.0636 5440 C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll - ok
23:32:19.0640 5440 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
23:32:19.0640 5440 C:\Windows\System32\SearchProtocolHost.exe - ok
23:32:19.0644 5440 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
23:32:19.0644 5440 C:\Windows\System32\webcheck.dll - ok
23:32:19.0649 5440 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
23:32:19.0649 5440 C:\Windows\System32\SyncCenter.dll - ok
23:32:19.0653 5440 [ C548328E9DE5EB73350EF292D7140662 ] C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
23:32:19.0653 5440 C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll - ok
23:32:19.0658 5440 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
23:32:19.0658 5440 C:\Windows\System32\msshooks.dll - ok
23:32:19.0662 5440 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
23:32:19.0662 5440 C:\Windows\System32\SearchFilterHost.exe - ok
23:32:19.0667 5440 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll
23:32:19.0667 5440 C:\Windows\SysWOW64\SearchFolder.dll - ok
23:32:19.0671 5440 [ E0FF893763BA82BAABB869A351F0C455 ] C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
23:32:19.0671 5440 C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll - ok
23:32:19.0677 5440 [ 632F5B29E8C27631E7AC76E330FE2980 ] C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
23:32:19.0677 5440 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll - ok
23:32:19.0683 5440 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
23:32:19.0683 5440 C:\Windows\System32\mssph.dll - ok
23:32:19.0690 5440 [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\SysWOW64\StructuredQuery.dll
23:32:19.0690 5440 C:\Windows\SysWOW64\StructuredQuery.dll - ok
23:32:19.0694 5440 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
23:32:19.0694 5440 C:\Windows\System32\imapi2.dll - ok
23:32:19.0700 5440 [ A5C14075B571AF1C9592595BE724D9D2 ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
23:32:19.0700 5440 C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll - ok
23:32:19.0706 5440 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
23:32:19.0706 5440 C:\Windows\System32\mapi32.dll - ok
23:32:19.0710 5440 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
23:32:19.0710 5440 C:\Windows\System32\hgcpl.dll - ok
23:32:19.0714 5440 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
23:32:19.0714 5440 C:\Windows\System32\fdPHost.dll - ok
23:32:19.0717 5440 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
23:32:19.0717 5440 C:\Windows\System32\fdWSD.dll - ok
23:32:19.0721 5440 [ 36FBE76F4F51396B0F70FC95CD7481D2 ] C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
23:32:19.0721 5440 C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll - ok
23:32:19.0724 5440 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
23:32:19.0724 5440 C:\Windows\System32\fdSSDP.dll - ok
23:32:19.0727 5440 [ 1C8124B6A03A620EB0CBCA615666D2AE ] C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
23:32:19.0727 5440 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll - ok
23:32:19.0732 5440 [ 3FCF47BD73094FA62D81373515F46110 ] C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
23:32:19.0732 5440 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll - ok
23:32:19.0735 5440 [ 0B31B0F8FA99CFD009C8FBEA9E20C9DE ] C:\Users\Lorusso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
23:32:19.0735 5440 C:\Users\Lorusso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - ok
23:32:19.0740 5440 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
23:32:19.0740 5440 C:\Windows\System32\fdProxy.dll - ok
23:32:19.0744 5440 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
23:32:19.0744 5440 C:\Windows\System32\P2P.dll - ok
23:32:19.0749 5440 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
23:32:19.0749 5440 C:\Windows\System32\ListSvc.dll - ok
23:32:19.0754 5440 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
23:32:19.0754 5440 C:\Windows\System32\pnrpsvc.dll - ok
23:32:19.0758 5440 [ E0FF893763BA82BAABB869A351F0C455 ] C:\Users\Lorusso\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
23:32:19.0758 5440 C:\Users\Lorusso\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll - ok
23:32:19.0763 5440 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
23:32:19.0763 5440 C:\Windows\System32\IdListen.dll - ok
23:32:19.0767 5440 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
23:32:19.0768 5440 C:\Windows\System32\Query.dll - ok
23:32:19.0771 5440 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
23:32:19.0771 5440 C:\Windows\System32\hgprint.dll - ok
23:32:19.0776 5440 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
23:32:19.0776 5440 C:\Windows\System32\p2psvc.dll - ok
23:32:19.0780 5440 [ 47299371607DC2FB234444EEACB1639E ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
23:32:19.0780 5440 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - ok
23:32:19.0784 5440 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
23:32:19.0784 5440 C:\Windows\System32\P2PGraph.dll - ok
23:32:19.0787 5440 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
23:32:19.0787 5440 C:\Windows\System32\NaturalLanguage6.dll - ok
23:32:19.0791 5440 [ EC00034A5D1E094FCFFA6AF27EBF9604 ] C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll
23:32:19.0791 5440 C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll - ok
23:32:19.0794 5440 [ 2B0605ABC47532155FFBFDC1693317D8 ] C:\Windows\System32\NlsData0010.dll
23:32:19.0794 5440 C:\Windows\System32\NlsData0010.dll - ok
23:32:19.0799 5440 [ 31DCF8ED7C7D8C87EB5379AD122A328E ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll
23:32:19.0799 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll - ok
23:32:19.0803 5440 [ 1330EA93145B834D1A6ED1F1AC3163FC ] C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
23:32:19.0803 5440 C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll - ok
23:32:19.0807 5440 [ 362ACF8F7476637A5F76BE5953F4F258 ] C:\Windows\System32\NlsLexicons0010.dll
23:32:19.0807 5440 C:\Windows\System32\NlsLexicons0010.dll - ok
23:32:19.0811 5440 [ EC120FACE13767CCFB18FB2EA170AC83 ] C:\Program Files (x86)\OpenOffice.org 3\program\tk.dll
23:32:19.0811 5440 C:\Program Files (x86)\OpenOffice.org 3\program\tk.dll - ok
23:32:19.0816 5440 [ E8832BCF29CC03F9A490C9AAC3056706 ] C:\Program Files (x86)\OpenOffice.org 3\program\vcl.dll
23:32:19.0816 5440 C:\Program Files (x86)\OpenOffice.org 3\program\vcl.dll - ok
23:32:19.0819 5440 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
23:32:19.0819 5440 C:\Windows\System32\ELSCore.dll - ok
23:32:19.0824 5440 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
23:32:19.0824 5440 C:\Windows\System32\elsTrans.dll - ok
23:32:19.0828 5440 [ 5C801C9BC7A0317A14B7628FCCD2D17E ] C:\Program Files (x86)\OpenOffice.org 3\program\i18npaper.dll
23:32:19.0828 5440 C:\Program Files (x86)\OpenOffice.org 3\program\i18npaper.dll - ok
23:32:19.0832 5440 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
23:32:19.0832 5440 C:\Windows\System32\elslad.dll - ok
23:32:19.0836 5440 [ 557D165ABAC057F379D47E92F395405F ] C:\Program Files (x86)\OpenOffice.org 3\program\sax.dll
23:32:19.0836 5440 C:\Program Files (x86)\OpenOffice.org 3\program\sax.dll - ok
23:32:19.0841 5440 [ FBC74172F7246C9531CC46D159276971 ] C:\Program Files (x86)\OpenOffice.org 3\program\sb.dll
23:32:19.0841 5440 C:\Program Files (x86)\OpenOffice.org 3\program\sb.dll - ok
23:32:19.0845 5440 [ AB87C54CA19675880B0CAE65B8AF140C ] C:\Windows\SysWOW64\npDeployJava1.dll
23:32:19.0845 5440 C:\Windows\SysWOW64\npDeployJava1.dll - ok
23:32:19.0849 5440 [ 6C0A96C3485D25236F3DB7D8A120F21A ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll
23:32:19.0849 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll - ok
23:32:19.0854 5440 [ 8506A78404B3B469A2382C509B7DB967 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
23:32:19.0854 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll - ok
23:32:19.0858 5440 [ 352A00C74C96FA5A41EA32BF4BFACA10 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll
23:32:19.0858 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll - ok
23:32:19.0863 5440 [ 66177DC56AC40A87F17C8B4333049D10 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll
23:32:19.0863 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll - ok
23:32:19.0868 5440 [ 6238D624E7CF2C59E773C6D2A326C85B ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\xmlreader.dll
23:32:19.0868 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\xmlreader.dll - ok
23:32:19.0873 5440 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:32:19.0873 5440 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
23:32:19.0877 5440 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
23:32:19.0877 5440 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
23:32:19.0881 5440 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
23:32:19.0881 5440 C:\Windows\System32\msvcr100_clr0400.dll - ok
23:32:19.0886 5440 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
23:32:19.0886 5440 C:\Windows\System32\FntCache.dll - ok
23:32:19.0891 5440 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
23:32:19.0891 5440 C:\Windows\SysWOW64\wmp.dll - ok
23:32:19.0897 5440 [ 9E7C434E383D451D299EB7861ED1CECC ] C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll
23:32:19.0897 5440 C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll - ok
23:32:19.0903 5440 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
23:32:19.0903 5440 C:\Windows\SysWOW64\wmploc.DLL - ok
23:32:19.0909 5440 [ EA85B693F3B321A9DF90CFBD1673DAF2 ] C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll
23:32:19.0909 5440 C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll - ok
23:32:19.0915 5440 [ 10D5662D127EF17019513C7251E10117 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll
23:32:19.0915 5440 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll - ok
23:32:19.0921 5440 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
23:32:19.0921 5440 C:\Windows\SysWOW64\Faultrep.dll - ok
23:32:19.0925 5440 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
23:32:19.0925 5440 C:\Windows\SysWOW64\wer.dll - ok
23:32:19.0930 5440 [ C68069DBAB5EF8861F6D54CC989D60D0 ] C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll
23:32:19.0930 5440 C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll - ok
23:32:19.0935 5440 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
23:32:19.0935 5440 C:\Windows\SysWOW64\msxml6.dll - ok
23:32:19.0939 5440 [ 032A6D7058EC06CA6CF73A6D0493ADA0 ] C:\Program Files (x86)\OpenOffice.org 3\program\fwk.dll
23:32:19.0939 5440 C:\Program Files (x86)\OpenOffice.org 3\program\fwk.dll - ok
23:32:19.0943 5440 [ F31AD307E2F5797B837C3932A7794D26 ] C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll
23:32:19.0943 5440 C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll - ok
23:32:19.0948 5440 [ 41DFF500F0C1C438D0500F08DF8B827B ] C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll
23:32:19.0948 5440 C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll - ok
23:32:19.0953 5440 [ 7E6052699CAF18ADEDD846D44ECCE81F ] C:\Windows\SysWOW64\jscript9.dll
23:32:19.0953 5440 C:\Windows\SysWOW64\jscript9.dll - ok
23:32:19.0957 5440 [ A8C4CDA29ED3598E38F25F12183849AF ] C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll
23:32:19.0957 5440 C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll - ok
23:32:19.0962 5440 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
23:32:19.0962 5440 C:\Windows\SysWOW64\msimtf.dll - ok
23:32:19.0967 5440 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
23:32:19.0967 5440 C:\Windows\SysWOW64\msls31.dll - ok
23:32:19.0973 5440 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
23:32:19.0973 5440 C:\Windows\SysWOW64\d2d1.dll - ok
23:32:19.0978 5440 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
23:32:19.0978 5440 C:\Windows\SysWOW64\DWrite.dll - ok
23:32:19.0982 5440 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
23:32:19.0982 5440 C:\Windows\SysWOW64\d3d10warp.dll - ok
23:32:19.0987 5440 [ C64B09515203DC640FEFF8C1DE5721E0 ] C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll
23:32:19.0987 5440 C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll - ok
23:32:19.0992 5440 [ E91F3A5185FA77C0C540465C906F2BDE ] C:\Program Files (x86)\OpenOffice.org 3\program\emser.dll
23:32:19.0993 5440 C:\Program Files (x86)\OpenOffice.org 3\program\emser.dll - ok
23:32:19.0997 5440 [ 648544BA93B4DD273DF243F9E72948EF ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_it.dll
23:32:19.0997 5440 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_it.dll - ok
23:32:20.0002 5440 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
23:32:20.0002 5440 C:\Windows\System32\drivers\spsys.sys - ok
23:32:20.0006 5440 [ 41118D920B2B268C0ADC36421248CDCF ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:32:20.0007 5440 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
23:32:20.0011 5440 [ D480C9220BFE667DE65A46CDE80EA7E9 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
23:32:20.0011 5440 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
23:32:20.0016 5440 [ 122F89E0905FC656D56F65CD7A2E9B4D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
23:32:20.0016 5440 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
23:32:20.0021 5440 [ 1CBAD5EEE017FAFEA2BF75E82330783D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\DTMessageLib.dll
23:32:20.0021 5440 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\DTMessageLib.dll - ok
23:32:20.0025 5440 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
23:32:20.0025 5440 C:\Windows\System32\wscsvc.dll - ok
23:32:20.0029 5440 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
23:32:20.0029 5440 C:\Windows\System32\wuaueng.dll - ok
23:32:20.0034 5440 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
23:32:20.0034 5440 C:\Windows\SysWOW64\wscproxystub.dll - ok
23:32:20.0039 5440 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
23:32:20.0039 5440 C:\Windows\System32\NlsData0009.dll - ok
23:32:20.0044 5440 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
23:32:20.0044 5440 C:\Windows\System32\mspatcha.dll - ok
23:32:20.0048 5440 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
23:32:20.0048 5440 C:\Windows\System32\wuapi.dll - ok
23:32:20.0053 5440 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
23:32:20.0053 5440 C:\Windows\System32\sppwinob.dll - ok
23:32:20.0058 5440 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
23:32:20.0058 5440 C:\Windows\System32\NlsLexicons0009.dll - ok
23:32:20.0063 5440 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
23:32:20.0063 5440 C:\Windows\System32\drttransport.dll - ok
23:32:20.0068 5440 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
23:32:20.0068 5440 C:\Windows\System32\wups.dll - ok
23:32:20.0073 5440 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
23:32:20.0073 5440 C:\Windows\System32\drt.dll - ok
23:32:20.0078 5440 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
23:32:20.0078 5440 C:\Windows\System32\NlsData0000.dll - ok
23:32:20.0085 5440 [ 5FEAB868CAEDBBD1B7A145CA8261E4AA ] C:\Windows\SysWOW64\WerFault.exe
23:32:20.0085 5440 C:\Windows\SysWOW64\WerFault.exe - ok
23:32:20.0090 5440 [ BB3C7E48088D37417EB37F1A9E3D2449 ] C:\Windows\SysWOW64\werui.dll
23:32:20.0090 5440 C:\Windows\SysWOW64\werui.dll - ok
23:32:20.0095 5440 [ 8E8C92DD50F6B34907813AFDC0C8F7DD ] C:\Windows\SysWOW64\dbgeng.dll
23:32:20.0095 5440 C:\Windows\SysWOW64\dbgeng.dll - ok
23:32:20.0101 5440 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
23:32:20.0101 5440 C:\Windows\SysWOW64\pcwum.dll - ok
23:32:20.0108 5440 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\SysWOW64\wmpps.dll
23:32:20.0108 5440 C:\Windows\SysWOW64\wmpps.dll - ok
23:32:20.0113 5440 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
23:32:20.0113 5440 C:\Windows\System32\wups2.dll - ok
23:32:20.0117 5440 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
23:32:20.0118 5440 C:\Windows\System32\sppobjs.dll - ok
23:32:20.0122 5440 [ 28943370E3AF1D34D77D22911F891213 ] C:\Windows\System32\NlsData0003.dll
23:32:20.0122 5440 C:\Windows\System32\NlsData0003.dll - ok
23:32:20.0126 5440 [ 4F0429B763D05E721C0DD50693B7EFBE ] C:\Windows\System32\NlsLexicons0003.dll
23:32:20.0126 5440 C:\Windows\System32\NlsLexicons0003.dll - ok
23:32:20.0132 5440 [ 164647BBD819458CE5AA8A8C097B83AC ] C:\Windows\System32\NlsData0007.dll
23:32:20.0132 5440 C:\Windows\System32\NlsData0007.dll - ok
23:32:20.0136 5440 [ 37A2FBCBD0AF846BEF609CBEB61EEA68 ] C:\Windows\System32\NlsLexicons0007.dll
23:32:20.0136 5440 C:\Windows\System32\NlsLexicons0007.dll - ok
23:32:20.0140 5440 [ 2F3ADE3D7094478F185DB4D58EFBC519 ] C:\Windows\System32\NlsData0027.dll
23:32:20.0140 5440 C:\Windows\System32\NlsData0027.dll - ok
23:32:20.0144 5440 [ 5841765E95A74F6C8B808327B7054E2C ] C:\Windows\System32\NlsLexicons0027.dll
23:32:20.0144 5440 C:\Windows\System32\NlsLexicons0027.dll - ok
23:32:20.0150 5440 [ 061A78FEFA0457FD64F62DF791939466 ] C:\Windows\System32\NlsData000a.dll
23:32:20.0150 5440 C:\Windows\System32\NlsData000a.dll - ok
23:32:20.0154 5440 [ CDDF26D22DF0C095BC3DF44BBCDC426C ] C:\Windows\System32\NlsLexicons000a.dll
23:32:20.0154 5440 C:\Windows\System32\NlsLexicons000a.dll - ok
23:32:20.0158 5440 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
23:32:20.0158 5440 C:\Windows\System32\wbem\wmipcima.dll - ok
23:32:20.0163 5440 [ A9263F43A5F55F8920DEFA5DB13915D3 ] C:\Windows\System32\NlsData001a.dll
23:32:20.0163 5440 C:\Windows\System32\NlsData001a.dll - ok
23:32:20.0168 5440 [ 916A505D363C3864B5B1CF52A43276A2 ] C:\Windows\System32\NlsLexicons001a.dll
23:32:20.0168 5440 C:\Windows\System32\NlsLexicons001a.dll - ok
23:32:20.0172 5440 [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\Windows\System32\wuauclt.exe
23:32:20.0172 5440 C:\Windows\System32\wuauclt.exe - ok
23:32:20.0176 5440 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
23:32:20.0176 5440 C:\Windows\System32\wucltux.dll - ok
23:32:20.0180 5440 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
23:32:20.0180 5440 C:\Windows\System32\wbem\WMIADAP.exe - ok
23:32:20.0185 5440 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
23:32:20.0185 5440 C:\Windows\System32\loadperf.dll - ok
23:32:20.0190 5440 [ BE5C7690D94F9DAB63BEED73D8FFABBE ] C:\Windows\System32\wbem\WmiApRes.dll
23:32:20.0190 5440 C:\Windows\System32\wbem\WmiApRes.dll - ok
23:32:20.0193 5440 [ 916DB4FEB392BC58239D1C5825E33EA3 ] C:\Windows\System32\NlsData001b.dll
23:32:20.0193 5440 C:\Windows\System32\NlsData001b.dll - ok
23:32:20.0198 5440 [ EE44FD66D54E14694E7DD21C4E1E6599 ] C:\Windows\System32\NlsLexicons001b.dll
23:32:20.0198 5440 C:\Windows\System32\NlsLexicons001b.dll - ok
23:32:20.0203 5440 [ 5DFE72B9F1FF669070FC032090B7B982 ] C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
23:32:20.0203 5440 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe - ok
23:32:20.0208 5440 [ 51272A935F4F482A70F2A7D1C3A67AEE ] C:\Windows\System32\NlsData000c.dll
23:32:20.0208 5440 C:\Windows\System32\NlsData000c.dll - ok
23:32:20.0213 5440 [ C2142407A2BE3462247500849B3FF8C7 ] C:\Windows\System32\NlsLexicons000c.dll
23:32:20.0213 5440 C:\Windows\System32\NlsLexicons000c.dll - ok
23:32:20.0219 5440 [ 3E876771ACA0358E6CC5D0D813A4085D ] C:\Windows\System32\NlsData0026.dll
23:32:20.0219 5440 C:\Windows\System32\NlsData0026.dll - ok
23:32:20.0224 5440 [ 925E7FF3C0A2C6BD98892E968F6CB142 ] C:\Windows\System32\NlsLexicons0026.dll
23:32:20.0224 5440 C:\Windows\System32\NlsLexicons0026.dll - ok
23:32:20.0229 5440 [ 9BDB62D5C4B3AE8807CB61F7503784E7 ] C:\Windows\System32\NlsData0018.dll
23:32:20.0229 5440 C:\Windows\System32\NlsData0018.dll - ok
23:32:20.0234 5440 [ 3A84190D1D472A3BB9CC4AF141326F13 ] C:\Windows\System32\NlsLexicons0018.dll
23:32:20.0234 5440 C:\Windows\System32\NlsLexicons0018.dll - ok
23:32:20.0237 5440 [ 4A7D7024A99B111417C26B5F48E7C5A1 ] C:\Windows\System32\NlsData003e.dll
23:32:20.0237 5440 C:\Windows\System32\NlsData003e.dll - ok
23:32:20.0241 5440 [ B3854FE99BC75FD6D9DD2D313B94277D ] C:\Windows\System32\NlsLexicons003e.dll
23:32:20.0241 5440 C:\Windows\System32\NlsLexicons003e.dll - ok
23:32:20.0245 5440 [ BABCB7BF8C7210A666546A8B34F7BC54 ] C:\Program Files (x86)\Java\jre7\bin\javaws.exe
23:32:20.0245 5440 C:\Program Files (x86)\Java\jre7\bin\javaws.exe - ok
23:32:20.0250 5440 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll
23:32:20.0250 5440 C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll - ok
23:32:20.0255 5440 [ 5BD255C0051A41738FCB67F3A0C68DCA ] C:\Program Files (x86)\Java\jre7\bin\javaw.exe
23:32:20.0255 5440 C:\Program Files (x86)\Java\jre7\bin\javaw.exe - ok
23:32:20.0259 5440 [ E62F8C879F6CE332B8ADCE134065BC88 ] C:\Program Files (x86)\Java\jre7\bin\java.exe
23:32:20.0259 5440 C:\Program Files (x86)\Java\jre7\bin\java.exe - ok
23:32:20.0263 5440 [ 5E9CBD9DE4ECEE085EFAD6561748D24C ] C:\Program Files (x86)\Java\jre7\bin\jpishare.dll
23:32:20.0264 5440 C:\Program Files (x86)\Java\jre7\bin\jpishare.dll - ok
23:32:20.0268 5440 [ 26F2B2669BBEEFA02DCC8052701D9563 ] C:\Program Files (x86)\Java\jre7\bin\java.dll
23:32:20.0269 5440 C:\Program Files (x86)\Java\jre7\bin\java.dll - ok
23:32:20.0273 5440 [ 47B5CF49EF651E9954231BA079A95058 ] C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll
23:32:20.0273 5440 C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll - ok
23:32:20.0279 5440 [ 8CC69BCE988C0921CCFE7AFFEA394B17 ] C:\Program Files (x86)\Java\jre7\bin\verify.dll
23:32:20.0279 5440 C:\Program Files (x86)\Java\jre7\bin\verify.dll - ok
23:32:20.0285 5440 [ AFDCC326174D131C374766FEB946F496 ] C:\Program Files (x86)\Java\jre7\bin\awt.dll
23:32:20.0285 5440 C:\Program Files (x86)\Java\jre7\bin\awt.dll - ok
23:32:20.0290 5440 [ 2A65F096DFEFD5AF498A43CD53D53B0C ] C:\Program Files (x86)\Java\jre7\bin\zip.dll
23:32:20.0290 5440 C:\Program Files (x86)\Java\jre7\bin\zip.dll - ok
23:32:20.0294 5440 [ 40D1D0A2569395D34A7CE070F99A5365 ] C:\Program Files (x86)\Java\jre7\bin\deploy.dll
23:32:20.0294 5440 C:\Program Files (x86)\Java\jre7\bin\deploy.dll - ok
23:32:20.0297 5440 [ 687A1BEA3FEF91B75F8CF46B0620C9D7 ] C:\Program Files (x86)\Java\jre7\bin\net.dll
23:32:20.0297 5440 C:\Program Files (x86)\Java\jre7\bin\net.dll - ok
23:32:20.0301 5440 [ 8C1D980BD50D81261B770B47C1553976 ] C:\Program Files (x86)\Java\jre7\bin\nio.dll
23:32:20.0301 5440 C:\Program Files (x86)\Java\jre7\bin\nio.dll - ok
23:32:20.0305 5440 [ E43539AEB12F2291D9D08655EBCD7A63 ] C:\Program Files (x86)\Java\jre7\bin\sunec.dll
23:32:20.0305 5440 C:\Program Files (x86)\Java\jre7\bin\sunec.dll - ok
23:32:20.0308 5440 [ 42CFF28666A661F2B23067610B8AE4E2 ] C:\Program Files (x86)\Java\jre7\bin\sunmscapi.dll
23:32:20.0308 5440 C:\Program Files (x86)\Java\jre7\bin\sunmscapi.dll - ok
23:32:20.0312 5440 [ 9EDB0A8337529D69F96DD1B2E70FA2F7 ] C:\Windows\System32\VAN.dll
23:32:20.0312 5440 C:\Windows\System32\VAN.dll - ok
23:32:20.0318 5440 [ 5D68F68E12B8BCD35ADE5A7B4FE5F456 ] C:\Windows\System32\wwanmm.dll
23:32:20.0318 5440 C:\Windows\System32\wwanmm.dll - ok
23:32:20.0322 5440 [ 18C27789FCFDDDB8D45C1EC4BC77CC8C ] C:\Windows\System32\RASMM.dll
23:32:20.0322 5440 C:\Windows\System32\RASMM.dll - ok
23:32:20.0326 5440 [ 448DE6CDB7976373B35CA03B6BF9BE48 ] C:\Windows\System32\WlanMM.dll
23:32:20.0326 5440 C:\Windows\System32\WlanMM.dll - ok
23:32:20.0331 5440 [ AC61CBEF0376F080588968476D063D45 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smipi.dll
23:32:20.0331 5440 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smipi.dll - ok
23:32:20.0336 5440 [ C5D0AEC12FED8323E1AE2E40C129F2D6 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll
23:32:20.0336 5440 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll - ok
23:32:20.0341 5440 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
23:32:20.0341 5440 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
23:32:20.0345 5440 ============================================================
23:32:20.0345 5440 Scan finished
23:32:20.0345 5440 ============================================================
23:32:20.0356 3660 Detected object count: 9
23:32:20.0356 3660 Actual detected object count: 9
23:34:13.0411 3660 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:13.0411 3660 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:13.0415 3660 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:13.0415 3660 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:13.0416 3660 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:13.0416 3660 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:13.0421 3660 lvupdtio ( HiddenService.Multi.Generic ) - skipped by user
23:34:13.0421 3660 lvupdtio ( HiddenService.Multi.Generic ) - User select action: Skip
23:34:13.0422 3660 NBService ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:13.0422 3660 NBService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:13.0424 3660 NMIndexingService ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:13.0424 3660 NMIndexingService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:13.0425 3660 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:13.0426 3660 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:13.0427 3660 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:13.0427 3660 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:13.0431 3660 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:13.0431 3660 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:34:47.0676 4560 Deinitialize success
  • 0

#9
mak91las
Posted 30 April 2013 - 04:23 PM

mak91las

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
And this should be the new Combofix log.
I'm noticing now that in this last scans I forgot to disconnect my external hard disk. is that a problem? do I need to rerun the scans?

COMBOFIX

ComboFix 13-04-29.01 - Lorusso 30/04/2013 23:38:45.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.3885.1981 [GMT 2:00]
Eseguito da: c:\users\Lorusso\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Creati Da 2013-03-28 al 2013-04-30 )))))))))))))))))))))))))))))))))))
.
.
2013-04-30 21:49 . 2013-04-30 21:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-30 21:49 . 2013-04-30 21:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-27 21:55 . 2013-04-28 10:08 -------- d-----w- c:\programdata\Tarma Installer
2013-04-27 21:55 . 2013-04-28 10:07 -------- d-----w- c:\users\Lorusso\AppData\Local\SwvUpdater
2013-04-27 21:55 . 2013-04-27 21:55 -------- d-----w- c:\users\Lorusso\AppData\Roaming\Iminent
2013-04-27 21:54 . 2013-04-27 21:54 -------- d-----w- c:\programdata\Iminent
2013-04-27 21:54 . 2013-04-29 21:21 -------- d-----w- c:\program files (x86)\IMinent Toolbar
2013-04-27 21:54 . 2013-04-27 21:54 -------- d-----w- c:\program files (x86)\Common Files\Umbrella
2013-04-27 21:54 . 2013-04-29 21:21 -------- d-----w- c:\program files (x86)\Iminent
2013-04-27 21:51 . 2013-04-27 21:51 -------- d-----w- c:\users\Lorusso\AppData\Local\Microsoft_Research
2013-04-27 21:48 . 2013-04-27 21:48 -------- d-----w- c:\users\Lorusso\AppData\Roaming\Nosibay
2013-04-27 21:47 . 2013-04-27 21:47 -------- d-----w- c:\users\Lorusso\AppData\Roaming\Plogue
2013-04-27 18:27 . 2013-04-27 18:27 -------- d-----w- c:\users\Lorusso\AppData\Local\Wondershare
2013-04-27 18:27 . 2013-04-27 18:27 -------- d-----w- c:\program files (x86)\Common Files\Wondershare
2013-04-27 18:27 . 2013-04-27 18:28 -------- d-----w- c:\users\Lorusso\AppData\Roaming\Wondershare
2013-04-27 18:25 . 2013-01-08 09:36 29288 ----a-w- c:\windows\system32\drivers\WsAudioDevice_383S(1).sys
2013-04-27 18:25 . 2013-04-27 18:25 -------- d-----w- c:\program files (x86)\Wondershare
2013-04-24 12:01 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 19:18 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 19:18 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-10 19:18 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 19:18 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 19:18 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-10 19:18 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-10 19:18 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 19:17 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 19:17 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 19:17 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 19:17 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 19:17 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 19:17 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 19:17 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-08 20:56 . 2013-04-08 20:56 -------- d-----w- c:\program files (x86)\A-PDF Restrictions Remover
2013-04-08 20:56 . 2013-04-08 20:56 -------- d-----w- c:\users\Lorusso\AppData\Roaming\GetRightToGo
2013-04-08 20:38 . 2013-04-08 20:38 -------- d-----w- c:\programdata\PlotSoft
2013-04-08 20:38 . 2013-04-08 20:38 -------- d-----w- c:\program files (x86)\PlotSoft
2013-04-08 20:30 . 2013-04-08 20:30 -------- d-----w- c:\users\Lorusso\AppData\Roaming\OpenOffice.org
2013-04-08 20:28 . 2013-04-08 20:28 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2013-04-08 06:58 . 2013-04-08 09:20 -------- d-----w- c:\program files (x86)\Polimi Wireless Setup Tool
2013-04-05 18:36 . 2013-04-05 18:36 -------- d-----w- c:\users\Lorusso\AppData\Roaming\MathWorks
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-28 12:56 . 2012-07-06 10:16 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-28 12:56 . 2012-07-06 10:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-11 09:21 . 2010-10-04 16:01 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-26 11:17 . 2013-03-26 11:17 82432 ----a-w- c:\users\Lorusso\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2013-03-26 11:17 . 2013-03-26 11:17 44544 ----a-w- c:\users\Lorusso\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2013-03-26 11:17 . 2013-03-26 11:17 1275392 ----a-w- c:\users\Lorusso\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2013-03-21 09:15 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-03-21 09:15 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-02-12 05:45 . 2013-03-23 17:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-23 17:48 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-23 17:48 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 05:45 . 2013-03-23 17:48 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 04:48 . 2013-03-23 17:48 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-23 17:48 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-25 23:25 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2013-03-25 880984]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
"ooVoo.exe"="c:\program files (x86)\ooVoo\oovoo.exe" [2012-05-29 25249400]
"Facebook Update"="c:\users\Lorusso\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-03 138096]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-01-07 3093624]
"Spotify Web Helper"="c:\users\Lorusso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-04-18 1105408]
"Spotify"="c:\users\Lorusso\AppData\Roaming\Spotify\Spotify.exe" [2013-04-18 4555776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2012-02-28 1679360]
.
c:\users\Lorusso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Lorusso\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
Ritaglio schermata e avvio di OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-7-19 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-7-19 156952]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-3-9 4236288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2010-03-22 35840]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
R3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [2010-09-02 119680]
R3 ONDAusbnet;ONDA USB-NDIS miniport;c:\windows\system32\DRIVERS\ONDAusbnet.sys [2010-09-02 135168]
R3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\DRIVERS\ONDAusbnmea.sys [2010-09-02 119680]
R3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\DRIVERS\ONDAusbser6k.sys [2010-09-02 119680]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-10-03 146736]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 vodafone_K3805-z_cdc_acm;Vodafone K3805-z CDC-ACM driver (ZTE);c:\windows\system32\DRIVERS\vodafone_K3805-z_cdc_acm.sys [2010-09-01 78336]
R3 vodafone_K3805-z_cdc_ecm;vodafone_K3805-z_cdc_ecm;c:\windows\system32\DRIVERS\vodafone_K3805-z_cdc_ecm.sys [2010-09-01 88064]
R3 vodafone_K3805-z_cpo;Vodafone K3805-z Install;c:\windows\system32\DRIVERS\vodafone_K3805-z_cpo.sys [2010-09-01 13824]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-04 1255736]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-10 254528]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-07 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 SProtection;SProtection;c:\program files (x86)\Common Files\Umbrella\umbrella.exe [2013-04-24 2795048]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-03-09 288768]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-03-09 1066896]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-03-09 491920]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-01-18 128512]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
S3 vodafone_K3805-z_dc_enum;Vodafone K3805-z DC Enumerator (ZTE);c:\windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [2010-09-01 75776]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
S3 WsAudioDevice_383S(1);WsAudioDevice_383S(1);c:\windows\system32\drivers\WsAudioDevice_383S(1).sys [2013-01-08 29288]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - 64158950
*NewlyCreated* - 64592560
*Deregistered* - 64158950
*Deregistered* - 64592560
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-04-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-06 12:56]
.
2013-04-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001Core.job
- c:\users\Lorusso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-03 17:29]
.
2013-04-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001UA.job
- c:\users\Lorusso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-03 17:29]
.
2013-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-19 20:09]
.
2013-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-19 20:09]
.
2013-04-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001Core.job
- c:\users\Lorusso\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 23:13]
.
2013-04-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1457306490-315139471-3944336667-1001UA.job
- c:\users\Lorusso\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 23:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Lorusso\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-27 17412200]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
uStart Page = hxxp://start.iminent.com/?appId=4CB0EDBF-7AB4-4576-8784-BF8E09134DCA
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{174454CA-DBB2-48EF-8A75-EB6EDC27E00E}: NameServer = 83.224.70.62 83.224.70.78
FF - ProfilePath - c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.iminent.com/?appId=4CB0EDBF-7AB4-4576-8784-BF8E09134DCA
FF - prefs.js: browser.search.selectedEngine - StartWeb
FF - ExtSQL: 2013-04-27 23:54; {C9B68337-E93A-44EA-94DC-CB300EC06444}; c:\users\Lorusso\AppData\Roaming\Mozilla\Firefox\Profiles\xgcccbgt.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\{C9B68337-E93A-44EA-94DC-CB300EC06444}
FF - ExtSQL: 2013-04-27 23:55; [email protected]; c:\program files (x86)\Iminent\[email protected]
FF - user.js: extensions.funmoods.hmpg - false
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0DtA0A0C0DtA0C0F0DtAyBtN0D0Tzu0CtAtCzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=1656014362
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0DtA0A0C0DtA0C0F0DtAyBtN0D0Tzu0CtAtCzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=1656014362
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0DtA0A0C0DtA0C0F0DtAyBtN0D0Tzu0CtAtCzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=1656014362&q=
FF - user.js: extensions.funmoods.id - 74F06D3ACD3CFD37
FF - user.js: extensions.funmoods.instlDay - 15658
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.220:15
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - fmtgl
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - fmtgl
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - true
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-Locked - (no file)
SafeBoot-64158950.sys
WebBrowser-{1D03A978-AC0C-4004-B9FD-9CF361C7BD3F} - (no file)
WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file)
WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
AddRemove-L&H Power Translator Pro 7.0 - c:\windows\ISUN0410.EXE
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2013-05-01 00:07:37
ComboFix-quarantined-files.txt 2013-04-30 22:07
ComboFix2.txt 2013-04-30 12:44
.
Pre-Run: 18.502.725.632 byte disponibili
Post-Run: 18.192.269.312 byte disponibili
.
- - End Of File - - E9FAFFF30E1FDF7C9BCFE6530720ED16
  • 0

#10
maliprog
Posted 01 May 2013 - 01:25 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
After this scan please test your system and tell me how is it now.


Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#11
mak91las
Posted 01 May 2013 - 03:24 PM

mak91las

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
The system seems to be working perfectly now.
Here is the report.


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2013.05.01.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Lorusso :: LORUSSO-PC [amministratore]

01/05/2013 23:15:49
mbam-log-2013-05-01 (23-15-49).txt

Tipo di scansione: Scansione veloce
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 252820
Tempo impiegato: 5 minuti, 42 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 15
HKCR\CLSID\{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE} (Adware.Hotbar) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE} (Adware.Hotbar) -> Spostato in quarantena ed eliminato con successo.
HKCR\CLSID\{4E674574-3F0B-491d-8AE3-F90B43A34FD6} (Adware.Hotbar) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4E674574-3F0B-491D-8AE3-F90B43A34FD6} (Adware.Hotbar) -> Spostato in quarantena ed eliminato con successo.
HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Spostato in quarantena ed eliminato con successo.
HKCU\SOFTWARE\Funmoods (PUP.FunMoods) -> Spostato in quarantena ed eliminato con successo.
HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\hblite (Adware.HotBar) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.

Valori di registro rilevati: 1
HKLM\SOFTWARE\Mozilla\Firefox\extensions|[email protected] (Adware.HotBar) -> Dati: C:\Program Files (x86)\hblite\bin\11.0.358.0\firefox\extensions -> Spostato in quarantena ed eliminato con successo.

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 2
C:\Users\Lorusso\AppData\Local\funmoods.crx (PUP.Funmoods) -> Spostato in quarantena ed eliminato con successo.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Spostato in quarantena ed eliminato con successo.

(fine)
  • 0

#12
maliprog
Posted 04 May 2013 - 03:41 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi mak91las,

Glad to hear that. Your logs and system are clean now. I'm glad we fix up your computer.

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [clearallrestorepoints]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
Step 2

We need to clean up your PC from programs we used.

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end.

In case that any of the software we used in this fix still remains on your system please delete it manually (Right click on it and select Delete).

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Something to read

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

2. Make Backups of Important Files

Please read this article Home Computer Data Backup.

3. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.
  • 0

#13
mak91las
Posted 05 May 2013 - 02:33 AM

mak91las

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Thank you for helping me with this!
  • 0

#14
maliprog
Posted 05 May 2013 - 01:51 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP