Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

ROOTKIT REGISTRY [Closed]

Started by Sangoino , Jan 22 2013 08:46 AM

  • This topic is locked This topic is locked

#1
Sangoino
Posted 22 January 2013 - 08:46 AM

Sangoino

    Member

  • Member
  • PipPip
  • 40 posts
Hello,I Think I Have a rootkit in registry

I have try combofix, malwayres bytes, adremover, adwcleaner, spyware doctor, super anti spyware, eset online scanner

I Cant run usbfix , i dont know why...
  • 0

Advertisements

#2
blmadara
Posted 22 January 2013 - 02:41 PM

blmadara

    Trusted Helper

  • Malware Removal
  • 767 posts
Hi Sangoino, welcome to Geeks to Go. My name is blmadara and I will be helping you with your problems. Please be patient with me as I am still in training and my responses will have to be reviewed by an expert before I can post them.

I'd like to go over some things that will help both of us.

  • Read each of my posts entirely before performing my instructions. It would be helpful if you printed my instructions so you can read and check the steps as you perform them.
  • Follow the steps exactly in the order posted.
  • Please don't be afraid to ask questions. If you don't understand something, let me know before continuing.
  • If you can't perform a certain step, or you're unsure about what to do, please stop and let me know.
  • It is very important that you stay with me until the end so we make sure that we have removed all the bad stuff.
  • Please don't attach any logs to your posts unless I request it. It is easier for me if you copy and paste the logs into your reply.
  • Finally, never fix anything using other programs on your own. This can hinder my ability to see what is wrong with your computer and make it harder to clean your computer.



Step One: Run OTL Custom Scan

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    Posted Image
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


    netsvcs
msconfig
drives
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT
  • Please select the Scan All Users checkbox.
  • Under Extra Registry heading, select Use Safelist.
  • Select LOP Check and Purity Check.
  • Then click the Run Scan button at the top
  • Let the program run unhindered, until it is done
  • Post the log it produces in your next reply.

Step Two: Run aswMBR

Download aswMBR.exe to your desktop.

  • Double click aswMBR.exe to run it.
  • When asked if you want to download Avast's virus definitions please select, No.
  • Click Scan to start the scan.
    Posted Image
  • When the scan ends click Save Log and save it to your desktop.
    Posted Image
  • Post the log in your next reply.

Step Three: ComboFix

ComboFix is a powerful tool and it is dangerous to run it without trained supervision. If it is not used properly it could damage your operating system and make your computer unbootable. Please post the ComboFix log that was produced when you ran it. It is located at C:\ComboFix.txt.


Step Four: Computer Symptoms

Please let me know what problems you are having with your computer.



What I need in your next post:
1. The reports from the OTL scan, OTL.txt and Extras.txt.
2. The log produced by aswMBR.exe.
3. The combofix log, C:\ComboFix.txt.
4. Let me know what problems you are having with your computer.
  • 0

#3
Sangoino
Posted 22 January 2013 - 08:57 PM

Sangoino

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
OTL.TXT : http://pjjoint.malek...3_v14x13w15c5z5

EXTRA.TXT: http://pjjoint.malek...23_j14c14p5q5l6

AWR: http://pjjoint.malek..._m6d10w14c14o14

Combofix: http://pjjoint.malek..._o15p14v8e12o10

My passwords dont keep
Super anti spyware detect some svhost suspect on infoline but find nothing on scanning
and too, I Think I Have an IRC bot virus in registry


I Send you too a gmer log: http://pjjoint.malek...123_v59m14j8z10


I Waiting your answer...

Edited by Sangoino, 23 January 2013 - 07:15 AM.

  • 0

#4
Sangoino
Posted 23 January 2013 - 11:09 AM

Sangoino

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
anyone ?
  • 0

#5
blmadara
Posted 23 January 2013 - 04:52 PM

blmadara

    Trusted Helper

  • Malware Removal
  • 767 posts
Hi Sangoino,

Please don't attach any logs to your posts unless I request it. It is easier for me if you copy and paste the logs into your reply.

anyone ?


Please be patient, we are all volunteers with busy lives. Also, I am still in training and my responses will have to be reviewed by an expert before I can post them.

I Send you too a gmer log


Don't run any programs unless I ask you to run them. When you do it could hinder my ability to see what is wrong with your computer and make it harder for me to clean it.

Step One: OTL Fix

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Note: If you are using the pro version or trial version of Malwarebytes 1.6 or higher please disable it for the duration of this fix as it may interfere with the successful execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.



Run OTL
Posted Image
  • Under the Custom Scans/Fixes box at the bottom, paste in the following (do not copy the word "quote")

    :OTL
    O3 - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

    :Files
    ipconfig /flushdns /c

    :Commands
    [resethosts]
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done and post the log it produces in your next reply.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step Two: Download and run TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
    Posted Image
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step Three: Download and run RogueKiller

  • Download RogueKiller and save it on your desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop. Please copy and paste this report into your next reply.

Step Four: Security Scan

Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Right click SecurityCheck.exe, select Run as administrator, and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

What I need in your next post:
1. Both OTL logs, the one produced by the fix and OTL.txt.
2. The TDSSKiller log, C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt.
3. The RogueKiller report.
4. The Security Check log, checkup.txt.
  • 0

#6
Sangoino
Posted 23 January 2013 - 08:10 PM

Sangoino

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
OTL QUICK SCAN RESULT:

OTL logfile created on: 24/01/2013 09:33:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Phiphi\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,75 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 55,82% Memory free
5,50 Gb Paging File | 4,16 Gb Available in Paging File | 75,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 214,60 Gb Free Space | 92,19% Space Free | Partition Type: NTFS

Computer Name: PHIPHICOMPUTER | User Name: Phiphi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/24 09:27:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Phiphi\Desktop\OTL.exe
PRC - [2013/01/16 21:09:18 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/12/25 13:06:12 | 000,595,216 | ---- | M] (Greatis Software) -- C:\Program Files\UnHackMe\hackmon.exe
PRC - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/11/09 06:53:22 | 000,167,344 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2012/11/09 06:50:10 | 000,168,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2012/11/01 20:45:21 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/10/19 09:49:52 | 000,513,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MAT\McPvTray.exe
PRC - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
PRC - [2012/10/07 03:12:36 | 000,252,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
PRC - [2012/10/06 07:28:42 | 000,632,344 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
PRC - [2012/07/11 19:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe
PRC - [2009/06/15 11:32:26 | 000,760,664 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
PRC - [2009/04/01 10:45:52 | 000,875,000 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
PRC - [2009/04/01 10:45:52 | 000,207,352 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/16 21:09:33 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/01/16 21:09:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/09 10:46:28 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/11/22 04:40:54 | 000,279,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/11/09 06:53:22 | 000,167,344 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2012/11/09 06:50:10 | 000,168,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/11/01 15:34:30 | 001,162,360 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2012/10/31 09:19:52 | 000,403,416 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV - [2012/10/06 07:28:42 | 000,632,344 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV - [2012/07/11 19:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2009/07/29 13:49:14 | 000,283,888 | ---- | M] (CA, Inc.) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/15 11:32:26 | 000,760,664 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe -- (UmxCfg)
SRV - [2009/04/29 03:21:04 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Disabled | Stopped] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
SRV - [2009/04/01 10:45:52 | 000,875,000 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe -- (UmxAgent)
SRV - [2009/04/01 10:45:52 | 000,207,352 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe -- (UmxPol)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\rootrepeal.sys -- (rootrepeal)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/01/23 04:32:59 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/01/18 05:04:56 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2013/01/17 20:36:18 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\Partizan.sys -- (Partizan)
DRV - [2013/01/17 20:32:54 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/01/17 18:21:03 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2013/01/03 04:03:29 | 000,024,416 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\regguard.sys -- (RegGuard)
DRV - [2012/11/09 06:56:16 | 000,060,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2012/11/09 06:53:32 | 000,210,136 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2012/11/09 06:51:12 | 000,565,352 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/11/09 06:50:20 | 000,362,640 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/11/09 06:50:00 | 000,065,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/11/09 06:49:40 | 000,234,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/11/09 06:49:10 | 000,132,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/11/02 01:46:50 | 000,252,200 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfencbdc.sys -- (mfencbdc)
DRV - [2012/11/02 01:46:50 | 000,081,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfencrk.sys -- (mfencrk)
DRV - [2012/11/01 15:35:20 | 000,068,272 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pctplsm.sys -- (pctplsm)
DRV - [2012/11/01 15:35:18 | 000,071,752 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2012/11/01 15:35:14 | 000,202,280 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\PCTSD.sys -- (PCTSD)
DRV - [2012/10/31 14:21:28 | 000,260,760 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2012/10/22 16:38:28 | 000,368,616 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2012/10/19 09:51:44 | 000,065,856 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\McPvDrv.sys -- (McPvDrv)
DRV - [2012/06/20 09:43:02 | 002,957,312 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2012/05/28 10:28:04 | 000,147,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2012/02/28 11:43:06 | 000,909,728 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\System32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2012/02/28 11:43:00 | 000,342,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/04/13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2010/03/22 18:29:08 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2010/03/04 18:26:56 | 000,296,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009/12/30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/07/23 21:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/04/29 03:20:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2009/04/01 10:45:50 | 000,205,304 | ---- | M] (CA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2009/04/01 10:45:50 | 000,073,720 | ---- | M] (CA) [File_System | System | Running] -- C:\Windows\System32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.3
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.5.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: "http://fr.search.yah...h?fr=mcafee&p="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/01/24 02:29:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/19 14:11:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2013/01/24 01:32:20 | 000,000,000 | ---D | M]

[2013/01/03 02:56:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Phiphi\AppData\Roaming\Mozilla\Extensions
[2013/01/23 04:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Phiphi\AppData\Roaming\Mozilla\Firefox\Profiles\nksnsrs7.default\extensions
[2013/01/19 07:46:02 | 000,533,221 | ---- | M] () (No name found) -- C:\Users\Phiphi\AppData\Roaming\Mozilla\Firefox\Profiles\nksnsrs7.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/01/03 02:56:49 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Phiphi\AppData\Roaming\Mozilla\Firefox\Profiles\nksnsrs7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/19 14:11:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/24 02:29:28 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2013/01/16 21:10:14 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/01/17 00:47:45 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2013/01/17 00:47:45 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/01/17 00:47:46 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2013/01/17 00:47:46 | 000,001,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2013/01/24 02:11:32 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2013/01/17 00:47:46 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2013/01/17 00:47:46 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - Extension: SiteAdvisor = C:\Users\Phiphi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\

O1 HOSTS File: ([2013/01/24 09:27:47 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70C755C4-E6C1-45DD-84B9-E333F357EE1E}: NameServer = 109.0.66.10,109.0.66.20
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - (UmxWnp.Dll) - C:\Windows\System32\UmxWNP.dll (CA)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/01/11 12:20:54 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/24 09:27:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Phiphi\Desktop\OTL.exe
[2013/01/24 05:41:48 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\QFX Software
[2013/01/24 05:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013/01/24 05:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\KeyScrambler
[2013/01/24 02:58:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/24 01:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\McAfeeMOBK
[2013/01/24 01:32:41 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Online Backup
[2013/01/24 01:32:37 | 000,054,776 | ---- | C] (Mozy, Inc.) -- C:\Windows\System32\drivers\MOBK.sys
[2013/01/24 01:32:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013/01/24 01:32:33 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Online Backup
[2013/01/24 01:32:21 | 000,147,472 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2013/01/24 01:32:11 | 000,065,856 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\McPvDrv.sys
[2013/01/24 01:32:10 | 000,000,000 | R-SD | C] -- C:\Users\Phiphi\Documents\Coffres-forts McAfee
[2013/01/24 01:32:10 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\McAfee File Lock
[2013/01/24 01:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/01/24 01:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2013/01/24 01:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2013/01/24 01:09:34 | 000,167,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
[2013/01/24 01:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2013/01/24 01:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/01/23 16:57:26 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/01/23 16:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/01/23 06:10:32 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Phiphi\Desktop\TFC.exe
[2013/01/23 05:49:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO
[2013/01/23 05:49:05 | 000,000,000 | ---D | C] -- C:\Program Files\EMCO
[2013/01/23 05:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agnitum
[2013/01/23 05:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\Agnitum
[2013/01/23 04:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/01/23 04:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/01/23 04:32:59 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/01/23 04:30:50 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/01/23 04:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/01/23 03:46:32 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/01/23 03:44:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/01/23 02:48:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RegRunInfo
[2013/01/23 02:48:39 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\Documents\RegRun2
[2013/01/22 17:48:58 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\temp
[2013/01/22 17:34:47 | 000,000,000 | ---D | C] -- C:\COLOM
[2013/01/22 16:56:08 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2013/01/22 16:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/01/22 16:31:30 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\NeoSmart_Technologies
[2013/01/22 16:30:28 | 000,000,000 | ---D | C] -- C:\NST
[2013/01/22 16:12:45 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\DAEMON Tools Pro
[2013/01/22 16:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2013/01/22 15:58:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
[2013/01/22 15:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
[2013/01/22 03:53:41 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Web CEO
[2013/01/21 17:39:43 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\WinMHR
[2013/01/21 17:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\WinMHR
[2013/01/20 20:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/01/20 20:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/01/20 20:54:12 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2013/01/20 20:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013/01/20 20:53:54 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Programs
[2013/01/19 13:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/01/19 13:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\mozilla.org
[2013/01/18 10:31:22 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Spadix
[2013/01/18 10:29:47 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\WebDataExtractorPro
[2013/01/18 08:08:42 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2013/01/18 03:08:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013/01/17 20:36:19 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
[2013/01/17 20:36:18 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2013/01/17 20:36:10 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\System32\drivers\UnHackMeDrv.sys
[2013/01/17 20:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
[2013/01/17 20:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2013/01/17 20:35:57 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\Documents\unhackme
[2013/01/17 20:33:15 | 000,026,984 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/01/17 18:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/01/17 18:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2013/01/17 17:43:24 | 000,009,216 | ---- | C] (Kephyr) -- C:\Windows\System32\ffnd.exe
[2013/01/17 10:05:17 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\PhotoFiltre Studio X
[2013/01/17 10:05:11 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
[2013/01/17 10:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
[2013/01/17 10:05:08 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre Studio X
[2013/01/15 18:02:07 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2013/01/15 17:24:34 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Wise Registry Cleaner
[2013/01/15 17:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2013/01/15 17:24:22 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2013/01/15 07:44:36 | 000,000,000 | ---D | C] -- C:\Program Files\CartyStudios Corporation
[2013/01/12 18:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
[2013/01/12 11:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
[2013/01/12 11:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN
[2013/01/11 17:34:55 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\FileZilla
[2013/01/11 17:34:48 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013/01/11 13:49:07 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/01/10 20:41:31 | 000,000,000 | R--D | C] -- C:\Autorun.inf
[2013/01/09 11:50:38 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Palringo
[2013/01/09 11:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\Palringo
[2013/01/09 11:01:29 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\dll-files.com
[2013/01/09 11:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
[2013/01/09 11:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\Dll-Files.com Fixer
[2013/01/09 06:38:13 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\SUPERAntiSpyware.com
[2013/01/09 06:38:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/01/09 06:37:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/01/09 06:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/01/09 05:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/01/08 20:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoveIT Pro 2012 Enterprise
[2013/01/08 16:35:26 | 000,260,760 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2013/01/08 16:35:26 | 000,178,584 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2013/01/08 16:35:19 | 000,019,464 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctBTFix.sys
[2013/01/08 16:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2013/01/08 16:35:16 | 000,071,752 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2013/01/08 16:35:16 | 000,068,272 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsm.sys
[2013/01/08 16:35:09 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2013/01/08 16:29:15 | 000,909,728 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2013/01/08 16:29:15 | 000,342,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2013/01/08 16:29:13 | 000,368,616 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2013/01/08 16:29:13 | 000,163,288 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2013/01/08 16:29:10 | 000,202,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2013/01/08 16:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2013/01/08 16:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2013/01/08 16:23:33 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/01/08 14:57:28 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013/01/08 14:57:27 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Windows\System32\KeyHelp.ocx
[2013/01/08 14:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Scanner
[2013/01/08 14:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2013/01/08 08:03:40 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Macromedia
[2013/01/08 07:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2013/01/08 07:24:37 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\GlarySoft
[2013/01/08 07:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2013/01/08 06:05:40 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Skype
[2013/01/08 06:05:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/01/08 06:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/01/08 06:05:29 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/01/08 06:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/01/07 19:16:10 | 000,000,000 | R--D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/01/07 19:16:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/01/07 14:41:36 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Web CEO
[2013/01/07 06:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/01/07 06:47:47 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Google
[2013/01/06 06:49:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2013/01/06 06:12:02 | 000,000,000 | ---D | C] -- C:\Program Files\InCode Solutions
[2013/01/05 08:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/01/05 07:45:20 | 000,000,000 | ---D | C] -- C:\Program Files\SecurityXploded
[2013/01/04 14:34:02 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013/01/04 14:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013/01/04 13:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013/01/04 13:58:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/01/04 11:24:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/01/04 09:27:00 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/01/04 06:51:49 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Diagnostics
[2013/01/04 05:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC
[2013/01/04 03:16:07 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\VS Revo Group
[2013/01/04 03:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/01/03 16:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/01/03 16:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/01/03 13:54:56 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\WinRAR
[2013/01/03 13:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/01/03 13:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/01/03 12:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/01/03 11:53:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013/01/03 11:53:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013/01/03 11:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/01/03 11:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2013/01/03 11:37:02 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2013/01/03 11:07:16 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tgl0beSCRIPT
[2013/01/03 11:07:12 | 000,000,000 | ---D | C] -- C:\Tgl0beSCRIPT
[2013/01/03 10:40:26 | 000,000,000 | ---D | C] -- C:\SwSetup
[2013/01/03 09:51:14 | 000,000,000 | ---D | C] -- C:\7698362944e3bce615293560178288
[2013/01/03 04:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/01/03 04:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/01/03 04:03:29 | 000,024,416 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\regguard.sys
[2013/01/03 04:02:28 | 000,000,000 | -H-D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
[2013/01/03 04:02:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
[2013/01/03 03:55:43 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Malwarebytes
[2013/01/03 03:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/03 03:50:14 | 000,000,000 | ---D | C] -- C:\Windows\patchdir
[2013/01/03 02:55:59 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Mozilla
[2013/01/03 02:55:59 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Mozilla
[2013/01/03 02:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/01/03 02:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/02 20:42:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/01/02 18:40:28 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Macromedia
[2013/01/02 18:40:27 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Adobe
[2013/01/02 18:39:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2013/01/02 18:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/01/02 17:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2013/01/02 17:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2013/01/02 17:43:09 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\NCH Software
[2013/01/02 16:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/01/02 15:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tgl0beSCRIPT
[2013/01/02 15:32:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat

========== Files - Modified Within 30 Days ==========

[2013/01/24 09:29:50 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/24 09:29:48 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013/01/24 09:29:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/24 09:28:16 | 000,000,192 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2013/01/24 09:28:16 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2013/01/24 09:28:16 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2013/01/24 09:28:16 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2013/01/24 09:28:16 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2013/01/24 09:28:16 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2013/01/24 09:28:16 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2013/01/24 09:28:16 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2013/01/24 09:28:16 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2013/01/24 09:28:16 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2013/01/24 09:28:16 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2013/01/24 09:28:16 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2013/01/24 09:28:16 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2013/01/24 09:28:16 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2013/01/24 09:28:16 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2013/01/24 09:28:16 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2013/01/24 09:28:10 | 000,024,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/24 09:28:10 | 000,024,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/24 09:27:47 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/01/24 09:27:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Phiphi\Desktop\OTL.exe
[2013/01/24 02:46:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/24 02:37:52 | 001,412,377 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2013/01/24 02:07:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/24 01:18:55 | 000,268,256 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/23 17:22:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\regsvr32
[2013/01/23 17:22:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\icacls
[2013/01/23 06:10:34 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Phiphi\Desktop\TFC.exe
[2013/01/23 05:49:14 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\EMCO Malware Destroyer 6.lnk
[2013/01/23 04:32:59 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/01/23 02:51:04 | 000,000,052 | ---- | M] () -- C:\Windows\System32\Partizan.RRI
[2013/01/22 17:55:45 | 000,089,048 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2013/01/22 17:28:12 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/22 16:56:09 | 000,001,214 | ---- | M] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/01/22 16:56:09 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/01/22 16:17:16 | 000,705,072 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/01/22 16:17:16 | 000,616,238 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/22 16:17:16 | 000,131,080 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/01/22 16:17:16 | 000,106,618 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/22 15:58:06 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\EasyBCD 2.2.lnk
[2013/01/22 03:53:58 | 000,001,944 | ---- | M] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Web CEO.lnk
[2013/01/22 03:53:58 | 000,001,942 | ---- | M] () -- C:\Users\Phiphi\Desktop\Web CEO.lnk
[2013/01/20 20:54:21 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/01/19 14:11:49 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/19 13:17:47 | 000,000,335 | ---- | M] () -- C:\Windows\nsreg.dat
[2013/01/19 13:17:28 | 000,007,567 | ---- | M] () -- C:\Windows\mozver.dat
[2013/01/19 03:13:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/01/19 03:13:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/01/18 08:30:11 | 000,001,008 | ---- | M] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013/01/18 08:30:11 | 000,000,984 | ---- | M] () -- C:\Users\Phiphi\Desktop\Glary Utilities.lnk
[2013/01/18 08:08:53 | 000,001,906 | ---- | M] () -- C:\Users\Phiphi\Desktop\FileZilla Client.lnk
[2013/01/17 20:36:18 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2013/01/17 20:36:14 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/01/17 20:36:14 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt
[2013/01/17 20:36:14 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2013/01/17 20:36:11 | 000,000,873 | ---- | M] () -- C:\Users\Phiphi\Desktop\UnHackMe.lnk
[2013/01/17 20:32:54 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/01/17 19:02:47 | 000,001,001 | ---- | M] () -- C:\Users\Phiphi\Desktop\mirc.lnk
[2013/01/17 17:51:33 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013/01/17 10:05:12 | 000,001,014 | ---- | M] () -- C:\Users\Phiphi\Desktop\PhotoFiltre Studio X.lnk
[2013/01/15 18:02:07 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2013/01/15 16:54:07 | 000,002,161 | ---- | M] () -- C:\Users\Phiphi\Desktop\Google Chrome.lnk
[2013/01/11 15:08:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/01/09 06:38:06 | 000,001,921 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2013/01/08 16:51:52 | 000,002,177 | ---- | M] () -- C:\Users\Public\Desktop\Spy remove.lnk
[2013/01/08 14:57:24 | 000,004,544 | ---- | M] () -- C:\Windows\System32\entitlement.xml
[2013/01/08 06:05:30 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/01/08 02:59:39 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2013/01/05 07:45:21 | 000,001,165 | ---- | M] () -- C:\Users\Phiphi\Desktop\SpyDLLRemover.lnk
[2013/01/04 11:47:42 | 000,000,017 | ---- | M] () -- C:\Users\Phiphi\AppData\Local\resmon.resmoncfg
[2013/01/03 16:18:02 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/01/03 09:43:06 | 000,000,378 | ---- | M] () -- C:\Windows\CCE.INI
[2013/01/03 04:03:29 | 000,024,416 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\regguard.sys
[2013/01/02 16:44:28 | 000,001,429 | ---- | M] () -- C:\Users\Phiphi\Desktop\Internet Explorer.lnk
[2013/01/02 16:43:08 | 000,001,423 | ---- | M] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/02 16:35:45 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/12/25 13:06:20 | 000,012,800 | ---- | M] (Greatis Software, LLC.) -- C:\Windows\System32\drivers\UnHackMeDrv.sys

========== Files Created - No Company Name ==========

[2013/01/24 01:32:24 | 000,002,641 | ---- | C] () -- C:\Windows\System32\drivers\mfencrk.inf
[2013/01/24 01:32:20 | 000,002,946 | ---- | C] () -- C:\Windows\System32\drivers\mfencbdc.inf
[2013/01/24 01:18:44 | 000,268,256 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/23 17:22:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\regsvr32
[2013/01/23 17:22:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\icacls
[2013/01/23 05:49:14 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\EMCO Malware Destroyer 6.lnk
[2013/01/22 17:55:45 | 000,089,048 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2013/01/22 16:56:09 | 000,001,214 | ---- | C] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/01/22 16:56:09 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/01/22 15:58:06 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\EasyBCD 2.2.lnk
[2013/01/22 03:53:58 | 000,001,944 | ---- | C] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Web CEO.lnk
[2013/01/22 03:53:58 | 000,001,942 | ---- | C] () -- C:\Users\Phiphi\Desktop\Web CEO.lnk
[2013/01/20 20:54:22 | 000,002,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/01/20 20:54:21 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/01/19 13:17:47 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2013/01/19 13:16:59 | 000,007,567 | ---- | C] () -- C:\Windows\mozver.dat
[2013/01/19 03:13:17 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/01/19 03:13:17 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/01/18 08:08:53 | 000,001,906 | ---- | C] () -- C:\Users\Phiphi\Desktop\FileZilla Client.lnk
[2013/01/17 20:39:55 | 000,000,052 | ---- | C] () -- C:\Windows\System32\Partizan.RRI
[2013/01/17 20:36:11 | 000,000,873 | ---- | C] () -- C:\Users\Phiphi\Desktop\UnHackMe.lnk
[2013/01/17 20:23:37 | 000,000,192 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2013/01/17 18:59:40 | 000,001,001 | ---- | C] () -- C:\Users\Phiphi\Desktop\mirc.lnk
[2013/01/17 18:42:54 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/17 10:05:12 | 000,001,014 | ---- | C] () -- C:\Users\Phiphi\Desktop\PhotoFiltre Studio X.lnk
[2013/01/15 17:24:23 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013/01/11 15:08:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/01/09 06:38:06 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2013/01/09 05:02:32 | 000,002,161 | ---- | C] () -- C:\Users\Phiphi\Desktop\Google Chrome.lnk
[2013/01/09 05:02:08 | 000,001,056 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/09 05:02:07 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2013/01/08 16:51:52 | 000,002,177 | ---- | C] () -- C:\Users\Public\Desktop\Spy remove.lnk
[2013/01/08 16:29:16 | 001,412,377 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2013/01/08 14:57:24 | 000,004,544 | ---- | C] () -- C:\Windows\System32\entitlement.xml
[2013/01/08 13:48:39 | 000,032,768 | --S- | C] ( ) -- C:\Windows\System32\Interop.EventSystemLib.dll
[2013/01/08 07:24:46 | 000,000,314 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2013/01/08 07:24:43 | 000,001,008 | ---- | C] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013/01/08 07:24:43 | 000,000,984 | ---- | C] () -- C:\Users\Phiphi\Desktop\Glary Utilities.lnk
[2013/01/08 06:05:30 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/01/05 07:45:21 | 000,001,165 | ---- | C] () -- C:\Users\Phiphi\Desktop\SpyDLLRemover.lnk
[2013/01/04 11:47:42 | 000,000,017 | ---- | C] () -- C:\Users\Phiphi\AppData\Local\resmon.resmoncfg
[2013/01/03 16:18:02 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/03 16:18:02 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/01/03 12:04:46 | 000,010,084 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2013/01/03 11:38:30 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2013/01/03 11:36:31 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013/01/03 11:36:27 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2013/01/03 11:36:17 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2013/01/03 09:43:06 | 000,000,378 | ---- | C] () -- C:\Windows\CCE.INI
[2013/01/03 07:04:20 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/01/03 07:02:44 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/01/03 04:42:42 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2013/01/03 04:02:33 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2013/01/03 04:02:08 | 000,057,556 | ---- | C] () -- C:\Windows\guard.bmp
[2013/01/03 02:55:52 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/03 02:55:52 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/02 18:39:13 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/02 16:44:28 | 000,001,429 | ---- | C] () -- C:\Users\Phiphi\Desktop\Internet Explorer.lnk
[2013/01/02 16:35:45 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/22 17:00:59 | 000,000,000 | ---D | M] -- C:\Users\Phiphi\AppData\Roaming\DAEMON Tools Pro
[2013/01/09 11:01:29 | 000,000,000 | ---D | M] -- C:\Users\Phiphi\AppData\Roaming\dll-files.com
[2013/01/22 17:28:51 | 000,000,000 | ---D | M] -- C:\Users\Phiphi\AppData\Roaming\FileZilla
[2013/01/18 08:30:01 | 000,000,000 | ---D | M] -- C:\Users\Phiphi\AppData\Roaming\GlarySoft
[2013/01/17 10:10:10 | 000,000,000 | ---D | M] -- C:\Users\Phiphi\AppData\Roaming\PhotoFiltre Studio X
[2013/01/24 05:41:48 | 000,000,000 | ---D | M] -- C:\Users\Phiphi\AppData\Roaming\QFX Software
[2013/01/18 10:29:47 | 000,000,000 | ---D | M] -- C:\Users\Phiphi\AppData\Roaming\WebDataExtractorPro
[2013/01/17 17:52:58 | 000,000,000 | ---D | M] -- C:\Users\Phiphi\AppData\Roaming\Wise Registry Cleaner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >


All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3059339421-2526555134-805201127-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configuration IP de Windows
Cache de r‚solution DNS vid‚.
C:\Users\Phiphi\Desktop\cmd.bat deleted successfully.
C:\Users\Phiphi\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Phiphi
->Temp folder emptied: 53045926 bytes
->Temporary Internet Files folder emptied: 368792 bytes
->FireFox cache emptied: 18087282 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 754 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2432 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 68,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01242013_092743

Files\Folders moved on Reboot...
C:\Windows\temp\mcafee_F6tAxtFgTKtaPoz moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



here for rogue killer

RogueKiller V8.4.3 [Jan 24 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.sur-la-to...-Remontees.html
Site Web : http://www.sur-la-to...om/RogueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Phiphi [Droits d'admin]
Mode : Recherche -- Date : 24/01/2013 10:10:34
| ARK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 2 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> TROUVÉ
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> TROUVÉ

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2552GSX ATA Device +++++
--- User ---
[MBR] 9f98e9ed1d94a4021a5d7d36df9b610e
[BSP] 7e5ebda460aca615a3e2469ae4011a6b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 238373 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[1]_S_24012013_101034.txt >>
RKreport[1]_S_24012013_101034.txt

Edited by Sangoino, 24 January 2013 - 03:12 AM.

  • 0

#7
Sangoino
Posted 23 January 2013 - 08:14 PM

Sangoino

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
here security check:

Results of screen317's Security Check version 0.99.57
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
McAfee Anti-Virus et Anti-Spyware
PC Tools Spyware Doctor with AntiVirus
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
PC Tools Spyware Doctor avec Antivirus
Spybot - Search & Destroy
CCleaner
Wise Registry Cleaner 7.62
Adobe Flash Player 11.5.502.146
Adobe Reader XI
Mozilla Firefox (18.0.1)
Google Chrome 23.0.1271.97
Google Chrome 24.0.1312.52
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
McAfee Online Backup MOBKbackup.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

Edited by Sangoino, 24 January 2013 - 04:12 AM.

  • 0

#8
Sangoino
Posted 23 January 2013 - 08:26 PM

Sangoino

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
TDSS KILLER

03:19:02.0098 3588 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
03:19:02.0223 3588 ============================================================
03:19:02.0223 3588 Current date / time: 2013/01/24 03:19:02.0223
03:19:02.0223 3588 SystemInfo:
03:19:02.0223 3588
03:19:02.0223 3588 OS Version: 6.1.7601 ServicePack: 1.0
03:19:02.0223 3588 Product type: Workstation
03:19:02.0223 3588 ComputerName: PHIPHICOMPUTER
03:19:02.0223 3588 UserName: Phiphi
03:19:02.0223 3588 Windows directory: C:\Windows
03:19:02.0223 3588 System windows directory: C:\Windows
03:19:02.0223 3588 Processor architecture: Intel x86
03:19:02.0223 3588 Number of processors: 2
03:19:02.0223 3588 Page size: 0x1000
03:19:02.0223 3588 Boot type: Normal boot
03:19:02.0223 3588 ============================================================
03:19:17.0557 3588 BG loaded
03:19:18.0805 3588 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
03:19:18.0836 3588 ============================================================
03:19:18.0836 3588 \Device\Harddisk0\DR0:
03:19:18.0948 3588 MBR partitions:
03:19:18.0948 3588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
03:19:18.0948 3588 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
03:19:18.0949 3588 ============================================================
03:19:19.0046 3588 C: <-> \Device\Harddisk0\DR0\Partition2
03:19:19.0046 3588 ============================================================
03:19:19.0046 3588 Initialize success
03:19:19.0046 3588 ============================================================
03:19:36.0532 8056 ============================================================
03:19:36.0532 8056 Scan started
03:19:36.0532 8056 Mode: Manual; SigCheck; TDLFS;
03:19:36.0532 8056 ============================================================
03:19:38.0048 8056 ================ Scan system memory ========================
03:19:38.0048 8056 System memory - ok
03:19:38.0049 8056 ================ Scan services =============================
03:19:38.0242 8056 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
03:19:38.0541 8056 !SASCORE - ok
03:19:38.0637 8056 0290461358992463mcinstcleanup - ok
03:19:38.0773 8056 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
03:19:38.0916 8056 1394ohci - ok
03:19:38.0975 8056 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
03:19:39.0178 8056 ACPI - ok
03:19:39.0233 8056 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
03:19:39.0612 8056 AcpiPmi - ok
03:19:39.0742 8056 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
03:19:39.0852 8056 AdobeFlashPlayerUpdateSvc - ok
03:19:39.0899 8056 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
03:19:39.0955 8056 adp94xx - ok
03:19:39.0991 8056 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
03:19:40.0122 8056 adpahci - ok
03:19:40.0180 8056 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
03:19:40.0314 8056 adpu320 - ok
03:19:40.0347 8056 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
03:19:40.0699 8056 AeLookupSvc - ok
03:19:40.0749 8056 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
03:19:41.0196 8056 AFD - ok
03:19:41.0248 8056 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
03:19:41.0440 8056 agp440 - ok
03:19:41.0500 8056 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
03:19:41.0722 8056 aic78xx - ok
03:19:41.0784 8056 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
03:19:42.0159 8056 ALG - ok
03:19:42.0190 8056 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
03:19:42.0346 8056 aliide - ok
03:19:42.0377 8056 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
03:19:42.0549 8056 amdagp - ok
03:19:42.0564 8056 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
03:19:42.0689 8056 amdide - ok
03:19:42.0720 8056 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
03:19:42.0892 8056 AmdK8 - ok
03:19:42.0923 8056 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
03:19:43.0017 8056 AmdPPM - ok
03:19:43.0048 8056 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
03:19:43.0110 8056 amdsata - ok
03:19:43.0157 8056 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
03:19:43.0204 8056 amdsbs - ok
03:19:43.0220 8056 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
03:19:43.0313 8056 amdxata - ok
03:19:43.0376 8056 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
03:19:43.0500 8056 AppID - ok
03:19:43.0532 8056 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
03:19:43.0625 8056 AppIDSvc - ok
03:19:43.0672 8056 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
03:19:43.0844 8056 Appinfo - ok
03:19:43.0890 8056 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
03:19:43.0984 8056 AppMgmt - ok
03:19:44.0031 8056 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
03:19:44.0062 8056 arc - ok
03:19:44.0078 8056 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
03:19:44.0124 8056 arcsas - ok
03:19:44.0156 8056 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
03:19:44.0296 8056 AsyncMac - ok
03:19:44.0327 8056 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
03:19:44.0358 8056 atapi - ok
03:19:44.0639 8056 [ CFE432E8EEACBCEA3DBF53EA76978A65 ] athr C:\Windows\system32\DRIVERS\athr.sys
03:19:44.0764 8056 athr - ok
03:19:44.0826 8056 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:19:44.0920 8056 AudioEndpointBuilder - ok
03:19:44.0951 8056 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
03:19:45.0014 8056 Audiosrv - ok
03:19:45.0076 8056 [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
03:19:45.0123 8056 avgtp - ok
03:19:45.0170 8056 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
03:19:45.0279 8056 AxInstSV - ok
03:19:45.0310 8056 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
03:19:45.0388 8056 b06bdrv - ok
03:19:45.0419 8056 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
03:19:45.0482 8056 b57nd60x - ok
03:19:45.0528 8056 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
03:19:45.0622 8056 BDESVC - ok
03:19:45.0638 8056 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
03:19:45.0700 8056 Beep - ok
03:19:45.0762 8056 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
03:19:45.0872 8056 BFE - ok
03:19:45.0981 8056 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
03:19:46.0137 8056 BITS - ok
03:19:46.0199 8056 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
03:19:46.0246 8056 blbdrive - ok
03:19:46.0262 8056 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
03:19:46.0324 8056 bowser - ok
03:19:46.0355 8056 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
03:19:46.0480 8056 BrFiltLo - ok
03:19:46.0511 8056 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
03:19:46.0667 8056 BrFiltUp - ok
03:19:46.0683 8056 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
03:19:46.0776 8056 BridgeMP - ok
03:19:46.0808 8056 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
03:19:46.0886 8056 Browser - ok
03:19:46.0932 8056 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
03:19:47.0010 8056 Brserid - ok
03:19:47.0042 8056 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
03:19:47.0104 8056 BrSerWdm - ok
03:19:47.0135 8056 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
03:19:47.0198 8056 BrUsbMdm - ok
03:19:47.0229 8056 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
03:19:47.0276 8056 BrUsbSer - ok
03:19:47.0291 8056 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
03:19:47.0322 8056 BTHMODEM - ok
03:19:47.0369 8056 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
03:19:47.0447 8056 bthserv - ok
03:19:47.0478 8056 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
03:19:47.0556 8056 cdfs - ok
03:19:47.0619 8056 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
03:19:47.0681 8056 cdrom - ok
03:19:47.0728 8056 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
03:19:48.0056 8056 CertPropSvc - ok
03:19:48.0118 8056 [ 67B20DA4727F54AEA29FDDAD810C898D ] cfwids C:\Windows\system32\drivers\cfwids.sys
03:19:48.0196 8056 cfwids - ok
03:19:48.0243 8056 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
03:19:48.0305 8056 circlass - ok
03:19:48.0368 8056 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
03:19:48.0414 8056 CLFS - ok
03:19:48.0633 8056 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:19:48.0711 8056 clr_optimization_v2.0.50727_32 - ok
03:19:48.0820 8056 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:19:48.0898 8056 clr_optimization_v4.0.30319_32 - ok
03:19:48.0945 8056 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
03:19:49.0038 8056 CmBatt - ok
03:19:49.0054 8056 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
03:19:49.0085 8056 cmdide - ok
03:19:49.0163 8056 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
03:19:49.0226 8056 CNG - ok
03:19:49.0288 8056 [ DDA0CB141150FEF87419926790CD26C8 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
03:19:49.0366 8056 CnxtHdAudService - ok
03:19:49.0413 8056 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
03:19:49.0444 8056 Compbatt - ok
03:19:49.0506 8056 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
03:19:49.0538 8056 CompositeBus - ok
03:19:49.0553 8056 COMSysApp - ok
03:19:49.0584 8056 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
03:19:49.0600 8056 crcdisk - ok
03:19:49.0647 8056 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
03:19:49.0725 8056 CryptSvc - ok
03:19:49.0787 8056 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
03:19:49.0912 8056 CSC - ok
03:19:50.0021 8056 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
03:19:50.0130 8056 CscService - ok
03:19:50.0224 8056 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
03:19:50.0364 8056 DcomLaunch - ok
03:19:50.0474 8056 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
03:19:50.0848 8056 defragsvc - ok
03:19:50.0910 8056 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
03:19:51.0254 8056 DfsC - ok
03:19:51.0332 8056 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
03:19:51.0706 8056 Dhcp - ok
03:19:51.0753 8056 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
03:19:52.0158 8056 discache - ok
03:19:52.0221 8056 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
03:19:52.0346 8056 Disk - ok
03:19:52.0424 8056 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
03:19:52.0829 8056 Dnscache - ok
03:19:52.0907 8056 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
03:19:53.0063 8056 dot3svc - ok
03:19:53.0141 8056 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
03:19:53.0235 8056 DPS - ok
03:19:53.0282 8056 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
03:19:53.0344 8056 drmkaud - ok
03:19:53.0375 8056 dtsoftbus01 - ok
03:19:53.0438 8056 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
03:19:53.0484 8056 DXGKrnl - ok
03:19:53.0516 8056 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
03:19:53.0594 8056 EapHost - ok
03:19:53.0718 8056 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
03:19:53.0843 8056 ebdrv - ok
03:19:53.0890 8056 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
03:19:53.0921 8056 EFS - ok
03:19:54.0030 8056 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
03:19:54.0124 8056 ehRecvr - ok
03:19:54.0140 8056 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
03:19:54.0249 8056 ehSched - ok
03:19:54.0296 8056 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
03:19:54.0389 8056 elxstor - ok
03:19:54.0452 8056 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
03:19:54.0545 8056 ErrDev - ok
03:19:54.0623 8056 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
03:19:54.0701 8056 EventSystem - ok
03:19:54.0795 8056 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
03:19:54.0888 8056 exfat - ok
03:19:54.0920 8056 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
03:19:55.0029 8056 fastfat - ok
03:19:55.0107 8056 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
03:19:55.0200 8056 Fax - ok
03:19:55.0247 8056 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
03:19:55.0294 8056 fdc - ok
03:19:55.0325 8056 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
03:19:55.0403 8056 fdPHost - ok
03:19:55.0419 8056 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
03:19:55.0497 8056 FDResPub - ok
03:19:55.0528 8056 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
03:19:55.0559 8056 FileInfo - ok
03:19:55.0590 8056 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
03:19:55.0653 8056 Filetrace - ok
03:19:55.0668 8056 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
03:19:55.0731 8056 flpydisk - ok
03:19:55.0762 8056 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
03:19:55.0793 8056 FltMgr - ok
03:19:55.0918 8056 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
03:19:56.0199 8056 FontCache - ok
03:19:56.0292 8056 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
03:19:56.0464 8056 FontCache3.0.0.0 - ok
03:19:56.0526 8056 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
03:19:56.0558 8056 FsDepends - ok
03:19:56.0589 8056 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
03:19:56.0682 8056 Fs_Rec - ok
03:19:56.0745 8056 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
03:19:56.0807 8056 fvevol - ok
03:19:56.0838 8056 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
03:19:56.0870 8056 gagp30kx - ok
03:19:56.0948 8056 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
03:19:57.0072 8056 gpsvc - ok
03:19:57.0182 8056 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
03:19:57.0228 8056 gupdate - ok
03:19:57.0244 8056 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
03:19:57.0275 8056 gupdatem - ok
03:19:57.0322 8056 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
03:19:57.0353 8056 hcw85cir - ok
03:19:57.0416 8056 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:19:57.0478 8056 HdAudAddService - ok
03:19:57.0509 8056 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
03:19:57.0556 8056 HDAudBus - ok
03:19:57.0572 8056 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
03:19:57.0618 8056 HidBatt - ok
03:19:57.0634 8056 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
03:19:57.0681 8056 HidBth - ok
03:19:57.0712 8056 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
03:19:57.0790 8056 HidIr - ok
03:19:57.0837 8056 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
03:19:57.0884 8056 hidserv - ok
03:19:57.0946 8056 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
03:19:57.0977 8056 HidUsb - ok
03:19:58.0040 8056 [ 8F72C4916A288485812745DC5AF873FC ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
03:19:58.0071 8056 HipShieldK - ok
03:19:58.0133 8056 [ 019E1D51A7A40E5C4B2A866A351715D9 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
03:19:58.0227 8056 HitmanProScheduler - ok
03:19:58.0274 8056 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
03:19:58.0336 8056 hkmsvc - ok
03:19:58.0430 8056 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:19:58.0617 8056 HomeGroupListener - ok
03:19:58.0664 8056 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:19:58.0710 8056 HomeGroupProvider - ok
03:19:58.0851 8056 [ 31FB9D7453C424D14A6C3927483E5E60 ] HomeNetSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
03:19:58.0898 8056 HomeNetSvc - ok
03:19:58.0976 8056 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
03:19:59.0038 8056 HpSAMD - ok
03:19:59.0100 8056 [ 210388FD8225B02BD83D77628AAE64A9 ] HsfXAudioService C:\Windows\system32\XAudio32.dll
03:19:59.0210 8056 HsfXAudioService - ok
03:19:59.0241 8056 [ 227C3BA25012752BB7450235392C719F ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
03:19:59.0288 8056 HSF_DPV - ok
03:19:59.0319 8056 [ 4DF5C76302DC2F8F3465966C8426A292 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
03:19:59.0397 8056 HSXHWAZL - ok
03:19:59.0444 8056 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
03:19:59.0506 8056 HTTP - ok
03:19:59.0553 8056 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
03:19:59.0584 8056 hwpolicy - ok
03:19:59.0646 8056 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
03:19:59.0678 8056 i8042prt - ok
03:19:59.0787 8056 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
03:19:59.0974 8056 iaStorV - ok
03:20:00.0255 8056 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
03:20:00.0660 8056 idsvc - ok
03:20:00.0770 8056 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
03:20:00.0879 8056 iirsp - ok
03:20:01.0269 8056 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
03:20:01.0378 8056 IKEEXT - ok
03:20:01.0534 8056 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
03:20:01.0596 8056 intelide - ok
03:20:01.0643 8056 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
03:20:01.0846 8056 intelppm - ok
03:20:01.0877 8056 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
03:20:01.0971 8056 IPBusEnum - ok
03:20:01.0986 8056 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:20:02.0158 8056 IpFilterDriver - ok
03:20:02.0220 8056 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
03:20:02.0642 8056 iphlpsvc - ok
03:20:02.0688 8056 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
03:20:02.0891 8056 IPMIDRV - ok
03:20:02.0969 8056 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
03:20:03.0110 8056 IPNAT - ok
03:20:03.0141 8056 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
03:20:03.0219 8056 IRENUM - ok
03:20:03.0250 8056 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
03:20:03.0312 8056 isapnp - ok
03:20:03.0359 8056 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
03:20:03.0406 8056 iScsiPrt - ok
03:20:03.0515 8056 [ D1B52454B3E4129BADAB51B463B63B08 ] ITMRTSVC C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
03:20:03.0546 8056 ITMRTSVC - ok
03:20:03.0593 8056 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
03:20:03.0624 8056 kbdclass - ok
03:20:03.0640 8056 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
03:20:03.0702 8056 kbdhid - ok
03:20:03.0734 8056 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
03:20:03.0780 8056 KeyIso - ok
03:20:03.0812 8056 [ C7B37C0FD3678A1A05201A8C4C624A9B ] KmxAgent C:\Windows\system32\DRIVERS\kmxagent.sys
03:20:03.0843 8056 KmxAgent - ok
03:20:03.0890 8056 [ 84F76979C3BC3B0117F847C393C9FC36 ] KmxCfg C:\Windows\system32\DRIVERS\kmxcfg.sys
03:20:03.0921 8056 KmxCfg - ok
03:20:03.0952 8056 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
03:20:03.0983 8056 KSecDD - ok
03:20:04.0030 8056 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
03:20:04.0061 8056 KSecPkg - ok
03:20:04.0108 8056 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
03:20:04.0202 8056 KtmRm - ok
03:20:04.0233 8056 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
03:20:04.0420 8056 LanmanServer - ok
03:20:04.0514 8056 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:20:04.0654 8056 LanmanWorkstation - ok
03:20:04.0716 8056 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
03:20:04.0794 8056 lltdio - ok
03:20:04.0826 8056 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
03:20:04.0982 8056 lltdsvc - ok
03:20:05.0013 8056 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
03:20:05.0138 8056 lmhosts - ok
03:20:05.0184 8056 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
03:20:05.0309 8056 LSI_FC - ok
03:20:05.0356 8056 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
03:20:05.0403 8056 LSI_SAS - ok
03:20:05.0418 8056 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
03:20:05.0450 8056 LSI_SAS2 - ok
03:20:05.0465 8056 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
03:20:05.0496 8056 LSI_SCSI - ok
03:20:05.0528 8056 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
03:20:05.0574 8056 luafv - ok
03:20:05.0621 8056 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
03:20:05.0652 8056 MBAMSwissArmy - ok
03:20:05.0762 8056 [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
03:20:05.0808 8056 McAfee SiteAdvisor Service - ok
03:20:05.0840 8056 [ 31FB9D7453C424D14A6C3927483E5E60 ] McMPFSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
03:20:05.0871 8056 McMPFSvc - ok
03:20:05.0886 8056 [ 31FB9D7453C424D14A6C3927483E5E60 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
03:20:05.0918 8056 McNaiAnn - ok
03:20:06.0027 8056 [ 2D5BA691B249789E70ED787B8C769A53 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
03:20:06.0058 8056 McODS - ok
03:20:06.0105 8056 [ 31FB9D7453C424D14A6C3927483E5E60 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
03:20:06.0120 8056 mcpltsvc - ok
03:20:06.0152 8056 [ 31FB9D7453C424D14A6C3927483E5E60 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
03:20:06.0183 8056 McProxy - ok
03:20:06.0245 8056 [ 080F072DA614C8666C0879FE6567D7BB ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
03:20:06.0261 8056 McPvDrv - ok
03:20:06.0308 8056 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
03:20:06.0542 8056 Mcx2Svc - ok
03:20:06.0620 8056 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
03:20:06.0713 8056 mdmxsdk - ok
03:20:06.0760 8056 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
03:20:06.0932 8056 megasas - ok
03:20:06.0963 8056 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
03:20:07.0103 8056 MegaSR - ok
03:20:07.0166 8056 [ BA3004F4C0A0CD19DB9C2C0AB3A84EFE ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
03:20:07.0290 8056 mfeapfk - ok
03:20:07.0353 8056 [ 39C20B7D9AC19BFE616CA09DD3A240AF ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
03:20:07.0524 8056 mfeavfk - ok
03:20:07.0556 8056 mfeavfk01 - ok
03:20:07.0602 8056 [ E3470DECDA0A4015A0CA00ED645F2EBE ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
03:20:07.0649 8056 mfebopk - ok
03:20:07.0727 8056 [ A687B3EEED3E8B305AC247DEC61EE362 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
03:20:07.0758 8056 mfecore - ok
03:20:07.0805 8056 [ 4E13EA496E202BCB4FCC342D96FAF83A ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
03:20:07.0836 8056 mfefire - ok
03:20:07.0899 8056 [ C8AC8147E02ED8795E1FD946165BACCF ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
03:20:07.0930 8056 mfefirek - ok
03:20:08.0024 8056 [ 7AAF92954D8D2801B17A1163C60ABFE9 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
03:20:08.0055 8056 mfehidk - ok
03:20:08.0117 8056 [ 7401E85D5D4B5B0F6A3098EBEE0639AA ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
03:20:08.0164 8056 mfencbdc - ok
03:20:08.0195 8056 [ 439B06E366643B32D549B939780742BE ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
03:20:08.0211 8056 mfencrk - ok
03:20:08.0258 8056 [ 82B7415D5A8FB24D3F6736400F5E1600 ] mfevtp C:\Windows\system32\mfevtps.exe
03:20:08.0289 8056 mfevtp - ok
03:20:08.0336 8056 [ 15F92BCD5CB189F5CC7D2F2381F179AC ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
03:20:08.0382 8056 mfewfpk - ok
03:20:08.0414 8056 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
03:20:08.0507 8056 MMCSS - ok
03:20:08.0601 8056 [ 35176FA09A0FC58DB630991A81A0BA39 ] MOBKbackup C:\Program Files\McAfee Online Backup\MOBKbackup.exe
03:20:08.0726 8056 MOBKbackup - ok
03:20:08.0757 8056 [ E896775837A8BCE436348DF460522394 ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
03:20:08.0944 8056 MOBKFilter - ok
03:20:08.0975 8056 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
03:20:09.0240 8056 Modem - ok
03:20:09.0303 8056 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
03:20:09.0474 8056 monitor - ok
03:20:09.0521 8056 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
03:20:09.0584 8056 mouclass - ok
03:20:09.0646 8056 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
03:20:09.0740 8056 mouhid - ok
03:20:09.0802 8056 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
03:20:09.0833 8056 mountmgr - ok
03:20:09.0958 8056 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
03:20:10.0052 8056 MozillaMaintenance - ok
03:20:10.0083 8056 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
03:20:10.0114 8056 mpio - ok
03:20:10.0161 8056 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
03:20:10.0301 8056 mpsdrv - ok
03:20:10.0379 8056 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
03:20:10.0473 8056 MpsSvc - ok
03:20:10.0520 8056 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
03:20:10.0956 8056 MRxDAV - ok
03:20:11.0019 8056 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
03:20:11.0268 8056 mrxsmb - ok
03:20:11.0315 8056 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:20:11.0378 8056 mrxsmb10 - ok
03:20:11.0456 8056 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:20:11.0534 8056 mrxsmb20 - ok
03:20:11.0565 8056 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
03:20:11.0690 8056 msahci - ok
03:20:11.0768 8056 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
03:20:11.0830 8056 msdsm - ok
03:20:11.0877 8056 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
03:20:11.0970 8056 MSDTC - ok
03:20:12.0033 8056 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
03:20:12.0158 8056 Msfs - ok
03:20:12.0189 8056 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
03:20:12.0267 8056 mshidkmdf - ok
03:20:12.0314 8056 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
03:20:12.0360 8056 msisadrv - ok
03:20:12.0392 8056 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
03:20:12.0532 8056 MSiSCSI - ok
03:20:12.0579 8056 msiserver - ok
03:20:12.0719 8056 [ 31FB9D7453C424D14A6C3927483E5E60 ] MSK80Service C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
03:20:12.0828 8056 MSK80Service - ok
03:20:12.0875 8056 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
03:20:13.0094 8056 MSKSSRV - ok
03:20:13.0140 8056 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
03:20:13.0437 8056 MSPCLOCK - ok
03:20:13.0468 8056 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
03:20:13.0686 8056 MSPQM - ok
03:20:13.0733 8056 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
03:20:13.0858 8056 MsRPC - ok
03:20:13.0936 8056 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
03:20:13.0967 8056 mssmbios - ok
03:20:14.0014 8056 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
03:20:14.0092 8056 MSTEE - ok
03:20:14.0123 8056 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
03:20:14.0217 8056 MTConfig - ok
03:20:14.0279 8056 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
03:20:14.0342 8056 Mup - ok
03:20:14.0404 8056 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
03:20:14.0451 8056 napagent - ok
03:20:14.0544 8056 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
03:20:14.0591 8056 NativeWifiP - ok
03:20:14.0685 8056 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
03:20:14.0763 8056 NDIS - ok
03:20:14.0841 8056 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
03:20:14.0997 8056 NdisCap - ok
03:20:15.0044 8056 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
03:20:15.0418 8056 NdisTapi - ok
03:20:15.0465 8056 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
03:20:15.0652 8056 Ndisuio - ok
03:20:15.0699 8056 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
03:20:15.0761 8056 NdisWan - ok
03:20:15.0870 8056 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
03:20:15.0933 8056 NDProxy - ok
03:20:16.0011 8056 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
03:20:16.0104 8056 NetBIOS - ok
03:20:16.0167 8056 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
03:20:16.0229 8056 NetBT - ok
03:20:16.0276 8056 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
03:20:16.0385 8056 Netlogon - ok
03:20:16.0416 8056 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
03:20:16.0541 8056 Netman - ok
03:20:16.0588 8056 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
03:20:16.0650 8056 netprofm - ok
03:20:16.0728 8056 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
03:20:16.0931 8056 NetTcpPortSharing - ok
03:20:17.0025 8056 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
03:20:17.0243 8056 nfrd960 - ok
03:20:17.0321 8056 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
03:20:17.0430 8056 NlaSvc - ok
03:20:17.0477 8056 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
03:20:17.0696 8056 Npfs - ok
03:20:17.0774 8056 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
03:20:17.0930 8056 nsi - ok
03:20:17.0992 8056 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
03:20:18.0148 8056 nsiproxy - ok
03:20:18.0273 8056 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
03:20:18.0366 8056 Ntfs - ok
03:20:18.0413 8056 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
03:20:18.0476 8056 Null - ok
03:20:18.0538 8056 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
03:20:18.0616 8056 NVENETFD - ok
03:20:18.0990 8056 [ 9DAC05D828E56801FD6CE5FDFCED64AF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:20:19.0396 8056 nvlddmkm - ok
03:20:19.0474 8056 [ 0219B05730635FCAB3A9925D3374C464 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
03:20:19.0677 8056 NVNET - ok
03:20:19.0739 8056 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
03:20:19.0848 8056 nvraid - ok
03:20:19.0911 8056 [ 02A9F366BCB94B286E34825B2094CB38 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
03:20:19.0989 8056 nvsmu - ok
03:20:20.0036 8056 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
03:20:20.0082 8056 nvstor - ok
03:20:20.0114 8056 [ 51E7F2C26B6ECE61C5241F1F731EAB2B ] nvsvc C:\Windows\system32\nvvsvc.exe
03:20:20.0145 8056 nvsvc - ok
03:20:20.0176 8056 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
03:20:20.0207 8056 nv_agp - ok
03:20:20.0270 8056 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
03:20:20.0363 8056 ohci1394 - ok
03:20:20.0457 8056 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
03:20:20.0519 8056 p2pimsvc - ok
03:20:20.0597 8056 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
03:20:20.0628 8056 p2psvc - ok
03:20:20.0660 8056 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
03:20:20.0706 8056 Parport - ok
03:20:20.0753 8056 [ 6DDCF3F801EC15FE698F6A215CF30A1F ] Partizan C:\Windows\system32\drivers\Partizan.sys
03:20:20.0800 8056 Partizan - ok
03:20:20.0847 8056 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
03:20:21.0018 8056 partmgr - ok
03:20:21.0081 8056 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
03:20:21.0377 8056 Parvdm - ok
03:20:21.0440 8056 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
03:20:21.0642 8056 PcaSvc - ok
03:20:21.0720 8056 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
03:20:21.0861 8056 pci - ok
03:20:21.0923 8056 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
03:20:21.0954 8056 pciide - ok
03:20:21.0986 8056 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
03:20:22.0032 8056 pcmcia - ok
03:20:22.0095 8056 [ 07D9D16537B6969F2BBE00485F10D5BA ] PCTCore C:\Windows\system32\drivers\PCTCore.sys
03:20:22.0142 8056 PCTCore - ok
03:20:22.0204 8056 [ 3C9FD593E95B98C642B4486CD122C2FB ] pctDS C:\Windows\system32\drivers\pctDS.sys
03:20:22.0251 8056 pctDS - ok
03:20:22.0298 8056 [ DB6B6E47165B9647B215CEEB4DB33B87 ] pctEFA C:\Windows\system32\drivers\pctEFA.sys
03:20:22.0344 8056 pctEFA - ok
03:20:22.0454 8056 [ AE500FF14A222636CD10D346C37A52C4 ] pctgntdi C:\Windows\System32\drivers\pctgntdi.sys
03:20:22.0500 8056 pctgntdi - ok
03:20:22.0532 8056 [ 2E1A727C2B68ED6D4B0CAF6E7565AE50 ] pctplsg C:\Windows\System32\drivers\pctplsg.sys
03:20:22.0578 8056 pctplsg - ok
03:20:22.0610 8056 [ 53CE0E9078360553FAB0BFFF1C1ECF4F ] pctplsm C:\Windows\System32\drivers\pctplsm.sys
03:20:22.0641 8056 pctplsm - ok
03:20:22.0688 8056 [ 9A073A09F22C63247964B946F04CB8A4 ] PCTSD C:\Windows\system32\Drivers\PCTSD.sys
03:20:22.0719 8056 PCTSD - ok
03:20:22.0750 8056 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
03:20:22.0781 8056 pcw - ok
03:20:22.0844 8056 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
03:20:23.0156 8056 PEAUTH - ok
03:20:23.0249 8056 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
03:20:23.0608 8056 PeerDistSvc - ok
03:20:23.0780 8056 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
03:20:23.0936 8056 pla - ok
03:20:24.0045 8056 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
03:20:24.0092 8056 PlugPlay - ok
03:20:24.0123 8056 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
03:20:24.0170 8056 PNRPAutoReg - ok
03:20:24.0216 8056 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
03:20:24.0248 8056 PNRPsvc - ok
03:20:24.0341 8056 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
03:20:24.0419 8056 PolicyAgent - ok
03:20:24.0497 8056 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
03:20:24.0575 8056 Power - ok
03:20:24.0638 8056 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
03:20:24.0716 8056 PptpMiniport - ok
03:20:24.0747 8056 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
03:20:24.0794 8056 Processor - ok
03:20:24.0840 8056 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
03:20:24.0887 8056 ProfSvc - ok
03:20:24.0918 8056 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:20:24.0965 8056 ProtectedStorage - ok
03:20:24.0996 8056 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
03:20:25.0074 8056 Psched - ok
03:20:25.0137 8056 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
03:20:25.0246 8056 ql2300 - ok
03:20:25.0293 8056 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
03:20:25.0324 8056 ql40xx - ok
03:20:25.0371 8056 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
03:20:25.0449 8056 QWAVE - ok
03:20:25.0480 8056 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
03:20:25.0527 8056 QWAVEdrv - ok
03:20:25.0558 8056 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
03:20:25.0636 8056 RasAcd - ok
03:20:25.0683 8056 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
03:20:25.0761 8056 RasAgileVpn - ok
03:20:25.0792 8056 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
03:20:25.0839 8056 RasAuto - ok
03:20:25.0870 8056 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
03:20:25.0917 8056 Rasl2tp - ok
03:20:25.0995 8056 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
03:20:26.0088 8056 RasMan - ok
03:20:26.0120 8056 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
03:20:26.0198 8056 RasPppoe - ok
03:20:26.0244 8056 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
03:20:26.0307 8056 RasSstp - ok
03:20:26.0369 8056 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
03:20:26.0447 8056 rdbss - ok
03:20:26.0478 8056 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
03:20:26.0525 8056 rdpbus - ok
03:20:26.0588 8056 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
03:20:26.0650 8056 RDPCDD - ok
03:20:26.0759 8056 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
03:20:26.0900 8056 RDPDR - ok
03:20:26.0931 8056 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
03:20:27.0009 8056 RDPENCDD - ok
03:20:27.0071 8056 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
03:20:27.0118 8056 RDPREFMP - ok
03:20:27.0165 8056 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
03:20:27.0336 8056 RDPWD - ok
03:20:27.0414 8056 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
03:20:27.0446 8056 rdyboost - ok
03:20:27.0492 8056 [ 37ECEBDD930395A9C399FB18A3C236D3 ] RegGuard C:\Windows\system32\Drivers\regguard.sys
03:20:27.0524 8056 RegGuard - ok
03:20:27.0570 8056 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
03:20:27.0664 8056 RemoteAccess - ok
03:20:27.0726 8056 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
03:20:27.0773 8056 RemoteRegistry - ok
03:20:27.0820 8056 [ B9BB8E2093C1615AD6EA55AD96214354 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
03:20:27.0882 8056 Revoflt - ok
03:20:27.0929 8056 rootrepeal - ok
03:20:27.0960 8056 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
03:20:28.0038 8056 RpcEptMapper - ok
03:20:28.0070 8056 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
03:20:28.0132 8056 RpcLocator - ok
03:20:28.0179 8056 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
03:20:28.0226 8056 RpcSs - ok
03:20:28.0288 8056 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
03:20:28.0335 8056 rspndr - ok
03:20:28.0397 8056 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
03:20:28.0475 8056 s3cap - ok
03:20:28.0522 8056 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
03:20:28.0553 8056 SamSs - ok
03:20:28.0662 8056 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
03:20:28.0740 8056 SASDIFSV - ok
03:20:28.0834 8056 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
03:20:28.0881 8056 SASKUTIL - ok
03:20:28.0928 8056 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
03:20:28.0990 8056 sbp2port - ok
03:20:29.0052 8056 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
03:20:29.0224 8056 SCardSvr - ok
03:20:29.0333 8056 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
03:20:29.0458 8056 scfilter - ok
03:20:29.0645 8056 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
03:20:29.0754 8056 Schedule - ok
03:20:29.0801 8056 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
03:20:29.0832 8056 SCPolicySvc - ok
03:20:29.0895 8056 [ AE88672774DF12BEDF76768E52D23424 ] sdAuxService C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
03:20:29.0957 8056 sdAuxService - ok
03:20:30.0020 8056 [ 5FC31ADB3B47E00349B92E57117D2C07 ] sdCoreService C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
03:20:30.0066 8056 sdCoreService - ok
03:20:30.0129 8056 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
03:20:30.0207 8056 SDRSVC - ok
03:20:30.0316 8056 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
03:20:30.0363 8056 SDScannerService - ok
03:20:30.0441 8056 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
03:20:30.0503 8056 SDUpdateService - ok
03:20:30.0566 8056 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
03:20:30.0597 8056 SDWSCService - ok
03:20:30.0644 8056 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
03:20:30.0722 8056 secdrv - ok
03:20:30.0784 8056 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
03:20:30.0878 8056 seclogon - ok
03:20:30.0924 8056 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
03:20:30.0987 8056 SENS - ok
03:20:31.0049 8056 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
03:20:31.0158 8056 SensrSvc - ok
03:20:31.0205 8056 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
03:20:41.0751 8056 Serenum - ok
03:20:41.0813 8056 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
03:20:42.0125 8056 Serial - ok
03:20:42.0266 8056 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
03:20:42.0406 8056 sermouse - ok
03:20:42.0578 8056 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
03:20:42.0656 8056 SessionEnv - ok
03:20:42.0718 8056 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
03:20:42.0983 8056 sffdisk - ok
03:20:43.0014 8056 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
03:20:43.0124 8056 sffp_mmc - ok
03:20:43.0170 8056 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
03:20:43.0248 8056 sffp_sd - ok
03:20:43.0280 8056 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
03:20:43.0389 8056 sfloppy - ok
03:20:43.0607 8056 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
03:20:43.0763 8056 SharedAccess - ok
03:20:43.0982 8056 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:20:44.0075 8056 ShellHWDetection - ok
03:20:44.0153 8056 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
03:20:44.0231 8056 sisagp - ok
03:20:44.0294 8056 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
03:20:44.0372 8056 SiSRaid2 - ok
03:20:44.0403 8056 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
03:20:44.0512 8056 SiSRaid4 - ok
03:20:44.0637 8056 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
03:20:44.0684 8056 SkypeUpdate - ok
03:20:44.0730 8056 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
03:20:44.0886 8056 Smb - ok
03:20:44.0964 8056 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
03:20:45.0011 8056 SNMPTRAP - ok
03:20:45.0074 8056 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
03:20:45.0183 8056 spldr - ok
03:20:45.0245 8056 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
03:20:45.0339 8056 Spooler - ok
03:20:45.0838 8056 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
03:20:46.0056 8056 sppsvc - ok
03:20:46.0119 8056 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
03:20:46.0212 8056 sppuinotify - ok
03:20:46.0322 8056 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
03:20:46.0415 8056 srv - ok
03:20:46.0540 8056 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
03:20:46.0602 8056 srv2 - ok
03:20:46.0680 8056 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
03:20:46.0790 8056 SrvHsfHDA - ok
03:20:47.0008 8056 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
03:20:47.0086 8056 SrvHsfV92 - ok
03:20:47.0258 8056 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
03:20:47.0336 8056 SrvHsfWinac - ok
03:20:47.0398 8056 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
03:20:47.0429 8056 srvnet - ok
03:20:47.0616 8056 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
03:20:47.0772 8056 SSDPSRV - ok
03:20:47.0850 8056 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
03:20:47.0913 8056 SstpSvc - ok
03:20:47.0975 8056 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
03:20:48.0022 8056 stexstor - ok
03:20:48.0178 8056 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
03:20:48.0287 8056 StiSvc - ok
03:20:48.0365 8056 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
03:20:48.0428 8056 storflt - ok
03:20:48.0506 8056 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
03:20:48.0552 8056 StorSvc - ok
03:20:48.0599 8056 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
03:20:48.0630 8056 storvsc - ok
03:20:48.0662 8056 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
03:20:48.0708 8056 swenum - ok
03:20:48.0755 8056 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
03:20:48.0849 8056 swprv - ok
03:20:48.0911 8056 [ F5D926807BD9BC0AF68F9376144DE425 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
03:20:48.0942 8056 SynTP - ok
03:20:49.0036 8056 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
03:20:49.0395 8056 SysMain - ok
03:20:49.0488 8056 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:20:49.0629 8056 TabletInputService - ok
03:20:49.0691 8056 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
03:20:49.0972 8056 TapiSrv - ok
03:20:50.0050 8056 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
03:20:50.0128 8056 TBS - ok
03:20:50.0222 8056 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
03:20:50.0300 8056 Tcpip - ok
03:20:50.0331 8056 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
03:20:50.0393 8056 TCPIP6 - ok
03:20:50.0456 8056 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
03:20:50.0487 8056 tcpipreg - ok
03:20:50.0549 8056 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
03:20:50.0612 8056 TDPIPE - ok
03:20:50.0658 8056 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
03:20:50.0705 8056 TDTCP - ok
03:20:50.0768 8056 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
03:20:50.0814 8056 tdx - ok
03:20:50.0877 8056 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
03:20:50.0908 8056 TermDD - ok
03:20:50.0986 8056 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
03:20:51.0126 8056 TermService - ok
03:20:51.0204 8056 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
03:20:51.0345 8056 Themes - ok
03:20:51.0407 8056 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
03:20:51.0548 8056 THREADORDER - ok
03:20:51.0594 8056 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
03:20:51.0922 8056 TrkWks - ok
03:20:52.0031 8056 [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight C:\Windows\system32\drivers\TrueSight.sys
03:20:52.0125 8056 TrueSight ( UnsignedFile.Multi.Generic ) - warning
03:20:52.0125 8056 TrueSight - detected UnsignedFile.Multi.Generic (1)
03:20:52.0203 8056 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:20:52.0343 8056 TrustedInstaller - ok
03:20:52.0437 8056 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
03:20:52.0530 8056 tssecsrv - ok
03:20:52.0608 8056 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
03:20:52.0686 8056 TsUsbFlt - ok
03:20:52.0780 8056 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
03:20:52.0920 8056 tunnel - ok
03:20:52.0983 8056 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
03:20:53.0045 8056 uagp35 - ok
03:20:53.0108 8056 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
03:20:53.0170 8056 udfs - ok
03:20:53.0248 8056 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
03:20:53.0326 8056 UI0Detect - ok
03:20:53.0357 8056 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
03:20:53.0404 8056 uliagpkx - ok
03:20:53.0435 8056 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
03:20:53.0498 8056 umbus - ok
03:20:53.0560 8056 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
03:20:53.0716 8056 UmPass - ok
03:20:53.0825 8056 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
03:20:53.0966 8056 UmRdpService - ok
03:20:54.0262 8056 [ 627B9487FC8F23AB11138613CD5563DC ] UmxAgent C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
03:20:54.0340 8056 UmxAgent - ok
03:20:54.0496 8056 [ FBC10A48BC95EFAA11D26E266682DE61 ] UmxCfg C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
03:20:54.0543 8056 UmxCfg - ok
03:20:54.0652 8056 [ 9B34CE1DB1360206222A05D78A7FEADF ] UmxPol C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
03:20:54.0683 8056 UmxPol - ok
03:20:54.0761 8056 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
03:20:54.0886 8056 upnphost - ok
03:20:54.0948 8056 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
03:20:54.0995 8056 usbccgp - ok
03:20:55.0089 8056 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
03:20:55.0198 8056 usbcir - ok
03:20:55.0260 8056 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
03:20:55.0292 8056 usbehci - ok
03:20:55.0354 8056 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
03:20:55.0448 8056 usbhub - ok
03:20:55.0510 8056 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
03:20:55.0572 8056 usbohci - ok
03:20:55.0650 8056 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
03:20:55.0713 8056 usbprint - ok
03:20:55.0791 8056 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
03:20:55.0838 8056 USBSTOR - ok
03:20:55.0900 8056 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
03:20:56.0009 8056 usbuhci - ok
03:20:56.0072 8056 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
03:20:56.0118 8056 UxSms - ok
03:20:56.0181 8056 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
03:20:56.0243 8056 VaultSvc - ok
03:20:56.0274 8056 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
03:20:56.0306 8056 vdrvroot - ok
03:20:56.0462 8056 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
03:20:56.0571 8056 vds - ok
03:20:56.0618 8056 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
03:20:56.0758 8056 vga - ok
03:20:56.0836 8056 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
03:20:56.0898 8056 VgaSave - ok
03:20:56.0992 8056 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
03:20:57.0101 8056 vhdmp - ok
03:20:57.0117 8056 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
03:20:57.0179 8056 viaagp - ok
03:20:57.0242 8056 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
03:20:57.0335 8056 ViaC7 - ok
03:20:57.0366 8056 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
03:20:57.0398 8056 viaide - ok
03:20:57.0476 8056 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
03:20:57.0569 8056 vmbus - ok
03:20:57.0616 8056 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
03:20:57.0678 8056 VMBusHID - ok
03:20:57.0710 8056 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
03:20:57.0741 8056 volmgr - ok
03:20:57.0850 8056 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
03:20:57.0928 8056 volmgrx - ok
03:20:57.0975 8056 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
03:20:58.0053 8056 volsnap - ok
03:20:58.0146 8056 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
03:20:58.0209 8056 vsmraid - ok
03:20:58.0427 8056 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
03:20:58.0536 8056 VSS - ok
03:20:58.0568 8056 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
03:20:58.0646 8056 vwifibus - ok
03:20:58.0692 8056 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
03:20:58.0755 8056 vwififlt - ok
03:20:58.0880 8056 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
03:20:58.0989 8056 W32Time - ok
03:20:59.0036 8056 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
03:20:59.0129 8056 WacomPen - ok
03:20:59.0223 8056 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
03:20:59.0285 8056 WANARP - ok
03:20:59.0301 8056 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
03:20:59.0410 8056 Wanarpv6 - ok
03:20:59.0706 8056 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
03:20:59.0784 8056 wbengine - ok
03:20:59.0894 8056 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
03:20:59.0956 8056 WbioSrvc - ok
03:21:00.0065 8056 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
03:21:00.0252 8056 wcncsvc - ok
03:21:00.0330 8056 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:21:00.0486 8056 WcsPlugInService - ok
03:21:00.0564 8056 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
03:21:00.0611 8056 Wd - ok
03:21:00.0720 8056 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
03:21:00.0783 8056 Wdf01000 - ok
03:21:00.0830 8056 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
03:21:00.0970 8056 WdiServiceHost - ok
03:21:01.0017 8056 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
03:21:01.0064 8056 WdiSystemHost - ok
03:21:01.0157 8056 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
03:21:01.0204 8056 WebClient - ok
03:21:01.0298 8056 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
03:21:01.0376 8056 Wecsvc - ok
03:21:01.0454 8056 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
03:21:01.0563 8056 wercplsupport - ok
03:21:01.0625 8056 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
03:21:01.0781 8056 WerSvc - ok
03:21:01.0828 8056 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
03:21:01.0922 8056 WfpLwf - ok
03:21:01.0984 8056 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
03:21:02.0031 8056 WIMMount - ok
03:21:02.0218 8056 [ 8B976D4CA270110111DF4F313DA0E6E8 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
03:21:02.0296 8056 winachsf - ok
03:21:02.0483 8056 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
03:21:02.0592 8056 WinDefend - ok
03:21:02.0639 8056 WinHttpAutoProxySvc - ok
03:21:03.0060 8056 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
03:21:03.0154 8056 Winmgmt - ok
03:21:03.0482 8056 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
03:21:03.0575 8056 WinRM - ok
03:21:03.0903 8056 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
03:21:04.0028 8056 Wlansvc - ok
03:21:04.0152 8056 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
03:21:04.0402 8056 WmiAcpi - ok
03:21:04.0605 8056 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
03:21:04.0745 8056 wmiApSrv - ok
03:21:05.0088 8056 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
03:21:05.0244 8056 WMPNetworkSvc - ok
03:21:05.0307 8056 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
03:21:05.0447 8056 WPCSvc - ok
03:21:05.0525 8056 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
03:21:11.0438 8056 WPDBusEnum - ok
03:21:11.0562 8056 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
03:21:12.0124 8056 ws2ifsl - ok
03:21:12.0280 8056 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
03:21:12.0405 8056 wscsvc - ok
03:21:12.0420 8056 WSearch - ok
03:21:13.0341 8056 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
03:21:13.0590 8056 wuauserv - ok
03:21:13.0653 8056 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
03:21:24.0167 8056 WudfPf - ok
03:21:24.0261 8056 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
03:21:24.0760 8056 WUDFRd - ok
03:21:24.0807 8056 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
03:21:25.0602 8056 wudfsvc - ok
03:21:25.0805 8056 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
03:21:26.0211 8056 WwanSvc - ok
03:21:26.0289 8056 [ 894F963BE999BA9DB5AAC3AED55B115D ] XAudio C:\Windows\system32\DRIVERS\XAudio32.sys
03:21:26.0554 8056 XAudio - ok
03:21:26.0648 8056 ================ Scan global ===============================
03:21:26.0866 8056 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
03:21:26.0975 8056 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
03:21:27.0084 8056 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
03:21:27.0116 8056 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
03:21:27.0240 8056 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
03:21:27.0240 8056 [Global] - ok
03:21:27.0303 8056 ================ Scan MBR ==================================
03:21:27.0318 8056 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:21:32.0014 8056 \Device\Harddisk0\DR0 - ok
03:21:32.0014 8056 ================ Scan VBR ==================================
03:21:32.0045 8056 [ AE2A303C61797E45FA6D0E8EC1B275BB ] \Device\Harddisk0\DR0\Partition1
03:21:32.0154 8056 \Device\Harddisk0\DR0\Partition1 - ok
03:21:32.0186 8056 [ CF267765DB2A67162CA9A80E312BA579 ] \Device\Harddisk0\DR0\Partition2
03:21:32.0186 8056 \Device\Harddisk0\DR0\Partition2 - ok
03:21:32.0201 8056 ================ Scan active images ========================
03:21:32.0201 8056 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
03:21:32.0201 8056 C:\Windows\System32\drivers\crashdmp.sys - ok
03:21:32.0201 8056 [ 5428227D4730EBDFC842E9FB593F8C8A ] C:\Windows\System32\drivers\Dumpata.sys
03:21:32.0201 8056 C:\Windows\System32\drivers\Dumpata.sys - ok
03:21:32.0217 8056 [ 338C86357871C167A96AB976519BF59E ] C:\Windows\System32\drivers\atapi.sys
03:21:32.0217 8056 C:\Windows\System32\drivers\atapi.sys - ok
03:21:32.0232 8056 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
03:21:32.0232 8056 C:\Windows\System32\drivers\dumpfve.sys - ok
03:21:32.0232 8056 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
03:21:32.0232 8056 C:\Windows\System32\drivers\cdrom.sys - ok
03:21:32.0248 8056 [ E896775837A8BCE436348DF460522394 ] C:\Windows\System32\drivers\MOBK.sys
03:21:32.0248 8056 C:\Windows\System32\drivers\MOBK.sys - ok
03:21:32.0264 8056 [ C7B37C0FD3678A1A05201A8C4C624A9B ] C:\Windows\System32\drivers\KmxAgent.sys
03:21:32.0264 8056 C:\Windows\System32\drivers\KmxAgent.sys - ok
03:21:32.0264 8056 [ 84F76979C3BC3B0117F847C393C9FC36 ] C:\Windows\System32\drivers\KmxCfg.sys
03:21:32.0264 8056 C:\Windows\System32\drivers\KmxCfg.sys - ok
03:21:32.0279 8056 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
03:21:32.0279 8056 C:\Windows\System32\drivers\beep.sys - ok
03:21:32.0295 8056 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
03:21:32.0295 8056 C:\Windows\System32\drivers\null.sys - ok
03:21:32.0295 8056 [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] C:\Windows\System32\drivers\avgtpx86.sys
03:21:32.0295 8056 C:\Windows\System32\drivers\avgtpx86.sys - ok
03:21:32.0310 8056 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
03:21:32.0310 8056 C:\Windows\System32\drivers\RDPCDD.sys - ok
03:21:32.0310 8056 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
03:21:32.0310 8056 C:\Windows\System32\drivers\vga.sys - ok
03:21:32.0326 8056 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
03:21:32.0326 8056 C:\Windows\System32\drivers\videoprt.sys - ok
03:21:32.0326 8056 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
03:21:32.0326 8056 C:\Windows\System32\drivers\watchdog.sys - ok
03:21:32.0342 8056 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
03:21:32.0342 8056 C:\Windows\System32\drivers\RDPENCDD.sys - ok
03:21:32.0342 8056 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
03:21:32.0342 8056 C:\Windows\System32\drivers\RDPREFMP.sys - ok
03:21:32.0357 8056 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
03:21:32.0357 8056 C:\Windows\System32\drivers\msfs.sys - ok
03:21:32.0373 8056 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
03:21:32.0373 8056 C:\Windows\System32\drivers\npfs.sys - ok
03:21:32.0373 8056 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
03:21:32.0373 8056 C:\Windows\System32\drivers\tdi.sys - ok
03:21:32.0388 8056 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
03:21:32.0388 8056 C:\Windows\System32\drivers\tdx.sys - ok
03:21:32.0388 8056 [ AE500FF14A222636CD10D346C37A52C4 ] C:\Windows\System32\drivers\pctgntdi.sys
03:21:32.0388 8056 C:\Windows\System32\drivers\pctgntdi.sys - ok
03:21:32.0404 8056 [ B8CEC7CB243DD20C5076EB53F5D3C62A ] C:\Windows\System32\drivers\pctwfpfilter.sys
03:21:32.0404 8056 C:\Windows\System32\drivers\pctwfpfilter.sys - ok
03:21:32.0420 8056 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
03:21:32.0420 8056 C:\Windows\System32\drivers\afd.sys - ok
03:21:32.0435 8056 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
03:21:32.0435 8056 C:\Windows\System32\drivers\netbt.sys - ok
03:21:32.0451 8056 [ 6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys
03:21:32.0451 8056 C:\Windows\System32\drivers\ws2ifsl.sys - ok
03:21:32.0451 8056 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
03:21:32.0451 8056 C:\Windows\System32\drivers\wfplwf.sys - ok
03:21:32.0466 8056 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
03:21:32.0466 8056 C:\Windows\System32\drivers\pacer.sys - ok
03:21:32.0482 8056 [ 7090D3436EEB4E7DA3373090A23448F7 ] C:\Windows\System32\drivers\vwififlt.sys
03:21:32.0482 8056 C:\Windows\System32\drivers\vwififlt.sys - ok
03:21:32.0498 8056 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
03:21:32.0498 8056 C:\Windows\System32\drivers\netbios.sys - ok
03:21:32.0513 8056 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
03:21:32.0513 8056 C:\Windows\System32\drivers\wanarp.sys - ok
03:21:32.0513 8056 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
03:21:32.0513 8056 C:\Windows\System32\drivers\termdd.sys - ok
03:21:32.0529 8056 [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
03:21:32.0529 8056 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS - ok
03:21:32.0529 8056 [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
03:21:32.0529 8056 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
03:21:32.0544 8056 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
03:21:32.0544 8056 C:\Windows\System32\drivers\rdbss.sys - ok
03:21:32.0544 8056 [ 9A073A09F22C63247964B946F04CB8A4 ] C:\Windows\System32\drivers\PCTSD.sys
03:21:32.0544 8056 C:\Windows\System32\drivers\PCTSD.sys - ok
03:21:32.0560 8056 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
03:21:32.0560 8056 C:\Windows\System32\drivers\discache.sys - ok
03:21:32.0576 8056 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
03:21:32.0576 8056 C:\Windows\System32\drivers\mssmbios.sys - ok
03:21:32.0591 8056 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
03:21:32.0591 8056 C:\Windows\System32\drivers\nsiproxy.sys - ok
03:21:32.0591 8056 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
03:21:32.0591 8056 C:\Windows\System32\drivers\blbdrive.sys - ok
03:21:32.0607 8056 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] C:\Windows\System32\drivers\csc.sys
03:21:32.0607 8056 C:\Windows\System32\drivers\csc.sys - ok
03:21:32.0622 8056 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
03:21:32.0622 8056 C:\Windows\System32\drivers\dfsc.sys - ok
03:21:32.0622 8056 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
03:21:32.0622 8056 C:\Windows\System32\drivers\tunnel.sys - ok
03:21:32.0654 8056 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] C:\Windows\System32\drivers\amdppm.sys
03:21:32.0654 8056 C:\Windows\System32\drivers\amdppm.sys - ok
03:21:32.0686 8056 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys
03:21:32.0686 8056 C:\Windows\System32\drivers\i8042prt.sys - ok
03:21:32.0686 8056 [ 0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys
03:21:32.0686 8056 C:\Windows\System32\drivers\wmiacpi.sys - ok
03:21:32.0701 8056 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
03:21:32.0701 8056 C:\Windows\System32\drivers\kbdclass.sys - ok
03:21:32.0701 8056 [ F5D926807BD9BC0AF68F9376144DE425 ] C:\Windows\System32\drivers\SynTP.sys
03:21:32.0701 8056 C:\Windows\System32\drivers\SynTP.sys - ok
03:21:32.0717 8056 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
03:21:32.0717 8056 C:\Windows\System32\drivers\usbd.sys - ok
03:21:32.0733 8056 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
03:21:32.0733 8056 C:\Windows\System32\drivers\mouclass.sys - ok
03:21:32.0748 8056 [ DEA805815E587DAD1DD2C502220B5616 ] C:\Windows\System32\drivers\CmBatt.sys
03:21:32.0748 8056 C:\Windows\System32\drivers\CmBatt.sys - ok
03:21:32.0764 8056 [ 02A9F366BCB94B286E34825B2094CB38 ] C:\Windows\System32\drivers\nvsmu.sys
03:21:32.0764 8056 C:\Windows\System32\drivers\nvsmu.sys - ok
03:21:32.0764 8056 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
03:21:32.0764 8056 C:\Windows\System32\drivers\usbehci.sys - ok
03:21:32.0779 8056 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] C:\Windows\System32\drivers\usbohci.sys
03:21:32.0779 8056 C:\Windows\System32\drivers\usbohci.sys - ok
03:21:32.0795 8056 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
03:21:32.0795 8056 C:\Windows\System32\drivers\usbport.sys - ok
03:21:32.0795 8056 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
03:21:32.0795 8056 C:\Windows\System32\drivers\hdaudbus.sys - ok
03:21:32.0811 8056 [ 0219B05730635FCAB3A9925D3374C464 ] C:\Windows\System32\drivers\nvmf6232.sys
03:21:32.0811 8056 C:\Windows\System32\drivers\nvmf6232.sys - ok
03:21:32.0811 8056 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
03:21:32.0811 8056 C:\Windows\System32\ntdll.dll - ok
03:21:32.0826 8056 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe
03:21:32.0826 8056 C:\Windows\System32\smss.exe - ok
03:21:32.0842 8056 [ 5A1908A46DF8D6C88E441740E526B4B7 ] C:\Windows\System32\drivers\nvBridge.kmd
03:21:32.0842 8056 C:\Windows\System32\drivers\nvBridge.kmd - ok
03:21:32.0842 8056 [ 9DAC05D828E56801FD6CE5FDFCED64AF ] C:\Windows\System32\drivers\nvlddmkm.sys
03:21:32.0842 8056 C:\Windows\System32\drivers\nvlddmkm.sys - ok
03:21:32.0857 8056 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
03:21:32.0857 8056 C:\Windows\System32\drivers\dxgkrnl.sys - ok
03:21:32.0857 8056 [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys
03:21:32.0857 8056 C:\Windows\System32\drivers\dxgmms1.sys - ok
03:21:32.0873 8056 [ CFE432E8EEACBCEA3DBF53EA76978A65 ] C:\Windows\System32\drivers\athr.sys
03:21:32.0873 8056 C:\Windows\System32\drivers\athr.sys - ok
03:21:32.0873 8056 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
03:21:32.0873 8056 C:\Windows\System32\drivers\CompositeBus.sys - ok
03:21:32.0889 8056 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] C:\Windows\System32\drivers\vwifibus.sys
03:21:32.0889 8056 C:\Windows\System32\drivers\vwifibus.sys - ok
03:21:32.0889 8056 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
03:21:32.0889 8056 C:\Windows\System32\drivers\agilevpn.sys - ok
03:21:32.0904 8056 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
03:21:32.0904 8056 C:\Windows\System32\drivers\ndistapi.sys - ok
03:21:32.0920 8056 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
03:21:32.0920 8056 C:\Windows\System32\drivers\rasl2tp.sys - ok
03:21:32.0920 8056 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
03:21:32.0920 8056 C:\Windows\System32\drivers\ndiswan.sys - ok
03:21:32.0951 8056 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
03:21:32.0951 8056 C:\Windows\System32\drivers\raspppoe.sys - ok
03:21:32.0967 8056 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
03:21:32.0967 8056 C:\Windows\System32\drivers\raspptp.sys - ok
03:21:32.0998 8056 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
03:21:32.0998 8056 C:\Windows\System32\drivers\rassstp.sys - ok
03:21:33.0013 8056 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
03:21:33.0013 8056 C:\Windows\System32\drivers\ks.sys - ok
03:21:33.0013 8056 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] C:\Windows\System32\drivers\rdpbus.sys
03:21:33.0013 8056 C:\Windows\System32\drivers\rdpbus.sys - ok
03:21:33.0029 8056 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
03:21:33.0029 8056 C:\Windows\System32\drivers\swenum.sys - ok
03:21:33.0045 8056 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
03:21:33.0045 8056 C:\Windows\System32\drivers\umbus.sys - ok
03:21:33.0060 8056 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
03:21:33.0060 8056 C:\Windows\System32\drivers\usbhub.sys - ok
03:21:33.0076 8056 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
03:21:33.0076 8056 C:\Windows\System32\drivers\ndproxy.sys - ok
03:21:33.0091 8056 [ DDA0CB141150FEF87419926790CD26C8 ] C:\Windows\System32\drivers\CHDRT32.sys
03:21:33.0091 8056 C:\Windows\System32\drivers\CHDRT32.sys - ok
03:21:33.0091 8056 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
03:21:33.0091 8056 C:\Windows\System32\drivers\drmk.sys - ok
03:21:33.0107 8056 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
03:21:33.0107 8056 C:\Windows\System32\drivers\portcls.sys - ok
03:21:33.0123 8056 [ 4DF5C76302DC2F8F3465966C8426A292 ] C:\Windows\System32\drivers\HSXHWAZL.sys
03:21:33.0123 8056 C:\Windows\System32\drivers\HSXHWAZL.sys - ok
03:21:33.0123 8056 [ 227C3BA25012752BB7450235392C719F ] C:\Windows\System32\drivers\HSX_DPV.sys
03:21:33.0123 8056 C:\Windows\System32\drivers\HSX_DPV.sys - ok
03:21:33.0138 8056 [ 8B976D4CA270110111DF4F313DA0E6E8 ] C:\Windows\System32\drivers\HSX_CNXT.sys
03:21:33.0138 8056 C:\Windows\System32\drivers\HSX_CNXT.sys - ok
03:21:33.0154 8056 [ F001861E5700EE84E2D4E52C712F4964 ] C:\Windows\System32\drivers\modem.sys
03:21:33.0154 8056 C:\Windows\System32\drivers\modem.sys - ok
03:21:33.0169 8056 [ A5EF29D5315111C80A5C1ABAD14C8972 ] C:\Windows\System32\drivers\HdAudio.sys
03:21:33.0169 8056 C:\Windows\System32\drivers\HdAudio.sys - ok
03:21:33.0185 8056 [ 39C20B7D9AC19BFE616CA09DD3A240AF ] C:\Windows\System32\drivers\mfeavfk.sys
03:21:33.0185 8056 C:\Windows\System32\drivers\mfeavfk.sys - ok
03:21:33.0201 8056 [ C8AC8147E02ED8795E1FD946165BACCF ] C:\Windows\System32\drivers\mfefirek.sys
03:21:33.0201 8056 C:\Windows\System32\drivers\mfefirek.sys - ok
03:21:33.0201 8056 [ 7401E85D5D4B5B0F6A3098EBEE0639AA ] C:\Windows\System32\drivers\mfencbdc.sys
03:21:33.0201 8056 C:\Windows\System32\drivers\mfencbdc.sys - ok
03:21:33.0216 8056 [ F991AB9CC6B908DB552166768176896A ] C:\Windows\System32\drivers\USBSTOR.SYS
03:21:33.0216 8056 C:\Windows\System32\drivers\USBSTOR.SYS - ok
03:21:33.0232 8056 [ A9C25C9A8F9DA7F25C14D84C4CE845A3 ] C:\Windows\System32\sdnclean.exe
03:21:33.0232 8056 C:\Windows\System32\sdnclean.exe - ok
03:21:33.0247 8056 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
03:21:33.0247 8056 C:\Windows\System32\rpcrt4.dll - ok
03:21:33.0263 8056 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
03:21:33.0263 8056 C:\Windows\System32\gdi32.dll - ok
03:21:33.0263 8056 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll
03:21:33.0263 8056 C:\Windows\System32\urlmon.dll - ok
03:21:33.0279 8056 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
03:21:33.0279 8056 C:\Windows\System32\ws2_32.dll - ok
03:21:33.0294 8056 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
03:21:33.0294 8056 C:\Windows\System32\psapi.dll - ok
03:21:33.0294 8056 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
03:21:33.0294 8056 C:\Windows\System32\user32.dll - ok
03:21:33.0294 8056 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
03:21:33.0294 8056 C:\Windows\System32\advapi32.dll - ok
03:21:33.0310 8056 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
03:21:33.0310 8056 C:\Windows\System32\comdlg32.dll - ok
03:21:33.0310 8056 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
03:21:33.0310 8056 C:\Windows\System32\msctf.dll - ok
03:21:33.0325 8056 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
03:21:33.0325 8056 C:\Windows\System32\shlwapi.dll - ok
03:21:33.0325 8056 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
03:21:33.0325 8056 C:\Windows\System32\nsi.dll - ok
03:21:33.0341 8056 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
03:21:33.0341 8056 C:\Windows\System32\oleaut32.dll - ok
03:21:33.0357 8056 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
03:21:33.0357 8056 C:\Windows\System32\shell32.dll - ok
03:21:33.0357 8056 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
03:21:33.0372 8056 C:\Windows\System32\difxapi.dll - ok
03:21:33.0372 8056 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
03:21:33.0372 8056 C:\Windows\System32\setupapi.dll - ok
03:21:33.0388 8056 [ AE09B85158C66E2C154C5C9B3C0027B3 ] C:\Windows\System32\kernel32.dll
03:21:33.0388 8056 C:\Windows\System32\kernel32.dll - ok
03:21:33.0388 8056 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
03:21:33.0388 8056 C:\Windows\System32\normaliz.dll - ok
03:21:33.0403 8056 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\System32\usp10.dll
03:21:33.0403 8056 C:\Windows\System32\usp10.dll - ok
03:21:33.0419 8056 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
03:21:33.0419 8056 C:\Windows\System32\Wldap32.dll - ok
03:21:33.0419 8056 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
03:21:33.0419 8056 C:\Windows\System32\msvcrt.dll - ok
03:21:33.0419 8056 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
03:21:33.0419 8056 C:\Windows\System32\imm32.dll - ok
03:21:33.0435 8056 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
03:21:33.0435 8056 C:\Windows\System32\ole32.dll - ok
03:21:33.0450 8056 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll
03:21:33.0450 8056 C:\Windows\System32\iertutil.dll - ok
03:21:33.0450 8056 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
03:21:33.0450 8056 C:\Windows\System32\clbcatq.dll - ok
03:21:33.0466 8056 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll
03:21:33.0466 8056 C:\Windows\System32\wininet.dll - ok
03:21:33.0466 8056 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
03:21:33.0466 8056 C:\Windows\System32\imagehlp.dll - ok
03:21:33.0481 8056 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
03:21:33.0481 8056 C:\Windows\System32\sechost.dll - ok
03:21:33.0497 8056 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
03:21:33.0497 8056 C:\Windows\System32\devobj.dll - ok
03:21:33.0497 8056 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
03:21:33.0497 8056 C:\Windows\System32\lpk.dll - ok
03:21:33.0513 8056 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
03:21:33.0513 8056 C:\Windows\System32\wintrust.dll - ok
03:21:33.0513 8056 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
03:21:33.0513 8056 C:\Windows\System32\cfgmgr32.dll - ok
03:21:33.0528 8056 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
03:21:33.0528 8056 C:\Windows\System32\comctl32.dll - ok
03:21:33.0528 8056 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll
03:21:33.0528 8056 C:\Windows\System32\crypt32.dll - ok
03:21:33.0544 8056 [ AD88D390C9417C959E08F8BF6F2B8154 ] C:\Windows\System32\KernelBase.dll
03:21:33.0544 8056 C:\Windows\System32\KernelBase.dll - ok
03:21:33.0559 8056 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
03:21:33.0559 8056 C:\Windows\System32\msasn1.dll - ok
03:21:33.0559 8056 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
03:21:33.0559 8056 C:\Windows\System32\drivers\dxapi.sys - ok
03:21:33.0575 8056 [ C7ECD7583B56569DC3DE77FE05641565 ] C:\Windows\System32\win32k.sys
03:21:33.0575 8056 C:\Windows\System32\win32k.sys - ok
03:21:33.0575 8056 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll
03:21:33.0575 8056 C:\Windows\System32\csrsrv.dll - ok
03:21:33.0684 8056 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
03:21:33.0684 8056 C:\Windows\System32\csrss.exe - ok
03:21:33.0996 8056 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
03:21:33.0996 8056 C:\Windows\System32\basesrv.dll - ok
03:21:34.0027 8056 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\System32\winsrv.dll
03:21:34.0027 8056 C:\Windows\System32\winsrv.dll - ok
03:21:34.0027 8056 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
03:21:34.0027 8056 C:\Windows\System32\drivers\monitor.sys - ok
03:21:34.0043 8056 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
03:21:34.0043 8056 C:\Windows\System32\tsddd.dll - ok
03:21:34.0043 8056 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
03:21:34.0043 8056 C:\Windows\System32\sxssrv.dll - ok
03:21:34.0059 8056 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
03:21:34.0059 8056 C:\Windows\System32\wininit.exe - ok
03:21:34.0074 8056 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
03:21:34.0074 8056 C:\Windows\System32\profapi.dll - ok
03:21:34.0090 8056 [ 44496D13ECA356728E1CD71A5473DA4D ] C:\Windows\System32\KBDFR.DLL
03:21:34.0090 8056 C:\Windows\System32\KBDFR.DLL - ok
03:21:34.0246 8056 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
03:21:34.0246 8056 C:\Windows\System32\RpcRtRemote.dll - ok
03:21:34.0261 8056 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
03:21:34.0261 8056 C:\Windows\System32\KBDUS.DLL - ok
03:21:34.0277 8056 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
03:21:34.0277 8056 C:\Windows\System32\WlS0WndH.dll - ok
03:21:34.0293 8056 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
03:21:34.0293 8056 C:\Windows\System32\sxs.dll - ok
03:21:34.0308 8056 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
03:21:34.0308 8056 C:\Windows\System32\cryptbase.dll - ok
03:21:34.0308 8056 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
03:21:34.0308 8056 C:\Windows\System32\apphelp.dll - ok
03:21:34.0324 8056 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
03:21:34.0324 8056 C:\Windows\System32\lsass.exe - ok
03:21:34.0339 8056 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
03:21:34.0339 8056 C:\Windows\System32\lsm.exe - ok
03:21:34.0339 8056 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
03:21:34.0339 8056 C:\Windows\System32\services.exe - ok
03:21:34.0355 8056 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
03:21:34.0355 8056 C:\Windows\System32\sspicli.dll - ok
03:21:34.0355 8056 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
03:21:34.0355 8056 C:\Windows\System32\cdd.dll - ok
03:21:34.0371 8056 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
03:21:34.0371 8056 C:\Windows\System32\scesrv.dll - ok
03:21:34.0386 8056 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
03:21:34.0386 8056 C:\Windows\System32\scext.dll - ok
03:21:34.0386 8056 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
03:21:34.0386 8056 C:\Windows\System32\secur32.dll - ok
03:21:34.0402 8056 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
03:21:34.0402 8056 C:\Windows\System32\srvcli.dll - ok
03:21:34.0402 8056 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
03:21:34.0402 8056 C:\Windows\System32\sspisrv.dll - ok
03:21:34.0417 8056 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
03:21:34.0417 8056 C:\Windows\System32\sysntfy.dll - ok
03:21:34.0417 8056 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
03:21:34.0417 8056 C:\Windows\System32\wmsgapi.dll - ok
03:21:34.0433 8056 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
03:21:34.0433 8056 C:\Windows\System32\lsasrv.dll - ok
03:21:34.0449 8056 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
03:21:34.0449 8056 C:\Windows\System32\samsrv.dll - ok
03:21:34.0449 8056 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
03:21:34.0449 8056 C:\Windows\System32\cryptdll.dll - ok
03:21:34.0511 8056 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
03:21:34.0511 8056 C:\Windows\System32\wevtapi.dll - ok
03:21:34.0527 8056 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
03:21:34.0527 8056 C:\Windows\System32\authz.dll - ok
03:21:34.0527 8056 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
03:21:34.0527 8056 C:\Windows\System32\cngaudit.dll - ok
03:21:34.0542 8056 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\System32\ncrypt.dll
03:21:34.0542 8056 C:\Windows\System32\ncrypt.dll - ok
03:21:34.0542 8056 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
03:21:34.0542 8056 C:\Windows\System32\bcrypt.dll - ok
03:21:34.0558 8056 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
03:21:34.0558 8056 C:\Windows\System32\msprivs.dll - ok
03:21:34.0573 8056 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
03:21:34.0573 8056 C:\Windows\System32\netjoin.dll - ok
03:21:34.0573 8056 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
03:21:34.0573 8056 C:\Windows\System32\negoexts.dll - ok
03:21:34.0605 8056 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
03:21:34.0605 8056 C:\Windows\System32\kerberos.dll - ok
03:21:34.0620 8056 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
03:21:34.0620 8056 C:\Windows\System32\cryptsp.dll - ok
03:21:34.0636 8056 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
03:21:34.0636 8056 C:\Windows\System32\mswsock.dll - ok
03:21:34.0636 8056 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
03:21:34.0636 8056 C:\Windows\System32\wship6.dll - ok
03:21:34.0651 8056 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
03:21:34.0651 8056 C:\Windows\System32\msv1_0.dll - ok
03:21:34.0651 8056 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
03:21:34.0651 8056 C:\Windows\System32\netlogon.dll - ok
03:21:34.0667 8056 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
03:21:34.0667 8056 C:\Windows\System32\dnsapi.dll - ok
03:21:34.0683 8056 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
03:21:34.0683 8056 C:\Windows\System32\logoncli.dll - ok
03:21:34.0683 8056 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
03:21:34.0683 8056 C:\Windows\System32\schannel.dll - ok
03:21:34.0698 8056 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
03:21:34.0698 8056 C:\Windows\System32\wdigest.dll - ok
03:21:34.0698 8056 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
03:21:34.0698 8056 C:\Windows\System32\rsaenh.dll - ok
03:21:34.0714 8056 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
03:21:34.0714 8056 C:\Windows\System32\bcryptprimitives.dll - ok
03:21:34.0729 8056 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
03:21:34.0729 8056 C:\Windows\System32\pku2u.dll - ok
03:21:34.0745 8056 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
03:21:34.0745 8056 C:\Windows\System32\TSpkg.dll - ok
03:21:34.0745 8056 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
03:21:34.0745 8056 C:\Windows\System32\credssp.dll - ok
03:21:34.0761 8056 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
03:21:34.0761 8056 C:\Windows\System32\efslsaext.dll - ok
03:21:34.0776 8056 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
03:21:34.0776 8056 C:\Windows\System32\scecli.dll - ok
03:21:34.0792 8056 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
03:21:34.0792 8056 C:\Windows\System32\ubpm.dll - ok
03:21:34.0807 8056 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
03:21:34.0807 8056 C:\Windows\System32\winsta.dll - ok
03:21:34.0807 8056 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
03:21:34.0807 8056 C:\Windows\System32\svchost.exe - ok
03:21:34.0839 8056 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
03:21:34.0839 8056 C:\Windows\System32\devrtl.dll - ok
03:21:34.0854 8056 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
03:21:34.0854 8056 C:\Windows\System32\SPInf.dll - ok
03:21:34.0870 8056 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
03:21:34.0870 8056 C:\Windows\System32\umpnpmgr.dll - ok
03:21:34.0885 8056 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
03:21:34.0885 8056 C:\Windows\System32\gpapi.dll - ok
03:21:34.0885 8056 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
03:21:34.0885 8056 C:\Windows\System32\userenv.dll - ok
03:21:34.0917 8056 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
03:21:34.0917 8056 C:\Windows\System32\umpo.dll - ok
03:21:34.0932 8056 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
03:21:34.0932 8056 C:\Windows\System32\pcwum.dll - ok
03:21:34.0948 8056 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
03:21:34.0948 8056 C:\Windows\System32\powrprof.dll - ok
03:21:34.0963 8056 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
03:21:34.0963 8056 C:\Windows\System32\drivers\luafv.sys - ok
03:21:34.0995 8056 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
03:21:34.0995 8056 C:\Windows\System32\drivers\WUDFPf.sys - ok
03:21:35.0010 8056 [ 51E7F2C26B6ECE61C5241F1F731EAB2B ] C:\Windows\System32\nvvsvc.exe
03:21:35.0010 8056 C:\Windows\System32\nvvsvc.exe - ok
03:21:35.0010 8056 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
03:21:35.0010 8056 C:\Windows\System32\rpcss.dll - ok
03:21:35.0026 8056 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
03:21:35.0026 8056 C:\Windows\System32\RpcEpMap.dll - ok
03:21:35.0041 8056 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
03:21:35.0041 8056 C:\Windows\System32\WSHTCPIP.DLL - ok
03:21:35.0073 8056 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
03:21:35.0073 8056 C:\Windows\System32\wshqos.dll - ok
03:21:35.0073 8056 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
03:21:35.0073 8056 C:\Windows\System32\FirewallAPI.dll - ok
03:21:35.0088 8056 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
03:21:35.0088 8056 C:\Windows\System32\version.dll - ok
03:21:35.0104 8056 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
03:21:35.0104 8056 C:\Windows\System32\wevtsvc.dll - ok
03:21:35.0119 8056 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
03:21:35.0119 8056 C:\Windows\System32\audiosrv.dll - ok
03:21:35.0135 8056 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
03:21:35.0135 8056 C:\Windows\System32\profsvc.dll - ok
03:21:35.0135 8056 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
03:21:35.0135 8056 C:\Windows\System32\mmcss.dll - ok
03:21:35.0151 8056 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
03:21:35.0151 8056 C:\Windows\System32\avrt.dll - ok
03:21:35.0151 8056 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
03:21:35.0151 8056 C:\Windows\System32\adtschema.dll - ok
03:21:35.0166 8056 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
03:21:35.0166 8056 C:\Windows\System32\MMDevAPI.dll - ok
03:21:35.0182 8056 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
03:21:35.0182 8056 C:\Windows\System32\propsys.dll - ok
03:21:35.0182 8056 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
03:21:35.0182 8056 C:\Windows\System32\wlansvc.dll - ok
03:21:35.0197 8056 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
03:21:35.0197 8056 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
03:21:35.0213 8056 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
03:21:35.0213 8056 C:\Windows\System32\MPSSVC.dll - ok
03:21:35.0229 8056 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
03:21:35.0229 8056 C:\Windows\System32\winlogon.exe - ok
03:21:35.0229 8056 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
03:21:35.0229 8056 C:\Windows\System32\drivers\fltMgr.sys - ok
03:21:35.0244 8056 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
03:21:35.0244 8056 C:\Windows\System32\PSHED.DLL - ok
03:21:35.0260 8056 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
03:21:35.0260 8056 C:\Windows\System32\netprofm.dll - ok
03:21:35.0260 8056 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
03:21:35.0260 8056 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
03:21:35.0275 8056 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL
03:21:35.0275 8056 C:\Windows\System32\QAGENTRT.DLL - ok
03:21:35.0275 8056 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
03:21:35.0275 8056 C:\Windows\System32\LogonUI.exe - ok
03:21:35.0291 8056 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
03:21:35.0291 8056 C:\Windows\System32\authui.dll - ok
03:21:35.0307 8056 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
03:21:35.0307 8056 C:\Windows\System32\cryptui.dll - ok
03:21:35.0307 8056 [ 04C20DBC09884A27F65EBD721B42F073 ] C:\Windows\System32\mssha.dll
03:21:35.0307 8056 C:\Windows\System32\mssha.dll - ok
03:21:35.0322 8056 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
03:21:35.0322 8056 C:\Windows\System32\audiodg.exe - ok
03:21:35.0322 8056 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
03:21:35.0322 8056 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
03:21:35.0338 8056 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
03:21:35.0338 8056 C:\Windows\System32\ntmarta.dll - ok
03:21:35.0353 8056 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
03:21:35.0353 8056 C:\Windows\System32\gpsvc.dll - ok
03:21:35.0353 8056 [ 50E0DD0A5B8D8BC353578F2F73926697 ] C:\Windows\System32\nlaapi.dll
03:21:35.0353 8056 C:\Windows\System32\nlaapi.dll - ok
03:21:35.0385 8056 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
03:21:35.0385 8056 C:\Windows\System32\atl.dll - ok
03:21:35.0385 8056 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
03:21:35.0385 8056 C:\Windows\System32\themeservice.dll - ok
03:21:35.0400 8056 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
03:21:35.0400 8056 C:\Windows\System32\dsrole.dll - ok
03:21:35.0416 8056 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
03:21:35.0416 8056 C:\Windows\System32\shacct.dll - ok
03:21:35.0416 8056 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
03:21:35.0416 8056 C:\Windows\System32\samlib.dll - ok
03:21:35.0431 8056 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
03:21:35.0431 8056 C:\Windows\System32\slc.dll - ok
03:21:35.0431 8056 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
03:21:35.0431 8056 C:\Windows\System32\uxtheme.dll - ok
03:21:35.0447 8056 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
03:21:35.0447 8056 C:\Windows\System32\es.dll - ok
03:21:35.0478 8056 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
03:21:35.0478 8056 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
03:21:35.0494 8056 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
03:21:35.0494 8056 C:\Windows\System32\dui70.dll - ok
03:21:35.0509 8056 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
03:21:35.0509 8056 C:\Windows\System32\comres.dll - ok
03:21:35.0525 8056 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
03:21:35.0525 8056 C:\Windows\System32\Sens.dll - ok
03:21:35.0525 8056 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
03:21:35.0525 8056 C:\Windows\System32\uxsms.dll - ok
03:21:35.0541 8056 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
03:21:35.0541 8056 C:\Windows\System32\wtsapi32.dll - ok
03:21:35.0556 8056 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
03:21:35.0556 8056 C:\Windows\System32\WUDFPlatform.dll - ok
03:21:35.0572 8056 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
03:21:35.0572 8056 C:\Windows\System32\WUDFSvc.dll - ok
03:21:35.0572 8056 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
03:21:35.0572 8056 C:\Windows\System32\duser.dll - ok
03:21:35.0587 8056 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
03:21:35.0587 8056 C:\Windows\System32\SndVolSSO.dll - ok
03:21:35.0603 8056 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
03:21:35.0603 8056 C:\Windows\System32\hid.dll - ok
03:21:35.0603 8056 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
03:21:35.0603 8056 C:\Windows\System32\winmm.dll - ok
03:21:35.0619 8056 [ 019E1D51A7A40E5C4B2A866A351715D9 ] C:\Program Files\HitmanPro\hmpsched.exe
03:21:35.0619 8056 C:\Program Files\HitmanPro\hmpsched.exe - ok
03:21:35.0619 8056 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
03:21:35.0619 8056 C:\Windows\System32\wdmaud.drv - ok
03:21:35.0619 8056 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
03:21:35.0619 8056 C:\Windows\System32\drivers\lltdio.sys - ok
03:21:35.0634 8056 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
03:21:35.0634 8056 C:\Windows\System32\ksuser.dll - ok
03:21:35.0634 8056 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
03:21:35.0634 8056 C:\Windows\System32\drivers\nwifi.sys - ok
03:21:35.0650 8056 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
03:21:35.0650 8056 C:\Windows\System32\dwmapi.dll - ok
03:21:35.0650 8056 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
03:21:35.0650 8056 C:\Windows\System32\xmllite.dll - ok
03:21:35.0665 8056 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
03:21:35.0665 8056 C:\Windows\System32\drivers\ndisuio.sys - ok
03:21:35.0665 8056 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
03:21:35.0665 8056 C:\Windows\System32\drivers\rspndr.sys - ok
03:21:35.0681 8056 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
03:21:35.0681 8056 C:\Windows\System32\nsisvc.dll - ok
03:21:35.0681 8056 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
03:21:35.0681 8056 C:\Windows\System32\AudioSes.dll - ok
03:21:35.0697 8056 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
03:21:35.0697 8056 C:\Windows\System32\dhcpcore.dll - ok
03:21:35.0697 8056 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
03:21:35.0697 8056 C:\Windows\System32\winnsi.dll - ok
03:21:35.0697 8056 [ EF71BA5DF59034962B0C62314A71351A ] C:\Windows\System32\dhcpcore6.dll
03:21:35.0697 8056 C:\Windows\System32\dhcpcore6.dll - ok
03:21:35.0728 8056 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll
03:21:35.0728 8056 C:\Windows\System32\WindowsCodecs.dll - ok
03:21:35.0728 8056 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
03:21:35.0728 8056 C:\Windows\System32\IPHLPAPI.DLL - ok
03:21:35.0743 8056 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
03:21:35.0743 8056 C:\Windows\System32\dnsrslvr.dll - ok
03:21:35.0743 8056 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
03:21:35.0743 8056 C:\Windows\System32\keyiso.dll - ok
03:21:35.0759 8056 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
03:21:35.0759 8056 C:\Windows\System32\FWPUCLNT.DLL - ok
03:21:35.0775 8056 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
03:21:35.0775 8056 C:\Windows\System32\dnsext.dll - ok
03:21:35.0790 8056 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
03:21:35.0790 8056 C:\Windows\System32\eapsvc.dll - ok
03:21:35.0806 8056 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
03:21:35.0806 8056 C:\Windows\System32\eapphost.dll - ok
03:21:35.0806 8056 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
03:21:35.0806 8056 C:\Windows\System32\midimap.dll - ok
03:21:35.0821 8056 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
03:21:35.0821 8056 C:\Windows\System32\msacm32.dll - ok
03:21:35.0821 8056 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
03:21:35.0837 8056 C:\Windows\System32\msacm32.drv - ok
03:21:35.0837 8056 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
03:21:35.0837 8056 C:\Windows\System32\umb.dll - ok
03:21:35.0853 8056 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
03:21:35.0853 8056 C:\Windows\System32\dhcpcsvc.dll - ok
03:21:35.0853 8056 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
03:21:35.0853 8056 C:\Windows\System32\AudioEng.dll - ok
03:21:35.0868 8056 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\System32\dhcpcsvc6.dll
03:21:35.0868 8056 C:\Windows\System32\dhcpcsvc6.dll - ok
03:21:35.0884 8056 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
03:21:35.0884 8056 C:\Windows\System32\winbrand.dll - ok
03:21:35.0884 8056 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
03:21:35.0884 8056 C:\Windows\System32\wlanmsm.dll - ok
03:21:35.0884 8056 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
03:21:35.0884 8056 C:\Windows\System32\VaultCredProvider.dll - ok
03:21:35.0899 8056 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
03:21:35.0899 8056 C:\Windows\System32\AUDIOKSE.dll - ok
03:21:35.0899 8056 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
03:21:35.0899 8056 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
03:21:35.0915 8056 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
03:21:35.0915 8056 C:\Windows\System32\BioCredProv.dll - ok
03:21:35.0931 8056 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
03:21:35.0931 8056 C:\Windows\System32\wlansec.dll - ok
03:21:35.0931 8056 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll
03:21:35.0931 8056 C:\Windows\System32\WMALFXGFXDSP.dll - ok
03:21:35.0946 8056 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
03:21:35.0946 8056 C:\Windows\System32\onex.dll - ok
03:21:35.0962 8056 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
03:21:35.0962 8056 C:\Windows\System32\winbio.dll - ok
03:21:35.0962 8056 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
03:21:35.0962 8056 C:\Windows\System32\credui.dll - ok
03:21:35.0977 8056 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
03:21:35.0977 8056 C:\Windows\System32\eappprxy.dll - ok
03:21:35.0977 8056 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
03:21:35.0977 8056 C:\Windows\System32\vaultcli.dll - ok
03:21:35.0993 8056 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
03:21:35.0993 8056 C:\Windows\System32\netapi32.dll - ok
03:21:36.0009 8056 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
03:21:36.0009 8056 C:\Windows\System32\netutils.dll - ok
03:21:36.0009 8056 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
03:21:36.0009 8056 C:\Windows\System32\wkscli.dll - ok
03:21:36.0024 8056 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
03:21:36.0024 8056 C:\Windows\System32\eappcfg.dll - ok
03:21:36.0024 8056 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
03:21:36.0024 8056 C:\Windows\System32\samcli.dll - ok
03:21:36.0040 8056 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
03:21:36.0040 8056 C:\Windows\System32\wlgpclnt.dll - ok
03:21:36.0040 8056 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
03:21:36.0040 8056 C:\Windows\System32\certCredProvider.dll - ok
03:21:36.0055 8056 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
03:21:36.0055 8056 C:\Windows\System32\l2gpstore.dll - ok
03:21:36.0071 8056 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
03:21:36.0071 8056 C:\Windows\System32\wlanutil.dll - ok
03:21:36.0071 8056 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
03:21:36.0071 8056 C:\Windows\System32\WinSCard.dll - ok
03:21:36.0087 8056 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
03:21:36.0087 8056 C:\Windows\System32\rasplap.dll - ok
03:21:36.0102 8056 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\System32\msxml6.dll
03:21:36.0102 8056 C:\Windows\System32\msxml6.dll - ok
03:21:36.0118 8056 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
03:21:36.0118 8056 C:\Windows\System32\mfplat.dll - ok
03:21:36.0118 8056 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
03:21:36.0118 8056 C:\Windows\System32\rasapi32.dll - ok
03:21:36.0133 8056 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
03:21:36.0133 8056 C:\Windows\System32\rasman.dll - ok
03:21:36.0133 8056 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
03:21:36.0133 8056 C:\Windows\System32\rtutils.dll - ok
03:21:36.0149 8056 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
03:21:36.0149 8056 C:\Windows\System32\oleacc.dll - ok
03:21:36.0149 8056 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
03:21:36.0149 8056 C:\Windows\System32\UXInit.dll - ok
03:21:36.0165 8056 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\System32\UIAutomationCore.dll
03:21:36.0165 8056 C:\Windows\System32\UIAutomationCore.dll - ok
03:21:36.0165 8056 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
03:21:36.0165 8056 C:\Windows\System32\msimg32.dll - ok
03:21:36.0180 8056 [ C38B506BBF22005FC5B41E2F1AFE85FE ] C:\Windows\System32\nvsvc.dll
03:21:36.0180 8056 C:\Windows\System32\nvsvc.dll - ok
03:21:36.0196 8056 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
03:21:36.0196 8056 C:\Windows\System32\shsvcs.dll - ok
03:21:36.0196 8056 [ 83C1030E304E67C2ED5BB619130BC9EE ] C:\Windows\System32\nvapi.dll
03:21:36.0196 8056 C:\Windows\System32\nvapi.dll - ok
03:21:36.0211 8056 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
03:21:36.0211 8056 C:\Windows\System32\netcfgx.dll - ok
03:21:36.0211 8056 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
03:21:36.0211 8056 C:\Windows\System32\schedsvc.dll - ok
03:21:36.0227 8056 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
03:21:36.0227 8056 C:\Windows\System32\ktmw32.dll - ok
03:21:36.0243 8056 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
03:21:36.0243 8056 C:\Windows\System32\imageres.dll - ok
03:21:36.0243 8056 [ BED111F135AAA3B9999A29BBC653ECD5 ] C:\Windows\System32\nvcpl.dll
03:21:36.0243 8056 C:\Windows\System32\nvcpl.dll - ok
03:21:36.0258 8056 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
03:21:36.0258 8056 C:\Windows\System32\taskcomp.dll - ok
03:21:36.0258 8056 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
03:21:36.0258 8056 C:\Windows\System32\fveapi.dll - ok
03:21:36.0274 8056 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
03:21:36.0274 8056 C:\Windows\System32\tbs.dll - ok
03:21:36.0274 8056 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
03:21:36.0274 8056 C:\Windows\System32\fvecerts.dll - ok
03:21:36.0289 8056 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
03:21:36.0289 8056 C:\Windows\System32\wiarpc.dll - ok
03:21:36.0289 8056 [ FBC10A48BC95EFAA11D26E266682DE61 ] C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
03:21:36.0289 8056 C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe - ok
03:21:36.0305 8056 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
03:21:36.0305 8056 C:\Windows\System32\dbghelp.dll - ok
03:21:36.0321 8056 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll
03:21:36.0321 8056 C:\Windows\System32\msi.dll - ok
03:21:36.0321 8056 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
03:21:36.0321 8056 C:\Windows\System32\msiltcfg.dll - ok
03:21:36.0336 8056 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\System32\msxml4.dll
03:21:36.0336 8056 C:\Windows\System32\msxml4.dll - ok
03:21:36.0336 8056 [ 3FB10F1376DA104606FDC3E2EEF44D45 ] C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPthEx.dll
03:21:36.0336 8056 C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPthEx.dll - ok
03:21:36.0352 8056 [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.dll
03:21:36.0352 8056 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.dll - ok
03:21:36.0352 8056 [ A3C190D644E88DE5872FC7FEC7377E35 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
03:21:36.0352 8056 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll - ok
03:21:36.0367 8056 [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
03:21:36.0367 8056 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
03:21:36.0367 8056 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
03:21:36.0367 8056 C:\Windows\System32\drivers\http.sys - ok
03:21:36.0383 8056 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe
03:21:36.0383 8056 C:\Windows\System32\spoolsv.exe - ok
03:21:36.0383 8056 [ 9B34CE1DB1360206222A05D78A7FEADF ] C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
03:21:36.0383 8056 C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe - ok
03:21:36.0399 8056 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
03:21:36.0399 8056 C:\Windows\System32\winspool.drv - ok
03:21:36.0414 8056 [ 627B9487FC8F23AB11138613CD5563DC ] C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
03:21:36.0414 8056 C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe - ok
03:21:36.0414 8056 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
03:21:36.0414 8056 C:\Windows\System32\BFE.DLL - ok
03:21:36.0430 8056 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
03:21:36.0430 8056 C:\Windows\System32\drivers\mpsdrv.sys - ok
03:21:36.0430 8056 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
03:21:36.0430 8056 C:\Windows\System32\drivers\parport.sys - ok
03:21:36.0445 8056 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe
03:21:36.0445 8056 C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok
03:21:36.0461 8056 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
03:21:36.0461 8056 C:\Windows\System32\wfapigp.dll - ok
03:21:36.0461 8056 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll
03:21:36.0461 8056 C:\Windows\System32\cryptsvc.dll - ok
03:21:36.0477 8056 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
03:21:36.0477 8056 C:\Windows\System32\dps.dll - ok
03:21:36.0492 8056 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL
03:21:36.0492 8056 C:\Windows\System32\IKEEXT.DLL - ok
03:21:36.0508 8056 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll
03:21:36.0508 8056 C:\Windows\System32\cryptnet.dll - ok
03:21:36.0508 8056 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
03:21:36.0508 8056 C:\Windows\System32\mscms.dll - ok
03:21:36.0523 8056 [ D1B52454B3E4129BADAB51B463B63B08 ] C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
03:21:36.0523 8056 C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe - ok
03:21:36.0539 8056 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
03:21:36.0539 8056 C:\Windows\System32\vssapi.dll - ok
03:21:36.0539 8056 [ 3AD34F50BB1583BE176771B3DB67A054 ] C:\Program Files\CA\SharedComponents\PPRT\bin\CAServer.dll
03:21:36.0539 8056 C:\Program Files\CA\SharedComponents\PPRT\bin\CAServer.dll - ok
03:21:36.0555 8056 [ AA44024C1796F40D43F2E6C08B47A564 ] C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe
03:21:36.0555 8056 C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe - ok
03:21:36.0570 8056 [ C3A0C96602B3E35B98D4B9970DED0681 ] C:\PROGRA~1\McAfee\SITEAD~1\SaSSHMod.dll
03:21:36.0570 8056 C:\PROGRA~1\McAfee\SITEAD~1\SaSSHMod.dll - ok
03:21:36.0601 8056 [ 080F072DA614C8666C0879FE6567D7BB ] C:\Windows\System32\drivers\McPvDrv.sys
03:21:36.0601 8056 C:\Windows\System32\drivers\McPvDrv.sys - ok
03:21:36.0617 8056 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\Windows\System32\drivers\mdmxsdk.sys
03:21:36.0617 8056 C:\Windows\System32\drivers\mdmxsdk.sys - ok
03:21:36.0617 8056 [ 82B7415D5A8FB24D3F6736400F5E1600 ] C:\Windows\System32\mfevtps.exe
03:21:36.0617 8056 C:\Windows\System32\mfevtps.exe - ok
03:21:36.0633 8056 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
03:21:36.0633 8056 C:\Windows\System32\sfc.dll - ok
03:21:36.0633 8056 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
03:21:36.0633 8056 C:\Windows\System32\sfc_os.dll - ok
03:21:36.0648 8056 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
03:21:36.0648 8056 C:\Windows\System32\pcasvc.dll - ok
03:21:36.0648 8056 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll
03:21:36.0648 8056 C:\Windows\System32\vpnikeapi.dll - ok
03:21:36.0664 8056 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
03:21:36.0664 8056 C:\Windows\System32\taskschd.dll - ok
03:21:36.0679 8056 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
03:21:36.0679 8056 C:\Windows\System32\vsstrace.dll - ok
03:21:36.0679 8056 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
03:21:36.0679 8056 C:\Windows\System32\QUTIL.DLL - ok
03:21:36.0695 8056 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
03:21:36.0695 8056 C:\Windows\System32\netman.dll - ok
03:21:36.0695 8056 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
03:21:36.0695 8056 C:\Windows\System32\snmptrap.exe - ok
03:21:36.0711 8056 [ 374071043F9E4231EE43BE2BB48DD36D ] C:\Windows\System32\nlasvc.dll
03:21:36.0711 8056 C:\Windows\System32\nlasvc.dll - ok
03:21:36.0726 8056 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
03:21:36.0726 8056 C:\Windows\System32\drivers\PEAuth.sys - ok
03:21:36.0726 8056 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\System32\ncsi.dll
03:21:36.0726 8056 C:\Windows\System32\ncsi.dll - ok
03:21:36.0742 8056 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
03:21:36.0742 8056 C:\Windows\System32\winhttp.dll - ok
03:21:36.0757 8056 [ 0A3CCB2C4F603D99F34D742FC9544B97 ] C:\Windows\System32\pstorsvc.dll
03:21:36.0757 8056 C:\Windows\System32\pstorsvc.dll - ok
03:21:36.0757 8056 [ 274992D0945889A6B56D0E1BD4288A6E ] C:\Windows\System32\psbase.dll
03:21:36.0757 8056 C:\Windows\System32\psbase.dll - ok
03:21:36.0773 8056 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
03:21:36.0773 8056 C:\Windows\System32\wdi.dll - ok
03:21:36.0789 8056 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
03:21:36.0789 8056 C:\Windows\System32\diagperf.dll - ok
03:21:36.0804 8056 [ 206387AB881E93A1A6EB89966C8651F1 ] C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
03:21:36.0804 8056 C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe - ok
03:21:36.0804 8056 [ 4C867B62F6100C107A3A8F5E7A10461D ] C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl
03:21:36.0804 8056 C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl - ok
03:21:36.0820 8056 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
03:21:36.0820 8056 C:\Windows\System32\webio.dll - ok
03:21:36.0835 8056 [ C166EAC7662D7FB1A393B5F3B9BF3FE3 ] C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll
03:21:36.0835 8056 C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll - ok
03:21:36.0835 8056 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
03:21:36.0835 8056 C:\Windows\System32\ssdpapi.dll - ok
03:21:36.0851 8056 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
03:21:36.0851 8056 C:\Windows\System32\QAGENT.DLL - ok
03:21:36.0851 8056 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll
03:21:36.0851 8056 C:\Windows\System32\wscapi.dll - ok
03:21:36.0867 8056 [ 2765B91A9EE086C20B451E80D2709CC9 ] C:\Windows\System32\DHCPQEC.DLL
03:21:36.0867 8056 C:\Windows\System32\DHCPQEC.DLL - ok
03:21:36.0882 8056 [ 929759E0775E6D00B4B2F4A08042439F ] C:\Windows\System32\napipsec.dll
03:21:36.0882 8056 C:\Windows\System32\napipsec.dll - ok
03:21:36.0898 8056 [ C555046481601ED19920F2D3E76B8A36 ] C:\Windows\System32\tsgqec.dll
03:21:36.0898 8056 C:\Windows\System32\tsgqec.dll - ok
03:21:36.0913 8056 [ 9FA14FFC9150B48C5D582DCF6A79D6F2 ] C:\Windows\System32\EAPQEC.DLL
03:21:36.0913 8056 C:\Windows\System32\EAPQEC.DLL - ok
03:21:36.0913 8056 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe
03:21:36.0913 8056 C:\Windows\System32\rundll32.exe - ok
03:21:36.0929 8056 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
03:21:36.0929 8056 C:\Windows\System32\lmhsvc.dll - ok
03:21:36.0945 8056 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
03:21:36.0945 8056 C:\Windows\AppPatch\AcLayers.dll - ok
03:21:36.0945 8056 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
03:21:36.0945 8056 C:\Windows\System32\pnpts.dll - ok
03:21:36.0960 8056 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
03:21:36.0960 8056 C:\Windows\System32\wdiasqmmodule.dll - ok
03:21:36.0960 8056 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
03:21:36.0960 8056 C:\Windows\System32\mpr.dll - ok
03:21:36.0976 8056 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll
03:21:36.0976 8056 C:\Windows\System32\shfolder.dll - ok
03:21:36.0976 8056 [ A2F17346CC5C502D4E29EF986BD17D34 ] C:\Windows\System32\PeerDistSh.dll
03:21:36.0976 8056 C:\Windows\System32\PeerDistSh.dll - ok
03:21:36.0991 8056 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
03:21:36.0991 8056 C:\Windows\System32\wsock32.dll - ok
03:21:36.0991 8056 [ 43EF8CA8FA9DC5F998FBC4C12C9556E2 ] C:\PROGRA~1\McAfee\SITEAD~1\sahook.dll
03:21:36.0991 8056 C:\PROGRA~1\McAfee\SITEAD~1\sahook.dll - ok
03:21:37.0007 8056 [ D9AF104F7E21FA859EFA3C67E5522E88 ] C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl
03:21:37.0007 8056 C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl - ok
03:21:37.0007 8056 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
03:21:37.0007 8056 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
03:21:37.0023 8056 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
03:21:37.0023 8056 C:\Windows\System32\provsvc.dll - ok
03:21:37.0038 8056 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll
03:21:37.0038 8056 C:\Windows\System32\oledlg.dll - ok
03:21:37.0038 8056 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
03:21:37.0038 8056 C:\Windows\System32\sstpsvc.dll - ok
03:21:37.0054 8056 [ 105ED75F4CEE9E58152061520DAA4ABD ] C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl
03:21:37.0054 8056 C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl - ok
03:21:37.0054 8056 [ 0FDABB1FD68CBC557084E16B0EA2F731 ] C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl
03:21:37.0054 8056 C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl - ok
03:21:37.0069 8056 [ FA27F4DF4015B22F04B5D18044A24322 ] C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
03:21:37.0069 8056 C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl - ok
03:21:37.0085 8056 [ 86E99E1222E671408ED5E8618521AEEB ] C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
03:21:37.0085 8056 C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl - ok
03:21:37.0101 8056 [ 9244E0240A1D150581C3BAA89D8AA154 ] C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
03:21:37.0116 8056 C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl - ok
03:21:37.0132 8056 [ 14361FB2FD630988816A4F46AEAF0684 ] C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
03:21:37.0132 8056 C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll - ok
03:21:37.0132 8056 [ 8E38CE628D4817D949DD31D77A7F21CD ] C:\Windows\System32\jsproxy.dll
03:21:37.0132 8056 C:\Windows\System32\jsproxy.dll - ok
03:21:37.0147 8056 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
03:21:37.0147 8056 C:\Windows\System32\drivers\secdrv.sys - ok
03:21:37.0147 8056 [ A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll
03:21:37.0147 8056 C:\Windows\System32\seclogon.dll - ok
03:21:37.0163 8056 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] C:\Program Files\Skype\Updater\Updater.exe
03:21:37.0163 8056 C:\Program Files\Skype\Updater\Updater.exe - ok
03:21:37.0179 8056 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] C:\Windows\System32\drivers\tcpipreg.sys
03:21:37.0179 8056 C:\Windows\System32\drivers\tcpipreg.sys - ok
03:21:37.0179 8056 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
03:21:37.0179 8056 C:\Windows\System32\sysmain.dll - ok
03:21:37.0194 8056 [ 894F963BE999BA9DB5AAC3AED55B115D ] C:\Windows\System32\drivers\XAudio32.sys
03:21:37.0194 8056 C:\Windows\System32\drivers\XAudio32.sys - ok
03:21:37.0210 8056 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
03:21:37.0210 8056 C:\Windows\System32\wbem\WMIsvc.dll - ok
03:21:37.0210 8056 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
03:21:37.0210 8056 C:\Windows\System32\wbemcomn.dll - ok
03:21:37.0225 8056 [ A687B3EEED3E8B305AC247DEC61EE362 ] C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
03:21:37.0225 8056 C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe - ok
03:21:37.0225 8056 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
03:21:37.0225 8056 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
03:21:37.0241 8056 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
03:21:37.0241 8056 C:\Windows\System32\wbem\WinMgmtR.dll - ok
03:21:37.0257 8056 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
03:21:37.0257 8056 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
03:21:37.0257 8056 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
03:21:37.0257 8056 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
03:21:37.0257 8056 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
03:21:37.0257 8056 C:\Windows\System32\wbem\fastprox.dll - ok
03:21:37.0272 8056 [ 6C5568D6505523D795AEF52AE3520E4E ] C:\Program Files\Common Files\McAfee\AMCore\quarantine.dll
03:21:37.0272 8056 C:\Program Files\Common Files\McAfee\AMCore\quarantine.dll - ok
03:21:37.0288 8056 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
03:21:37.0288 8056 C:\Windows\System32\ntdsapi.dll - ok
03:21:37.0288 8056 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
03:21:37.0288 8056 C:\Windows\System32\wbem\wbemprox.dll - ok
03:21:37.0303 8056 [ 1D93CCCC4FF90EF3DCECE76E6E9DDE46 ] C:\Program Files\Common Files\McAfee\AMCore\mfezip.dll
03:21:37.0303 8056 C:\Program Files\Common Files\McAfee\AMCore\mfezip.dll - ok
03:21:37.0303 8056 [ 82ED3B9BCA42A8E410294C8C978DFCD5 ] C:\Program Files\Common Files\McAfee\AMCore\mfeunzip.dll
03:21:37.0303 8056 C:\Program Files\Common Files\McAfee\AMCore\mfeunzip.dll - ok
03:21:37.0319 8056 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
03:21:37.0319 8056 C:\Windows\System32\wbem\wbemcore.dll - ok
03:21:37.0319 8056 [ F5AA2FA498722EA76FEF38934D2F478D ] C:\Program Files\Common Files\McAfee\AMCore\MFE_DS.dll
03:21:37.0319 8056 C:\Program Files\Common Files\McAfee\AMCore\MFE_DS.dll - ok
03:21:37.0335 8056 [ 4E13EA496E202BCB4FCC342D96FAF83A ] C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
03:21:37.0335 8056 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe - ok
03:21:37.0350 8056 [ 7509744AD3ECA4D625520B55633CB2CF ] C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
03:21:37.0350 8056 C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll - ok
03:21:37.0350 8056 [ A529CFE32565C0B145578FFB2B32C9A5 ] C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
03:21:37.0350 8056 C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe - ok
03:21:37.0366 8056 [ 0BB55129AD1DC7EEDD5C20AC1A5C0C1D ] C:\Program Files\Common Files\McAfee\AMCore\lua_lib.dll
03:21:37.0366 8056 C:\Program Files\Common Files\McAfee\AMCore\lua_lib.dll - ok
03:21:37.0381 8056 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll
03:21:37.0381 8056 C:\Windows\System32\cabinet.dll - ok
03:21:37.0397 8056 [ C111C989FB15809A671AE7D109BF10D5 ] C:\Program Files\Common Files\McAfee\AMCore\MFE_CS.dll
03:21:37.0397 8056 C:\Program Files\Common Files\McAfee\AMCore\MFE_CS.dll - ok
03:21:37.0397 8056 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
03:21:37.0397 8056 C:\Windows\AppPatch\AcGenral.dll - ok
03:21:37.0413 8056 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
03:21:37.0413 8056 C:\Windows\System32\wbem\esscli.dll - ok
03:21:37.0413 8056 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
03:21:37.0413 8056 C:\Windows\System32\wbem\wbemsvc.dll - ok
03:21:37.0428 8056 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
03:21:37.0428 8056 C:\Windows\System32\wbem\wmiutils.dll - ok
03:21:37.0444 8056 [ DC15CEC308EAB8E754FB237D136DFD0C ] C:\Program Files\Common Files\McAfee\AMCore\ncapi.dll
03:21:37.0444 8056 C:\Program Files\Common Files\McAfee\AMCore\ncapi.dll - ok
03:21:37.0444 8056 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
03:21:37.0444 8056 C:\Windows\System32\wbem\repdrvfs.dll - ok
03:21:37.0459 8056 [ DA7212A2E5DF4058FF72840BF4EF67EC ] C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll
03:21:37.0459 8056 C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll - ok
03:21:37.0459 8056 [ 5C99F92B3C4CFCDF928258C2E838D000 ] C:\Windows\System32\lz32.dll
03:21:37.0459 8056 C:\Windows\System32\lz32.dll - ok
03:21:37.0475 8056 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
03:21:37.0475 8056 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
03:21:37.0491 8056 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
03:21:37.0491 8056 C:\Windows\System32\ncobjapi.dll - ok
03:21:37.0491 8056 [ 2CD53402C113A884721317820E333918 ] C:\Program Files\Common Files\McAfee\AMCore\EMMain.dll
03:21:37.0506 8056 C:\Program Files\Common Files\McAfee\AMCore\EMMain.dll - ok
03:21:37.0506 8056 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
03:21:37.0506 8056 C:\Windows\System32\wbem\wbemess.dll - ok
03:21:37.0522 8056 [ D21AB32F16E8DE67D45E5A383B5E52BA ] C:\Program Files\Spybot - Search & Destroy 2\ssleay32.dll
03:21:37.0522 8056 C:\Program Files\Spybot - Search & Destroy 2\ssleay32.dll - ok
03:21:37.0537 8056 [ B009D6171147BE129636A49C4178E487 ] C:\Program Files\Spybot - Search & Destroy 2\libeay32.dll
03:21:37.0537 8056 C:\Program Files\Spybot - Search & Destroy 2\libeay32.dll - ok
03:21:37.0553 8056 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] C:\Windows\System32\wscsvc.dll
03:21:37.0553 8056 C:\Windows\System32\wscsvc.dll - ok
03:21:37.0553 8056 [ 31FB9D7453C424D14A6C3927483E5E60 ] C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
03:21:37.0553 8056 C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe - ok
03:21:37.0569 8056 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] C:\Windows\System32\iphlpsvc.dll
03:21:37.0569 8056 C:\Windows\System32\iphlpsvc.dll - ok
03:21:37.0569 8056 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\System32\msvcr100.dll
03:21:37.0569 8056 C:\Windows\System32\msvcr100.dll - ok
03:21:37.0584 8056 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
03:21:37.0584 8056 C:\Windows\System32\sqmapi.dll - ok
03:21:37.0600 8056 [ 80A617849B004D1C6C4BEAB7AA86F021 ] C:\Program Files\Common Files\McAfee\AMContent\scanners\x86\avengine\5500.0000\mcscan32.dat
03:21:37.0600 8056 C:\Program Files\Common Files\McAfee\AMContent\scanners\x86\avengine\5500.0000\mcscan32.dat - ok
03:21:37.0600 8056 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
03:21:37.0600 8056 C:\Windows\System32\wdscore.dll - ok
03:21:37.0615 8056 [ 6A8395A0F4DC83996ED3CF3DF35EA867 ] C:\Program Files\Common Files\McAfee\Platform\McSvcHost\LogCntrl.dll
03:21:37.0615 8056 C:\Program Files\Common Files\McAfee\Platform\McSvcHost\LogCntrl.dll - ok
03:21:37.0615 8056 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
03:21:37.0615 8056 C:\Windows\System32\hnetcfg.dll - ok
03:21:37.0631 8056 [ 08C4626387A5EA72A01DB6C930B2239F ] C:\PROGRA~1\McAfee\MPF\MpfSvc.dll
03:21:37.0631 8056 C:\PROGRA~1\McAfee\MPF\MpfSvc.dll - ok
03:21:37.0631 8056 [ 00D2C06A552F782C1F16ACF77DB765A5 ] C:\Windows\System32\atl100.dll
03:21:37.0631 8056 C:\Windows\System32\atl100.dll - ok
03:21:37.0647 8056 [ CB63BDB77BB86549FC3303C2F11EDC18 ] C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
03:21:37.0647 8056 C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe - ok
03:21:37.0662 8056 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\System32\msvcp100.dll
03:21:37.0662 8056 C:\Windows\System32\msvcp100.dll - ok
03:21:37.0678 8056 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll
03:21:37.0678 8056 C:\Windows\System32\p2pcollab.dll - ok
03:21:37.0693 8056 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll
03:21:37.0693 8056 C:\Windows\System32\wbem\NCProv.dll - ok
03:21:37.0709 8056 [ 21D0F6E2EF84B0B255415FAC66FD231B ] C:\Program Files\Common Files\McAfee\McProxy\McProxy.dll
03:21:37.0709 8056 C:\Program Files\Common Files\McAfee\McProxy\McProxy.dll - ok
03:21:37.0709 8056 [ 6D6B07B1374A5DC991D871B34B87523B ] C:\PROGRA~1\McAfee\MSK\msksrvr.dll
03:21:37.0709 8056 C:\PROGRA~1\McAfee\MSK\msksrvr.dll - ok
03:21:37.0725 8056 [ FC76F0803BF2B86E3ABD2C63BB0FDEFD ] C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll
03:21:37.0725 8056 C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll - ok
03:21:37.0725 8056 [ 4409CE483BC8EC247B59C9564E5E355D ] C:\PROGRA~1\McAfee\MPS\mps.dll
03:21:37.0725 8056 C:\PROGRA~1\McAfee\MPS\mps.dll - ok
03:21:37.0740 8056 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll
03:21:37.0740 8056 C:\Windows\System32\fveui.dll - ok
03:21:37.0849 8056 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
03:21:37.0849 8056 C:\Windows\System32\npmproxy.dll - ok
03:21:37.0849 8056 [ F9FC0517C8AA7C46F9C8986BD3EC8753 ] C:\PROGRA~1\McAfee\MPS\mpscfg.dll
03:21:37.0849 8056 C:\PROGRA~1\McAfee\MPS\mpscfg.dll - ok
03:21:37.0865 8056 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
03:21:37.0865 8056 C:\Windows\System32\wuapi.dll - ok
03:21:37.0881 8056 [ A8322B70CCD04F8C044B52FC849776B4 ] C:\Program Files\Common Files\McAfee\Platform\McRTMui.dll
03:21:37.0881 8056 C:\Program Files\Common Files\McAfee\Platform\McRTMui.dll - ok
03:21:37.0881 8056 [ 4A615DF61AF55269EDA6271360AD78FE ] C:\Program Files\Common Files\McAfee\Platform\LangSel.dll
03:21:37.0881 8056 C:\Program Files\Common Files\McAfee\Platform\LangSel.dll - ok
03:21:37.0896 8056 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
03:21:37.0896 8056 C:\Windows\System32\wups.dll - ok
03:21:37.0896 8056 [ 08EF41910255C6DB77FA8445003AA553 ] C:\PROGRA~1\McAfee\MSK\mskengn.dll
03:21:37.0896 8056 C:\PROGRA~1\McAfee\MSK\mskengn.dll - ok
03:21:37.0927 8056 [ B9C03F7C382DA0B2EEEE71E9BE9C1A3D ] C:\PROGRA~1\McAfee\MSK\mskupd.dll
03:21:37.0927 8056 C:\PROGRA~1\McAfee\MSK\mskupd.dll - ok
03:21:37.0943 8056 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll
03:21:37.0943 8056 C:\Windows\System32\ndiscapCfg.dll - ok
03:21:37.0959 8056 [ B50B34986C2788B38D685E720C09C493 ] C:\PROGRA~1\McAfee\MSK\mskwm.dll
03:21:37.0959 8056 C:\PROGRA~1\McAfee\MSK\mskwm.dll - ok
03:21:37.0959 8056 [ 7758D9BF4BB8AF4C73A03156705F075B ] C:\PROGRA~1\McAfee\MSC\mclwapi.dll
03:21:37.0959 8056 C:\PROGRA~1\McAfee\MSC\mclwapi.dll - ok
03:21:37.0974 8056 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
03:21:37.0974 8056 C:\Windows\System32\mprapi.dll - ok
03:21:37.0974 8056 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll
03:21:37.0974 8056 C:\Windows\System32\rascfg.dll - ok
03:21:37.0990 8056 [ BD69FAEF9CD38C617C1BE35861492F0C ] C:\PROGRA~1\COMMON~1\McAfee\Platform\mcutil.dll
03:21:37.0990 8056 C:\PROGRA~1\COMMON~1\McAfee\Platform\mcutil.dll - ok
03:21:38.0005 8056 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll
03:21:38.0005 8056 C:\Windows\System32\mprmsg.dll - ok
03:21:38.0005 8056 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll
03:21:38.0005 8056 C:\Windows\System32\tcpipcfg.dll - ok
03:21:38.0021 8056 [ E803DFF3F8581DC972AE283F0C328C49 ] C:\PROGRA~1\McAfee\MSK\mskxaif.dll
03:21:38.0021 8056 C:\PROGRA~1\McAfee\MSK\mskxaif.dll - ok
03:21:38.0021 8056 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll
03:21:38.0021 8056 C:\Windows\System32\wscisvif.dll - ok
03:21:38.0037 8056 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] C:\Windows\System32\aelupsvc.dll
03:21:38.0037 8056 C:\Windows\System32\aelupsvc.dll - ok
03:21:38.0052 8056 [ 0AFE47941709B702FEC5B4DDF019DF6E ] C:\Program Files\Common Files\McAfee\AMContent\content\amcore\normal\123.6\x86\MCNormalizer.dat
03:21:38.0052 8056 C:\Program Files\Common Files\McAfee\AMContent\content\amcore\normal\123.6\x86\MCNormalizer.dat - ok
03:21:38.0052 8056 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
03:21:38.0052 8056 C:\Windows\System32\dllhost.exe - ok
03:21:38.0068 8056 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
03:21:38.0068 8056 C:\Windows\System32\radardt.dll - ok
03:21:38.0068 8056 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll
03:21:38.0068 8056 C:\Windows\System32\wshnetbs.dll - ok
03:21:38.0083 8056 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
03:21:38.0083 8056 C:\Windows\System32\nci.dll - ok
03:21:38.0083 8056 [ 55E8267140290D8E1BF291252F3723D1 ] C:\Program Files\Common Files\McAfee\SystemCore\mfevtpa.dll
03:21:38.0083 8056 C:\Program Files\Common Files\McAfee\SystemCore\mfevtpa.dll - ok
03:21:38.0099 8056 [ 74C66725229F868699BFA0347D1544EA ] C:\PROGRA~1\McAfee\MPF\MpfEvt.dll
03:21:38.0099 8056 C:\PROGRA~1\McAfee\MPF\MpfEvt.dll - ok
03:21:38.0115 8056 [ 931A1DF1520ABC6E84BA4A75E6957025 ] C:\Windows\System32\drivers\hidclass.sys
03:21:38.0115 8056 C:\Windows\System32\drivers\hidclass.sys - ok
03:21:38.0115 8056 [ 6C26122F1931D4D7810240F32DDCE890 ] C:\Windows\System32\drivers\hidparse.sys
03:21:38.0115 8056 C:\Windows\System32\drivers\hidparse.sys - ok
03:21:38.0130 8056 [ 10C19F8290891AF023EAEC0832E1EB4D ] C:\Windows\System32\drivers\hidusb.sys
03:21:38.0130 8056 C:\Windows\System32\drivers\hidusb.sys - ok
03:21:38.0130 8056 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\System32\wlaninst.dll
03:21:38.0130 8056 C:\Windows\System32\wlaninst.dll - ok
03:21:38.0146 8056 [ 5B6EF0861BB5AC0EC347548E85C24A1D ] C:\Windows\System32\wwaninst.dll
03:21:38.0146 8056 C:\Windows\System32\wwaninst.dll - ok
03:21:38.0161 8056 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] C:\Windows\System32\drivers\mouhid.sys
03:21:38.0161 8056 C:\Windows\System32\drivers\mouhid.sys - ok
03:21:38.0161 8056 [ 366E43FE5FC207EE4E409F6F64953844 ] C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll
03:21:38.0161 8056 C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll - ok
03:21:38.0177 8056 [ B9179348E3B7F9303E2C05B5F15591DB ] C:\PROGRA~1\COMMON~1\McAfee\Platform\Core\McEvtBrk.dll
03:21:38.0177 8056 C:\PROGRA~1\COMMON~1\McAfee\Platform\Core\McEvtBrk.dll - ok
03:21:38.0193 8056 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
03:21:38.0193 8056 C:\Windows\System32\netshell.dll - ok
03:21:38.0193 8056 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
03:21:38.0193 8056 C:\Windows\System32\IDStore.dll - ok
03:21:38.0208 8056 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
03:21:38.0208 8056 C:\Windows\System32\userinit.exe - ok
03:21:38.0208 8056 [ 72E953215CADE1A726C04AAFDF6B463D ] C:\Windows\System32\taskhost.exe
03:21:38.0208 8056 C:\Windows\System32\taskhost.exe - ok
03:21:38.0224 8056 [ B2DD0F5A2511AFB1ABD52F336E451417 ] C:\PROGRA~1\McAfee\MPS\mpsevh.dll
03:21:38.0224 8056 C:\PROGRA~1\McAfee\MPS\mpsevh.dll - ok
03:21:38.0239 8056 [ E50AADBC2CF04BE9A64B966F7CB0834B ] C:\PROGRA~1\McAfee\MPS\MPSMisp.dll
03:21:38.0239 8056 C:\PROGRA~1\McAfee\MPS\MPSMisp.dll - ok
03:21:38.0239 8056 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe
03:21:38.0239 8056 C:\Windows\System32\AtBroker.exe - ok
03:21:38.0255 8056 [ B201AF83DF2E85323E29EB83E4046810 ] C:\Program Files\Internet Explorer\iexplore.exe
03:21:38.0255 8056 C:\Program Files\Internet Explorer\iexplore.exe - ok
03:21:38.0255 8056 [ C7C4ADC093E85C6F882EFD041938DC17 ] C:\PROGRA~1\COMMON~1\McAfee\Platform\PLATFO~1.DLL
03:21:38.0255 8056 C:\PROGRA~1\COMMON~1\McAfee\Platform\PLATFO~1.DLL - ok
03:21:38.0271 8056 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
03:21:38.0271 8056 C:\Windows\System32\PlaySndSrv.dll - ok
03:21:38.0286 8056 [ E51C2F2E283CEBA4212CCC67F1652CA7 ] C:\PROGRA~1\McAfee\MSC\mcregobj\12_1_2~1\mcregobj.dll
03:21:38.0286 8056 C:\PROGRA~1\McAfee\MSC\mcregobj\12_1_2~1\mcregobj.dll - ok
03:21:38.0286 8056 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
03:21:38.0286 8056 C:\Windows\System32\MsCtfMonitor.dll - ok
03:21:38.0286 8056 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
03:21:38.0286 8056 C:\Windows\System32\msutb.dll - ok
03:21:38.0302 8056 [ BFC13E9B342052D089FB87127EF71B55 ] C:\Program Files\McAfee\MSC\oemui.dll
03:21:38.0302 8056 C:\Program Files\McAfee\MSC\oemui.dll - ok
03:21:38.0302 8056 [ DAFADB6C8E401B34BDC9C6E7A773BE37 ] C:\Program Files\McAfee\MPF\L10N.dll
03:21:38.0302 8056 C:\Program Files\McAfee\MPF\L10N.dll - ok
03:21:38.0317 8056 [ CFB2E8C127E26C1A8E0EE358AF9965F7 ] C:\Program Files\HitmanPro\HitmanPro.exe
03:21:38.0317 8056 C:\Program Files\HitmanPro\HitmanPro.exe - ok
03:21:38.0317 8056 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
03:21:38.0317 8056 C:\Windows\System32\HotStartUserAgent.dll - ok
03:21:38.0333 8056 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
03:21:38.0333 8056 C:\Windows\System32\dwm.exe - ok
03:21:38.0349 8056 [ 30CC3D27240234DA773B9A93CC163859 ] C:\Program Files\McAfee\MSC\McPrtMgrPlugin.dll
03:21:38.0349 8056 C:\Program Files\McAfee\MSC\McPrtMgrPlugin.dll - ok
03:21:38.0364 8056 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
03:21:38.0364 8056 C:\Windows\System32\dwmredir.dll - ok
03:21:38.0380 8056 [ B656A1BAA58E216AB12E8110674B91DF ] C:\Program Files\McAfee\MSC\mcoemres.dll
03:21:38.0380 8056 C:\Program Files\McAfee\MSC\mcoemres.dll - ok
03:21:38.0380 8056 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
03:21:38.0380 8056 C:\Windows\System32\dwmcore.dll - ok
03:21:38.0395 8056 [ 034295A830EDAE1196BD9FEA139FEA0D ] C:\PROGRA~1\McAfee\MSC\McAPExe.exe
03:21:38.0395 8056 C:\PROGRA~1\McAfee\MSC\McAPExe.exe - ok
03:21:38.0411 8056 [ B7A836157E857B7D1C78F87C44B2F7B4 ] C:\Program Files\McAfee\MSC\mcprlres.dll
03:21:38.0411 8056 C:\Program Files\McAfee\MSC\mcprlres.dll - ok
03:21:38.0427 8056 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe
03:21:38.0427 8056 C:\Windows\System32\taskeng.exe - ok
03:21:38.0427 8056 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
03:21:38.0427 8056 C:\Windows\explorer.exe - ok
03:21:38.0442 8056 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
03:21:38.0442 8056 C:\Windows\System32\rasadhlp.dll - ok
03:21:38.0442 8056 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
03:21:38.0442 8056 C:\Windows\System32\ExplorerFrame.dll - ok
03:21:38.0458 8056 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll
03:21:38.0458 8056 C:\Windows\System32\d3d10_1.dll - ok
03:21:38.0473 8056 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll
03:21:38.0473 8056 C:\Windows\System32\d3d10_1core.dll - ok
03:21:38.0473 8056 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll
03:21:38.0473 8056 C:\Windows\System32\dxgi.dll - ok
03:21:38.0489 8056 [ A9A8B8939ABC2BD3897991AB4479F9AD ] C:\PROGRA~1\COMMON~1\McAfee\Platform\sqlite3.dll
03:21:38.0489 8056 C:\PROGRA~1\COMMON~1\McAfee\Platform\sqlite3.dll - ok
03:21:38.0505 8056 [ 79AAC916094A479ED9573AF22F235A68 ] C:\Windows\System32\nvwgf2um.dll
03:21:38.0505 8056 C:\Windows\System32\nvwgf2um.dll - ok
03:21:38.0505 8056 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll
03:21:38.0505 8056 C:\Windows\System32\TSChannel.dll - ok
03:21:38.0520 8056 [ 4598060B33416C830F358A25BA2C5DB7 ] C:\PROGRA~1\COMMON~1\McAfee\Platform\Core\mccoreps.dll
03:21:38.0520 8056 C:\PROGRA~1\COMMON~1\McAfee\Platform\Core\mccoreps.dll - ok
03:21:38.0536 8056 [ 961C7FC5F0D6AC36DEBD4594FA7B4B67 ] C:\Program Files\UnHackMe\hackmon.exe
03:21:38.0536 8056 C:\Program Files\UnHackMe\hackmon.exe - ok
03:21:38.0551 8056 [ 1497F183693649CFC1E4E3E121C24C78 ] C:\Program Files\Glary Utilities\initialize.exe
03:21:38.0551 8056 C:\Program Files\Glary Utilities\initialize.exe - ok
03:21:38.0551 8056 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
03:21:38.0551 8056 C:\Windows\System32\EhStorShell.dll - ok
03:21:38.0567 8056 [ 0DCD17C9A3B135C61834C716A412A5BF ] C:\Program Files\Glary Utilities\rtl70.bpl
03:21:38.0567 8056 C:\Program Files\Glary Utilities\rtl70.bpl - ok
03:21:38.0567 8056 [ DE4428C4D6B468BA4CC5E47D027C3FD7 ] C:\Program Files\McAfee Online Backup\MOBKshell.dll
03:21:38.0567 8056 C:\Program Files\McAfee Online Backup\MOBKshell.dll - ok
03:21:38.0583 8056 [ 599DABD485B83B3DDBFCACFD60AC8774 ] C:\Program Files\Glary Utilities\vcl70.bpl
03:21:38.0583 8056 C:\Program Files\Glary Utilities\vcl70.bpl - ok
03:21:38.0583 8056 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
03:21:38.0583 8056 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
03:21:38.0598 8056 [ 3EC541C196DE18ED9A0D0AC82A694D4C ] C:\Windows\System32\cscui.dll
03:21:38.0598 8056 C:\Windows\System32\cscui.dll - ok
03:21:38.0614 8056 [ 07F7AE68602448F4B6D5A9A40BBA977C ] C:\Program Files\Google\Update\1.3.21.124\goopdate.dll
03:21:38.0614 8056 C:\Program Files\Google\Update\1.3.21.124\goopdate.dll - ok
03:21:38.0614 8056 [ 0A985815079198C8879E9EC8A341D425 ] C:\Program Files\Glary Utilities\VirtualTreesD7.bpl
03:21:38.0614 8056 C:\Program Files\Glary Utilities\VirtualTreesD7.bpl - ok
03:21:38.0629 8056 [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll
03:21:38.0629 8056 C:\Windows\System32\cscdll.dll - ok
03:21:38.0629 8056 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
03:21:38.0629 8056 C:\Windows\System32\cscapi.dll - ok
03:21:38.0645 8056 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll
03:21:38.0645 8056 C:\Windows\System32\ntshrui.dll - ok
03:21:38.0661 8056 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
03:21:38.0661 8056 C:\Windows\System32\IconCodecService.dll - ok
03:21:38.0661 8056 [ 9724668E0CA8F61D15D374217E128CF1 ] C:\Program Files\Glary Utilities\GUControlD7.bpl
03:21:38.0661 8056 C:\Program Files\Glary Utilities\GUControlD7.bpl - ok
03:21:38.0676 8056 [ EC828BCF0AF691DE2897F42CAA141A5C ] C:\PROGRA~1\McAfee\MPF\McMPFPPv.dll
03:21:38.0676 8056 C:\PROGRA~1\McAfee\MPF\McMPFPPv.dll - ok
03:21:38.0676 8056 [ 64B1E2AFDE820EB681323C914B584BA9 ] C:\PROGRA~1\McAfee\MPF\MpfApi.dll
03:21:38.0676 8056 C:\PROGRA~1\McAfee\MPF\MpfApi.dll - ok
03:21:38.0692 8056 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll
03:21:38.0692 8056 C:\Windows\System32\appinfo.dll - ok
03:21:38.0692 8056 [ E12C66FFD510C78731D5400EDDECD8C8 ] C:\Program Files\Glary Utilities\vclx70.bpl
03:21:38.0692 8056 C:\Program Files\Glary Utilities\vclx70.bpl - ok
03:21:38.0707 8056 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\System32\olepro32.dll
03:21:38.0707 8056 C:\Windows\System32\olepro32.dll - ok
03:21:38.0723 8056 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
03:21:38.0723 8056 C:\Windows\System32\runonce.exe - ok
03:21:38.0739 8056 [ 1AD73E570AC915547592438C37C343B1 ] C:\Program Files\Glary Utilities\lockdll.dll
03:21:38.0739 8056 C:\Program Files\Glary Utilities\lockdll.dll - ok
03:21:38.0739 8056 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\System32\hhctrl.ocx
03:21:38.0739 8056 C:\Windows\System32\hhctrl.ocx - ok
03:21:38.0754 8056 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
03:21:38.0754 8056 C:\Windows\System32\localspl.dll - ok
03:21:38.0754 8056 [ 67B20DA4727F54AEA29FDDAD810C898D ] C:\Windows\System32\drivers\cfwids.sys
03:21:38.0754 8056 C:\Windows\System32\drivers\cfwids.sys - ok
03:21:38.0770 8056 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
03:21:38.0770 8056 C:\Windows\System32\spoolss.dll - ok
03:21:38.0785 8056 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
03:21:38.0785 8056 C:\Windows\System32\drivers\bowser.sys - ok
03:21:38.0785 8056 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
03:21:38.0785 8056 C:\Windows\System32\PrintIsolationProxy.dll - ok
03:21:38.0785 8056 [ 72D371D1C4DDCE453278AFE4F37E1DE0 ] C:\Program Files\McAfee\VirusScan\McVSPP.dll
03:21:38.0785 8056 C:\Program Files\McAfee\VirusScan\McVSPP.dll - ok
03:21:38.0801 8056 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
03:21:38.0801 8056 C:\Windows\System32\drivers\mrxsmb.sys - ok
03:21:38.0817 8056 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
03:21:38.0817 8056 C:\Windows\System32\FXSMON.dll - ok
03:21:38.0817 8056 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
03:21:38.0817 8056 C:\Windows\System32\drivers\mrxsmb10.sys - ok
03:21:38.0832 8056 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
03:21:38.0832 8056 C:\Windows\System32\tcpmon.dll - ok
03:21:38.0848 8056 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
03:21:38.0848 8056 C:\Windows\System32\snmpapi.dll - ok
03:21:38.0848 8056 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
03:21:38.0848 8056 C:\Windows\System32\wsnmp32.dll - ok
03:21:38.0848 8056 [ 33B92ACBD6A23A69C21B52B4D8DF81F0 ] C:\Program Files\McAfee\VirusScan\mcvsocfg.dll
03:21:38.0848 8056 C:\Program Files\McAfee\VirusScan\mcvsocfg.dll - ok
03:21:38.0863 8056 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
03:21:38.0863 8056 C:\Windows\System32\usbmon.dll - ok
03:21:38.0879 8056 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
03:21:38.0879 8056 C:\Windows\System32\drivers\mrxsmb20.sys - ok
03:21:38.0879 8056 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
03:21:38.0879 8056 C:\Windows\System32\drivers\srvnet.sys - ok
03:21:38.0879 8056 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
03:21:38.0879 8056 C:\Windows\System32\drivers\srv2.sys - ok
03:21:38.0895 8056 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
03:21:38.0895 8056 C:\Windows\System32\WSDMon.dll - ok
03:21:38.0895 8056 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
03:21:38.0895 8056 C:\Windows\System32\WSDApi.dll - ok
03:21:38.0910 8056 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
03:21:38.0910 8056 C:\Windows\System32\drivers\srv.sys - ok
03:21:38.0910 8056 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
03:21:38.0910 8056 C:\Windows\System32\webservices.dll - ok
03:21:38.0926 8056 [ 92C4C7C7866395BE95029D5D83EF8AC1 ] C:\Program Files\McAfee\VirusScan\vsann.dll
03:21:38.0926 8056 C:\Program Files\McAfee\VirusScan\vsann.dll - ok
03:21:38.0941 8056 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
03:21:38.0941 8056 C:\Windows\System32\fundisc.dll - ok
03:21:38.0941 8056 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
03:21:38.0941 8056 C:\Windows\System32\fdPnp.dll - ok
03:21:38.0957 8056 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
03:21:38.0957 8056 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
03:21:38.0973 8056 [ 52CCA2E9FFD0653CACED1E808AADE4B6 ] C:\Windows\System32\win32spl.dll
03:21:38.0973 8056 C:\Windows\System32\win32spl.dll - ok
03:21:38.0973 8056 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
03:21:38.0973 8056 C:\Windows\System32\inetpp.dll - ok
03:21:39.0035 8056 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe
03:21:39.0035 8056 C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe - ok
03:21:39.0051 8056 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll
03:21:39.0051 8056 C:\Windows\System32\mstask.dll - ok
03:21:39.0051 8056 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
03:21:39.0051 8056 C:\Windows\System32\cmd.exe - ok
03:21:39.0066 8056 [ 3FA214B377B8711D859F950FDFEFF739 ] C:\Windows\System32\conhost.exe
03:21:39.0066 8056 C:\Windows\System32\conhost.exe - ok
03:21:39.0066 8056 [ 44BAB1FE42500CFD7FD259B10570A695 ] C:\Program Files\UnHackMe\GWebUpdate.exe
03:21:39.0066 8056 C:\Program Files\UnHackMe\GWebUpdate.exe - ok
03:21:39.0082 8056 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll
03:21:39.0082 8056 C:\Windows\System32\ieframe.dll - ok
03:21:39.0097 8056 [ 9F0B0280D1AA8F9B733AD35D7CA92ADF ] C:\Program Files\Common Files\McAfee\SystemCore\mfebopa.dll
03:21:39.0097 8056 C:\Program Files\Common Files\McAfee\SystemCore\mfebopa.dll - ok
03:21:39.0097 8056 [ 195F5D88AD5F5D385279BE06E6FB7B29 ] C:\Program Files\McAfee\VirusScan\mcvsoshl.dll
03:21:39.0097 8056 C:\Program Files\McAfee\VirusScan\mcvsoshl.dll - ok
03:21:39.0097 8056 [ E3470DECDA0A4015A0CA00ED645F2EBE ] C:\Windows\System32\drivers\mfebopk.sys
03:21:39.0097 8056 C:\Windows\System32\drivers\mfebopk.sys - ok
03:21:39.0113 8056 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll
03:21:39.0113 8056 C:\Windows\System32\shdocvw.dll - ok
03:21:39.0129 8056 [ F2B1915FC0D1DA029B1A441C4C486487 ] C:\Program Files\Common Files\McAfee\AMCore\McShieldClient.dll
03:21:39.0129 8056 C:\Program Files\Common Files\McAfee\AMCore\McShieldClient.dll - ok
03:21:39.0129 8056 [ B5E3C9AFC6508CF926A4F3106E4EC80E ] C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll
03:21:39.0129 8056 C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll - ok
03:21:39.0144 8056 [ E64585A16E4452DF3F756EC4CA809E75 ] C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll
03:21:39.0144 8056 C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll - ok
03:21:39.0160 8056 [ 4851105FD0864FEEE162955AC0AA2022 ] C:\Program Files\UnHackMe\Unhackme.exe
03:21:39.0160 8056 C:\Program Files\UnHackMe\Unhackme.exe - ok
03:21:39.0175 8056 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Phiphi\AppData\Local\temp\BC5FC8BD-2C44-4E93-A183-D3F6E4771B38.exe
03:21:39.0175 8056 C:\Users\Phiphi\AppData\Local\temp\BC5FC8BD-2C44-4E93-A183-D3F6E4771B38.exe - ok
03:21:39.0175 8056 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
03:21:39.0175 8056 C:\Windows\System32\SensApi.dll - ok
03:21:39.0191 8056 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
03:21:39.0191 8056 C:\Windows\System32\NapiNSP.dll - ok
03:21:39.0191 8056 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
03:21:39.0191 8056 C:\Windows\System32\winrnr.dll - ok
03:21:39.0207 8056 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
03:21:39.0207 8056 C:\Windows\System32\pnrpnsp.dll - ok
03:21:39.0207 8056 [ 02D08D4F73D6AF613A15A70162A7056D ] C:\ProgramData\RegRun\avgwdsvc.exe
03:21:39.0207 8056 C:\ProgramData\RegRun\avgwdsvc.exe - ok
03:21:39.0222 8056 [ 0671A791C292F46423CFE37B53D598D0 ] C:\Program Files\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
03:21:39.0222 8056 C:\Program Files\Spybot - Search & Destroy 2\SDFileScanLibrary.dll - ok
03:21:39.0238 8056 [ 9C2543A7AC524CAA63B26A16D4E3AD39 ] C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
03:21:39.0238 8056 C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl - ok
03:21:39.0238 8056 [ 5422CB64444C33F029483552A8FACE37 ] C:\Program Files\Spybot - Search & Destroy 2\vclx150.bpl
03:21:39.0238 8056 C:\Program Files\Spybot - Search & Destroy 2\vclx150.bpl - ok
03:21:39.0253 8056 [ AEB9DD47B76075B05E27874384544F39 ] C:\Program Files\Spybot - Search & Destroy 2\vclie150.bpl
03:21:39.0253 8056 C:\Program Files\Spybot - Search & Destroy 2\vclie150.bpl - ok
03:21:39.0253 8056 [ FAD9807ACDE89A34D2EB4743D57016D7 ] C:\Program Files\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
03:21:39.0253 8056 C:\Program Files\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll - ok
03:21:39.0269 8056 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll
03:21:39.0269 8056 C:\Windows\System32\wscproxystub.dll - ok
03:21:39.0285 8056 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
03:21:39.0285 8056 C:\Windows\System32\ie4uinit.exe - ok
03:21:39.0285 8056 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
03:21:39.0285 8056 C:\Windows\System32\iedkcs32.dll - ok
03:21:39.0300 8056 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl
03:21:39.0300 8056 C:\Windows\System32\timedate.cpl - ok
03:21:39.0300 8056 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
03:21:39.0300 8056 C:\Windows\System32\actxprxy.dll - ok
03:21:39.0316 8056 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
03:21:39.0316 8056 C:\Windows\System32\linkinfo.dll - ok
03:21:39.0316 8056 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
03:21:39.0316 8056 C:\Windows\System32\msftedit.dll - ok
03:21:39.0331 8056 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
03:21:39.0331 8056 C:\Windows\System32\msls31.dll - ok
03:21:39.0347 8056 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
03:21:39.0347 8056 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
03:21:39.0347 8056 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
03:21:39.0347 8056 C:\Windows\System32\DeviceCenter.dll - ok
03:21:39.0363 8056 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\System32\gameux.dll
03:21:39.0363 8056 C:\Windows\System32\gameux.dll - ok
03:21:39.0378 8056 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
03:21:39.0378 8056 C:\Windows\System32\wer.dll - ok
03:21:39.0378 8056 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
03:21:39.0378 8056 C:\Windows\System32\thumbcache.dll - ok
03:21:39.0394 8056 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
03:21:39.0394 8056 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
03:21:39.0394 8056 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
03:21:39.0394 8056 C:\Windows\System32\networkexplorer.dll - ok
03:21:39.0409 8056 [ B5A4EBA9487F08BECC843A87422B8052 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
03:21:39.0409 8056 C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe - ok
03:21:39.0409 8056 [ E83755B46C1DD2E54C4DC0871C854CBA ] C:\Program Files\Agnitum\Tauscan 1.7\Taumon.exe
03:21:39.0409 8056 C:\Program Files\Agnitum\Tauscan 1.7\Taumon.exe - ok
03:21:39.0425 8056 [ 3C8BB60D7A62EAAD779BAFA2F08427BB ] C:\Users\Phiphi\desktop\SecurityCheck.exe
03:21:39.0425 8056 C:\Users\Phiphi\desktop\SecurityCheck.exe - ok
03:21:39.0441 8056 [ 4AA01BD5CC7DA9888AF33C5FAB5BF1DD ] C:\Program Files\Spybot - Search & Destroy 2\vclimg150.bpl
03:21:39.0441 8056 C:\Program Files\Spybot - Search & Destroy 2\vclimg150.bpl - ok
03:21:39.0441 8056 [ EDAC82D0A0CC8B45ECE8A4D2DBC8B0C5 ] C:\Program Files\Agnitum\Tauscan 1.7\Taubase.dll
03:21:39.0441 8056 C:\Program Files\Agnitum\Tauscan 1.7\Taubase.dll - ok
03:21:39.0456 8056 [ 8F220DCB4AA4B2A12ECE5B87C701170D ] C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
03:21:39.0456 8056 C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl - ok
03:21:39.0472 8056 [ 0C7C1A53EA50C7D899F0E440179135B6 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
03:21:39.0472 8056 C:\Program Files\McAfee.com\Agent\mcagent.exe - ok
03:21:39.0487 8056 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\System32\mfc42.dll
03:21:39.0487 8056 C:\Windows\System32\mfc42.dll - ok
03:21:39.0487 8056 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\System32\odbc32.dll
03:21:39.0487 8056 C:\Windows\System32\odbc32.dll - ok
03:21:39.0503 8056 [ C8E94D4D3C01284B5B920D26FA5FCF64 ] C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
03:21:39.0503 8056 C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe - ok
03:21:39.0534 8056 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
03:21:39.0534 8056 C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
03:21:39.0675 8056 [ 751184DF487A1B3C95CB29B0D0069C28 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
03:21:39.0675 8056 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok
03:21:39.0675 8056 [ AA376FE53D239EC404AD28AA14F33564 ] C:\Windows\System32\srclient.dll
03:21:39.0675 8056 C:\Windows\System32\srclient.dll - ok
03:21:39.0690 8056 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\System32\odbcint.dll
03:21:39.0690 8056 C:\Windows\System32\odbcint.dll - ok
03:21:39.0706 8056 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\System32\spp.dll
03:21:39.0706 8056 C:\Windows\System32\spp.dll - ok
03:21:39.0721 8056 [ A0E86BA4B3E56C1DC277BD7CCEC555DA ] C:\Program Files\Spybot - Search & Destroy 2\SDResources.dll
03:21:39.0721 8056 C:\Program Files\Spybot - Search & Destroy 2\SDResources.dll - ok
03:21:39.0721 8056 [ C96A2A63510694AEEAEABEF31265509C ] C:\Program Files\Common Files\McAfee\Platform\mcuifw.dll
03:21:39.0721 8056 C:\Program Files\Common Files\McAfee\Platform\mcuifw.dll - ok
03:21:39.0737 8056 [ 1B2B3215F4B6B735813844AC1769E239 ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
03:21:39.0737 8056 C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe - ok
03:21:39.0737 8056 [ 477E08FE0114AFEA114FC954C983D4DB ] C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
03:21:39.0753 8056 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL - ok
03:21:39.0753 8056 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
03:21:39.0753 8056 C:\Windows\System32\stobject.dll - ok
03:21:39.0768 8056 [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
03:21:39.0768 8056 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
03:21:39.0768 8056 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
03:21:39.0768 8056 C:\Windows\System32\batmeter.dll - ok
03:21:39.0784 8056 [ 6B447F5802D67E20220BE91917F76033 ] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
03:21:39.0784 8056 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - ok
03:21:39.0784 8056 [ 497F27E279C0F921E2130BB89C1CB5CA ] C:\Program Files\Skype\Phone\Skype.exe
03:21:39.0784 8056 C:\Program Files\Skype\Phone\Skype.exe - ok
03:21:39.0799 8056 [ 780ECB0BC1C0BBAAE1B6D9E6C36BAD08 ] C:\Program Files\McAfee\MSK\MskSet.dll
03:21:39.0799 8056 C:\Program Files\McAfee\MSK\MskSet.dll - ok
03:21:39.0799 8056 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
03:21:39.0799 8056 C:\Windows\System32\prnfldr.dll - ok
03:21:39.0815 8056 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
03:21:39.0815 8056 C:\Windows\System32\DXP.dll - ok
03:21:39.0815 8056 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
03:21:39.0815 8056 C:\Windows\System32\Syncreg.dll - ok
03:21:39.0831 8056 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
03:21:39.0831 8056 C:\Windows\ehome\ehSSO.dll - ok
03:21:39.0831 8056 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\System32\d3d9.dll
03:21:39.0831 8056 C:\Windows\System32\d3d9.dll - ok
03:21:39.0846 8056 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
03:21:39.0846 8056 C:\Windows\System32\AltTab.dll - ok
03:21:39.0846 8056 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\System32\d3d8thk.dll
03:21:39.0846 8056 C:\Windows\System32\d3d8thk.dll - ok
03:21:39.0862 8056 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
03:21:39.0862 8056 C:\Windows\System32\WPDShServiceObj.dll - ok
03:21:39.0877 8056 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
03:21:39.0877 8056 C:\Windows\System32\PortableDeviceTypes.dll - ok
03:21:39.0877 8056 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll
03:21:39.0877 8056 C:\Windows\System32\mapi32.dll - ok
03:21:39.0893 8056 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
03:21:39.0893 8056 C:\Windows\System32\PortableDeviceApi.dll - ok
03:21:39.0893 8056 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
03:21:39.0893 8056 C:\Windows\System32\pnidui.dll - ok
03:21:39.0909 8056 [ 13E9240C63604F14FD1B3A0B0F66910E ] C:\Program Files\FileZilla FTP Client\fzshellext.dll
03:21:39.0909 8056 C:\Program Files\FileZilla FTP Client\fzshellext.dll - ok
03:21:39.0924 8056 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
03:21:39.0924 8056 C:\Windows\System32\srchadmin.dll - ok
03:21:39.0940 8056 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
03:21:39.0940 8056 C:\Windows\System32\wlanapi.dll - ok
03:21:39.0940 8056 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
03:21:39.0940 8056 C:\Windows\System32\SearchIndexer.exe - ok
03:21:39.0955 8056 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
03:21:39.0955 8056 C:\Windows\System32\tquery.dll - ok
03:21:39.0955 8056 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
03:21:39.0955 8056 C:\Windows\System32\rasdlg.dll - ok
03:21:39.0971 8056 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll
03:21:39.0971 8056 C:\Windows\System32\ActionCenter.dll - ok
03:21:39.0971 8056 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
03:21:39.0971 8056 C:\Windows\System32\dot3api.dll - ok
03:21:39.0987 8056 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
03:21:39.0987 8056 C:\Windows\System32\mssrch.dll - ok
03:21:40.0002 8056 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
03:21:40.0002 8056 C:\Windows\System32\wlanhlp.dll - ok
03:21:40.0002 8056 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
03:21:40.0002 8056 C:\Windows\System32\FXSST.dll - ok
03:21:40.0018 8056 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll
03:21:40.0018 8056 C:\Windows\System32\mshtml.dll - ok
03:21:40.0018 8056 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
03:21:40.0018 8056 C:\Windows\System32\FXSAPI.dll - ok
03:21:40.0033 8056 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
03:21:40.0033 8056 C:\Windows\System32\esent.dll - ok
03:21:40.0049 8056 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
03:21:40.0049 8056 C:\Windows\System32\FXSRESM.dll - ok
03:21:40.0049 8056 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
03:21:40.0049 8056 C:\Windows\System32\FXSSVC.exe - ok
03:21:40.0158 8056 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
03:21:40.0158 8056 C:\Windows\System32\WWanAPI.dll - ok
03:21:40.0158 8056 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
03:21:40.0158 8056 C:\Windows\System32\msidle.dll - ok
03:21:40.0174 8056 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
03:21:40.0174 8056 C:\Windows\System32\mssprxy.dll - ok
03:21:40.0189 8056 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
03:21:40.0189 8056 C:\Windows\System32\wwapi.dll - ok
03:21:40.0205 8056 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
03:21:40.0205 8056 C:\Windows\System32\bthprops.cpl - ok
03:21:40.0205 8056 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\79936014.sys
03:21:40.0205 8056 C:\Windows\System32\drivers\79936014.sys - ok
03:21:40.0221 8056 [ C6958AD2091238B71237D73358CEC2AB ] C:\Program Files\SUPERAntiSpyware\SSUpdate.exe
03:21:40.0221 8056 C:\Program Files\SUPERAntiSpyware\SSUpdate.exe - ok
03:21:40.0221 8056 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
03:21:40.0221 8056 C:\Windows\System32\riched20.dll - ok
03:21:40.0236 8056 [ 53683A331F8A1BB20ADD0330F1DE6388 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
03:21:40.0236 8056 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
03:21:40.0252 8056 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
03:21:40.0252 8056 C:\Windows\System32\dimsjob.dll - ok
03:21:40.0267 8056 [ EA248AFBADC47A29C2B6EB15AD611BF6 ] C:\Windows\System32\nvd3dum.dll
03:21:40.0267 8056 C:\Windows\System32\nvd3dum.dll - ok
03:21:40.0283 8056 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
03:21:40.0283 8056 C:\Windows\System32\webcheck.dll - ok
03:21:40.0283 8056 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
03:21:40.0283 8056 C:\Windows\System32\dssenh.dll - ok
03:21:40.0299 8056 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll
03:21:40.0299 8056 C:\Windows\System32\pautoenr.dll - ok
03:21:40.0299 8056 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
03:21:40.0299 8056 C:\Windows\System32\mlang.dll - ok
03:21:40.0314 8056 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
03:21:40.0314 8056 C:\Windows\System32\SyncCenter.dll - ok
03:21:40.0330 8056 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll
03:21:40.0330 8056 C:\Windows\System32\certcli.dll - ok
03:21:40.0345 8056 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll
03:21:40.0345 8056 C:\Windows\System32\CertEnroll.dll - ok
03:21:40.0345 8056 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
03:21:40.0345 8056 C:\Windows\System32\imapi2.dll - ok
03:21:40.0377 8056 [ AD0896CF6F2CD5302646EA2A19220B1C ] C:\PROGRA~1\McAfee\MSC\McGsShm.dll
03:21:40.0377 8056 C:\PROGRA~1\McAfee\MSC\McGsShm.dll - ok
03:21:40.0377 8056 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
03:21:40.0377 8056 C:\Windows\System32\hgcpl.dll - ok
03:21:40.0392 8056 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\System32\spfileq.dll
03:21:40.0392 8056 C:\Windows\System32\spfileq.dll - ok
03:21:40.0408 8056 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll
03:21:40.0408 8056 C:\Windows\System32\devenum.dll - ok
03:21:40.0408 8056 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll
03:21:40.0408 8056 C:\Windows\System32\msdmo.dll - ok
03:21:40.0423 8056 [ 9B4DD5C7508F8F75803DDF3BAA4C5139 ] C:\Program Files\SUPERAntiSpyware\SASTask.exe
03:21:40.0423 8056 C:\Program Files\SUPERAntiSpyware\SASTask.exe - ok
03:21:40.0423 8056 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\System32\avicap32.dll
03:21:40.0423 8056 C:\Windows\System32\avicap32.dll - ok
03:21:40.0439 8056 [ 48044CE5D04D7B7815A9F398398EAD35 ] C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE
03:21:40.0439 8056 C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE - ok
03:21:40.0439 8056 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\System32\msvfw32.dll
03:21:40.0439 8056 C:\Windows\System32\msvfw32.dll - ok
03:21:40.0455 8056 [ CF3D048A7975936877D6717D7513553D ] C:\Program Files\SUPERAntiSpyware\Uninstall.exe
03:21:40.0455 8056 C:\Program Files\SUPERAntiSpyware\Uninstall.exe - ok
03:21:40.0470 8056 [ 8911702CC546B76FE8F9C61987C68C43 ] C:\Program Files\Internet Explorer\ielowutil.exe
03:21:40.0470 8056 C:\Program Files\Internet Explorer\ielowutil.exe - ok
03:21:40.0470 8056 [ 62CBF36E3E10BAA74224BC7A6DD998B5 ] C:\Program Files\Internet Explorer\ieproxy.dll
03:21:40.0470 8056 C:\Program Files\Internet Explorer\ieproxy.dll - ok
03:21:40.0486 8056 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
03:21:40.0486 8056 C:\Windows\System32\msxml3.dll - ok
03:21:40.0782 8056 ============================================================
03:21:40.0782 8056 Scan finished
03:21:40.0782 8056 ============================================================
03:21:40.0798 8048 Detected object count: 1
03:21:40.0798 8048 Actual detected object count: 1
03:22:55.0054 8048 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
03:22:55.0054 8048 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#9
Sangoino
Posted 24 January 2013 - 04:11 AM

Sangoino

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
it that normal , I have THE files Phiphi On desktop ?

Edited by Sangoino, 24 January 2013 - 04:13 AM.

  • 0

#10
blmadara
Posted 24 January 2013 - 01:06 PM

blmadara

    Trusted Helper

  • Malware Removal
  • 767 posts
Hi Sangoino,

it that normal , I have THE files Phiphi On desktop ?

Can you tell me what the complete file names are?

Step One: Multiple Anti-Virus Programs
I see that you are running more than 1 anti-virus program (McAfee & PC Tools). Running multiple anti-virus programs can actually leave you more vulnerable to infection as the programs can conflict with one another. In addition to this they can also slow your computer down. I recommend you keep McAfee if the subscription is paid and up to date, otherwise keep PCTools.

Step Two: Multiple Spyware Programs
I see that you are running more than 1 anti-spyware program (Spyware Dr. & Spybot ). Running multiple anti-spyware programs can actually leave you more vulnerable to infection as the programs can conflict with one another. In addition to this they can also slow your computer down. I recommend you keep Spyware Dr. if you decided to keep the PC Tools anti-virus program.

Step Three: OTL Scan
Run OTL
  • Please select the Scan All Users checkbox.
  • Then click the Run Scan button at the top
  • Let the program run unhindered, until it is done
  • Post the log it produces in your next reply.
Step Four: Malwarebyte's Anti-Malware
  • Run Malwarebytes' Anti-Malware.
  • Select the Update tab.
  • Select the Check for Updates button.
  • Select the Scanner tab.
  • Select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step Five: ESET Online Scanner
Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer running in admin mode for this scan. To do this right click on Internet Explorer and pick Run as administrator.
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the option Remove found threats is not checked.
  • Make sure that the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Step Six: Symptoms
Let me know what problems are remaining.

What I need in your next post:
1. The OTL log, OTL.txt.
2. The MBAM report.
3. The ESET Online Scanner log, C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt.
4. Let me know if there are any remaining problems with your computer.
  • 0

Advertisements

#11
Sangoino
Posted 25 January 2013 - 07:11 PM

Sangoino

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
OTL logfile created on: 26/01/2013 01:39:40 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Phiphi\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,75 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 52,78% Memory free
5,50 Gb Paging File | 4,03 Gb Available in Paging File | 73,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 210,32 Gb Free Space | 90,35% Space Free | Partition Type: NTFS

Computer Name: PHIPHICOMPUTER | User Name: Phiphi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/25 12:04:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Phiphi\Downloads\OTL.exe
PRC - [2013/01/16 21:09:18 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/01/16 11:30:32 | 003,283,504 | ---- | M] (mIRC Co. Ltd.) -- C:\Tgl0beSCRIPT\mirc.exe
PRC - [2012/12/25 13:06:12 | 000,595,216 | ---- | M] (Greatis Software) -- C:\Program Files\UnHackMe\hackmon.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/07 10:30:28 | 001,926,496 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
PRC - [2012/12/07 10:30:26 | 001,723,744 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
PRC - [2012/12/06 12:04:24 | 000,656,576 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/11/09 06:53:22 | 000,167,344 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2012/11/09 06:50:10 | 000,168,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2012/10/19 09:49:52 | 000,513,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MAT\McPvTray.exe
PRC - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
PRC - [2012/10/07 03:12:36 | 000,252,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
PRC - [2012/10/06 07:28:42 | 000,632,344 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/07/04 20:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/16 21:09:33 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2010/07/04 22:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010/07/04 22:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2010/07/04 20:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/01/09 10:46:28 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/07 10:30:26 | 001,723,744 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/11/22 04:40:54 | 000,279,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/11/09 06:53:22 | 000,167,344 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2012/11/09 06:50:10 | 000,168,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012/10/07 03:13:42 | 000,184,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV - [2012/10/06 07:28:42 | 000,632,344 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/29 03:21:04 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Disabled | Stopped] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - [2013/01/25 10:16:36 | 000,028,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ERKRmvrDrv.sys -- (ERmvrDrv)
DRV - [2013/01/17 20:36:18 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\Partizan.sys -- (Partizan)
DRV - [2013/01/17 20:32:54 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/01/03 04:03:29 | 000,024,416 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\regguard.sys -- (RegGuard)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/11/16 16:38:46 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012/11/09 06:56:16 | 000,060,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2012/11/09 06:53:32 | 000,210,136 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2012/11/09 06:51:12 | 000,565,352 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/11/09 06:50:20 | 000,362,640 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/11/09 06:50:00 | 000,065,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/11/09 06:49:40 | 000,234,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/11/09 06:49:10 | 000,132,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/11/02 01:46:50 | 000,252,200 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfencbdc.sys -- (mfencbdc)
DRV - [2012/11/02 01:46:50 | 000,081,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfencrk.sys -- (mfencrk)
DRV - [2012/10/19 09:51:44 | 000,065,856 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\McPvDrv.sys -- (McPvDrv)
DRV - [2012/06/20 09:43:02 | 002,957,312 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2012/05/28 10:28:04 | 000,147,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/07/04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/04/13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2010/03/22 18:29:08 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2010/03/04 18:26:56 | 000,296,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009/12/30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/07/23 21:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/04/29 03:20:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2009/04/01 10:45:50 | 000,205,304 | ---- | M] (CA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2009/04/01 10:45:50 | 000,073,720 | ---- | M] (CA) [File_System | System | Running] -- C:\Windows\System32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\..\SearchScopes,DefaultScope = {FF8B45AD-A24E-4BDF-925D-84D7CB34C674}
IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\..\SearchScopes\{3FEEF7C3-790E-4746-835A-255AC07C54C5}: "URL" = http://fr.search.yah...p={SearchTerms}
IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\..\SearchScopes\{FF8B45AD-A24E-4BDF-925D-84D7CB34C674}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.3
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: "http://fr.search.yah...h?fr=mcafee&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/01/24 10:14:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/19 14:11:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2013/01/24 01:32:20 | 000,000,000 | ---D | M]

[2013/01/03 02:56:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Phiphi\AppData\Roaming\Mozilla\Extensions
[2013/01/23 04:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Phiphi\AppData\Roaming\Mozilla\Firefox\Profiles\nksnsrs7.default\extensions
[2013/01/19 07:46:02 | 000,533,221 | ---- | M] () (No name found) -- C:\Users\Phiphi\AppData\Roaming\Mozilla\Firefox\Profiles\nksnsrs7.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/01/03 02:56:49 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Phiphi\AppData\Roaming\Mozilla\Firefox\Profiles\nksnsrs7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/19 14:11:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/24 10:14:46 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2013/01/16 21:10:14 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/01/17 00:47:45 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2013/01/17 00:47:45 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/01/17 00:47:46 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2013/01/17 00:47:46 | 000,001,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2013/01/24 02:11:32 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2013/01/17 00:47:46 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2013/01/17 00:47:46 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - Extension: Docs = C:\Users\Phiphi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google\u00A0Drive = C:\Users\Phiphi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Phiphi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Recherche Google = C:\Users\Phiphi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Users\Phiphi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: Gmail = C:\Users\Phiphi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/01/25 13:40:02 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-3059339421-2526555134-805201127-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3059339421-2526555134-805201127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70C755C4-E6C1-45DD-84B9-E333F357EE1E}: NameServer = 109.0.66.10,109.0.66.20
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - (UmxWnp.Dll) - C:\Windows\System32\UmxWNP.dll (CA)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/01/11 12:20:54 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/25 17:47:58 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Google
[2013/01/25 07:04:38 | 000,000,000 | ---D | C] -- C:\UsbFix
[2013/01/25 06:51:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/25 06:19:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2013/01/25 06:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2013/01/25 06:19:04 | 003,826,981 | ---- | C] (Nicolas Coolman ) -- C:\Users\Phiphi\Desktop\ZHPDiag2.exe
[2013/01/25 06:16:00 | 000,000,000 | ---D | C] -- C:\ZHP
[2013/01/25 06:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHPFix 1.3
[2013/01/25 06:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPFix
[2013/01/25 06:15:31 | 001,759,834 | ---- | C] (Nicolas Coolman ) -- C:\Users\Phiphi\Desktop\ZHPFix.exe
[2013/01/25 03:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
[2013/01/25 02:47:35 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2013/01/25 02:47:35 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2013/01/25 02:47:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013/01/25 02:46:25 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\TuneUp Software
[2013/01/25 02:45:55 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013
[2013/01/25 02:44:32 | 028,604,832 | ---- | C] (TuneUp Software) -- C:\Users\Phiphi\Desktop\TuneUpUtilities2013_fr-FR.exe
[2013/01/24 22:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/24 21:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/24 21:53:34 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/01/24 21:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/24 18:06:27 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/01/24 18:04:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/01/24 15:38:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013/01/24 15:38:36 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/01/24 14:31:22 | 000,108,544 | ---- | C] (Tigzy) -- C:\Users\Phiphi\Desktop\LogAnalyseur.exe
[2013/01/24 05:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013/01/24 05:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\KeyScrambler
[2013/01/24 01:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\McAfeeMOBK
[2013/01/24 01:32:41 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Online Backup
[2013/01/24 01:32:37 | 000,054,776 | ---- | C] (Mozy, Inc.) -- C:\Windows\System32\drivers\MOBK.sys
[2013/01/24 01:32:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013/01/24 01:32:33 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Online Backup
[2013/01/24 01:32:21 | 000,147,472 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2013/01/24 01:32:11 | 000,065,856 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\McPvDrv.sys
[2013/01/24 01:32:10 | 000,000,000 | R-SD | C] -- C:\Users\Phiphi\Documents\Coffres-forts McAfee
[2013/01/24 01:32:10 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\McAfee File Lock
[2013/01/24 01:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/01/24 01:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2013/01/24 01:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2013/01/24 01:09:34 | 000,167,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
[2013/01/24 01:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2013/01/24 01:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/01/23 16:57:26 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/01/23 16:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/01/23 06:10:32 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Phiphi\Desktop\TFC.exe
[2013/01/23 05:03:21 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.001
[2013/01/23 05:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\Agnitum
[2013/01/23 05:03:20 | 000,278,581 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000
[2013/01/23 04:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/01/23 04:30:50 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/01/23 04:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/01/23 02:48:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RegRunInfo
[2013/01/23 02:48:39 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\Documents\RegRun2
[2013/01/22 17:48:58 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\temp
[2013/01/22 17:34:47 | 000,000,000 | ---D | C] -- C:\COLOM
[2013/01/22 16:56:08 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2013/01/22 16:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/01/22 16:30:28 | 000,000,000 | ---D | C] -- C:\NST
[2013/01/22 15:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
[2013/01/22 03:53:41 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Web CEO
[2013/01/21 17:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\WinMHR
[2013/01/20 20:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/01/20 20:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/01/20 20:54:12 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2013/01/20 20:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013/01/19 13:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/01/19 13:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\mozilla.org
[2013/01/18 08:08:42 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2013/01/18 03:08:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013/01/17 20:36:18 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2013/01/17 20:36:10 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\System32\drivers\UnHackMeDrv.sys
[2013/01/17 20:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
[2013/01/17 20:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2013/01/17 20:35:57 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\Documents\unhackme
[2013/01/17 20:33:15 | 000,026,984 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/01/17 18:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2013/01/17 10:05:17 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\PhotoFiltre Studio X
[2013/01/17 10:05:11 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
[2013/01/17 10:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
[2013/01/17 10:05:08 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre Studio X
[2013/01/15 18:02:07 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2013/01/15 17:24:34 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Wise Registry Cleaner
[2013/01/15 17:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2013/01/15 17:24:22 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2013/01/12 18:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
[2013/01/12 11:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
[2013/01/12 11:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN
[2013/01/11 17:34:55 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\FileZilla
[2013/01/11 17:34:48 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013/01/11 13:49:07 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/01/10 20:41:31 | 000,000,000 | R--D | C] -- C:\Autorun.inf
[2013/01/10 04:41:34 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013/01/10 04:41:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/01/10 04:41:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/10 04:41:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/10 04:41:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/01/10 04:41:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/10 04:41:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/10 04:41:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/10 04:41:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/01/10 04:41:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/01/10 04:41:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/10 04:41:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/01/10 04:41:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/10 04:41:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/10 04:41:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/10 04:41:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/01/10 04:41:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/10 04:41:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/01/10 04:41:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/01/10 04:41:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013/01/10 04:41:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/01/10 04:41:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/01/10 04:41:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/01/10 04:41:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/01/10 04:41:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/10 04:41:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/10 04:41:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/10 04:41:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/01/10 04:41:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/10 04:41:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013/01/10 04:40:54 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2013/01/10 04:40:54 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2013/01/10 04:40:54 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2013/01/10 04:40:54 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2013/01/10 04:40:54 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2013/01/10 04:40:54 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2013/01/10 04:40:53 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013/01/10 04:40:53 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013/01/10 04:40:53 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2013/01/10 04:40:53 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013/01/10 04:40:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2013/01/10 04:40:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2013/01/10 04:40:51 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013/01/10 04:40:50 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2013/01/10 04:40:50 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2013/01/10 04:40:50 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2013/01/09 14:39:29 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/01/09 14:38:13 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013/01/09 14:38:08 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013/01/09 11:50:38 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Palringo
[2013/01/09 11:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\Palringo
[2013/01/09 11:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
[2013/01/09 11:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\Dll-Files.com Fixer
[2013/01/09 06:38:13 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\SUPERAntiSpyware.com
[2013/01/09 05:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/01/08 20:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoveIT Pro 2012 Enterprise
[2013/01/08 16:35:09 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2013/01/08 16:29:10 | 000,202,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2013/01/08 16:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2013/01/08 16:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2013/01/08 16:23:33 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/01/08 14:57:28 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013/01/08 14:57:27 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Windows\System32\KeyHelp.ocx
[2013/01/08 14:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Scanner
[2013/01/08 14:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2013/01/08 08:03:40 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Macromedia
[2013/01/08 07:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2013/01/08 07:24:37 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\GlarySoft
[2013/01/08 07:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2013/01/08 06:05:40 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Skype
[2013/01/08 06:05:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/01/08 06:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/01/08 06:05:29 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/01/08 06:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/01/07 19:16:10 | 000,000,000 | R--D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/01/07 19:16:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/01/07 14:41:36 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Web CEO
[2013/01/07 14:41:10 | 000,453,632 | ---- | C] (Borland International) -- C:\Windows\System32\stdvcl40.dll
[2013/01/07 06:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/01/06 06:12:02 | 000,000,000 | ---D | C] -- C:\Program Files\InCode Solutions
[2013/01/05 08:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/01/05 07:45:20 | 000,000,000 | ---D | C] -- C:\Program Files\SecurityXploded
[2013/01/04 14:34:02 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013/01/04 14:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013/01/04 13:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013/01/04 13:53:48 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2013/01/04 13:53:12 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
[2013/01/04 13:51:44 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013/01/04 13:51:44 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/01/04 13:51:44 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2013/01/04 13:51:44 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2013/01/04 13:51:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2013/01/04 13:50:11 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/01/04 13:50:05 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2013/01/04 13:50:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2013/01/04 09:27:00 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/01/04 05:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC
[2013/01/04 03:16:07 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\VS Revo Group
[2013/01/04 03:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/01/03 18:39:37 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vb6fr.dll
[2013/01/03 16:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/01/03 16:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/01/03 13:54:56 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\WinRAR
[2013/01/03 13:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/01/03 13:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/01/03 13:10:12 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/01/03 13:10:11 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/01/03 13:10:01 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/01/03 13:09:44 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2013/01/03 13:09:43 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2013/01/03 12:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/01/03 11:53:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013/01/03 11:53:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013/01/03 11:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/01/03 11:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2013/01/03 11:38:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2013/01/03 11:38:53 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/01/03 11:38:52 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2013/01/03 11:38:52 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2013/01/03 11:38:49 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2013/01/03 11:38:47 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2013/01/03 11:38:47 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2013/01/03 11:38:45 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2013/01/03 11:38:43 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2013/01/03 11:38:41 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2013/01/03 11:38:39 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2013/01/03 11:38:39 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2013/01/03 11:38:35 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2013/01/03 11:38:35 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2013/01/03 11:38:35 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2013/01/03 11:38:33 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2013/01/03 11:38:32 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2013/01/03 11:38:29 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2013/01/03 11:38:26 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2013/01/03 11:38:24 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2013/01/03 11:38:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe
[2013/01/03 11:38:21 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2013/01/03 11:38:21 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2013/01/03 11:38:21 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2013/01/03 11:38:20 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2013/01/03 11:38:19 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2013/01/03 11:38:18 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2013/01/03 11:38:17 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2013/01/03 11:38:17 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2013/01/03 11:38:15 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2013/01/03 11:38:14 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/01/03 11:38:13 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013/01/03 11:38:12 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2013/01/03 11:38:10 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2013/01/03 11:38:10 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2013/01/03 11:38:10 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2013/01/03 11:38:09 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013/01/03 11:38:09 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2013/01/03 11:38:09 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2013/01/03 11:38:08 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2013/01/03 11:38:08 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2013/01/03 11:38:07 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2013/01/03 11:38:07 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2013/01/03 11:38:06 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2013/01/03 11:38:06 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2013/01/03 11:38:06 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2013/01/03 11:38:06 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/01/03 11:38:05 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2013/01/03 11:38:05 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2013/01/03 11:38:04 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2013/01/03 11:38:03 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2013/01/03 11:38:03 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll
[2013/01/03 11:38:02 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2013/01/03 11:38:02 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2013/01/03 11:38:01 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2013/01/03 11:38:01 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2013/01/03 11:38:01 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2013/01/03 11:38:01 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2013/01/03 11:37:59 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2013/01/03 11:37:59 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013/01/03 11:37:59 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2013/01/03 11:37:59 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2013/01/03 11:37:59 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2013/01/03 11:37:58 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2013/01/03 11:37:57 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2013/01/03 11:37:57 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2013/01/03 11:37:57 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2013/01/03 11:37:56 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2013/01/03 11:37:56 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2013/01/03 11:37:55 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2013/01/03 11:37:55 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2013/01/03 11:37:53 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2013/01/03 11:37:52 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2013/01/03 11:37:51 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2013/01/03 11:37:51 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2013/01/03 11:37:51 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2013/01/03 11:37:51 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2013/01/03 11:37:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2013/01/03 11:37:50 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2013/01/03 11:37:50 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2013/01/03 11:37:50 | 000,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmbus.sys
[2013/01/03 11:37:50 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2013/01/03 11:37:49 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2013/01/03 11:37:49 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2013/01/03 11:37:48 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2013/01/03 11:37:48 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2013/01/03 11:37:48 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013/01/03 11:37:48 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013/01/03 11:37:47 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2013/01/03 11:37:47 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2013/01/03 11:37:46 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2013/01/03 11:37:46 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2013/01/03 11:37:46 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll
[2013/01/03 11:37:46 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2013/01/03 11:37:46 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll
[2013/01/03 11:37:46 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2013/01/03 11:37:45 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2013/01/03 11:37:45 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicsvc.exe
[2013/01/03 11:37:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2013/01/03 11:37:44 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
[2013/01/03 11:37:43 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2013/01/03 11:37:43 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2013/01/03 11:37:42 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2013/01/03 11:37:42 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2013/01/03 11:37:41 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2013/01/03 11:37:41 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2013/01/03 11:37:39 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2013/01/03 11:37:39 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2013/01/03 11:37:38 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2013/01/03 11:37:37 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2013/01/03 11:37:37 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2013/01/03 11:37:37 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2013/01/03 11:37:37 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2013/01/03 11:37:36 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2013/01/03 11:37:36 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2013/01/03 11:37:36 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2013/01/03 11:37:36 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2013/01/03 11:37:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2013/01/03 11:37:35 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2013/01/03 11:37:35 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2013/01/03 11:37:35 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2013/01/03 11:37:35 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2013/01/03 11:37:35 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2013/01/03 11:37:34 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2013/01/03 11:37:34 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2013/01/03 11:37:34 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2013/01/03 11:37:34 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2013/01/03 11:37:34 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2013/01/03 11:37:34 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2013/01/03 11:37:34 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2013/01/03 11:37:33 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2013/01/03 11:37:32 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2013/01/03 11:37:32 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2013/01/03 11:37:32 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2013/01/03 11:37:31 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2013/01/03 11:37:31 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2013/01/03 11:37:30 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2013/01/03 11:37:29 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2013/01/03 11:37:29 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2013/01/03 11:37:29 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013/01/03 11:37:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2013/01/03 11:37:28 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2013/01/03 11:37:28 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2013/01/03 11:37:27 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2013/01/03 11:37:26 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2013/01/03 11:37:25 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2013/01/03 11:37:25 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2013/01/03 11:37:24 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2013/01/03 11:37:24 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2013/01/03 11:37:24 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2013/01/03 11:37:24 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2013/01/03 11:37:23 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2013/01/03 11:37:23 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2013/01/03 11:37:23 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2013/01/03 11:37:23 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2013/01/03 11:37:23 | 000,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winhv.sys
[2013/01/03 11:37:22 | 000,040,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmstorfl.sys
[2013/01/03 11:37:21 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2013/01/03 11:37:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2013/01/03 11:37:21 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2013/01/03 11:37:21 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2013/01/03 11:37:21 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2013/01/03 11:37:21 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2013/01/03 11:37:20 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2013/01/03 11:37:20 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storvsc.sys
[2013/01/03 11:37:19 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2013/01/03 11:37:19 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2013/01/03 11:37:19 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2013/01/03 11:37:19 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013/01/03 11:37:18 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2013/01/03 11:37:17 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2013/01/03 11:37:17 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2013/01/03 11:37:15 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2013/01/03 11:37:15 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2013/01/03 11:37:15 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2013/01/03 11:37:15 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2013/01/03 11:37:15 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2013/01/03 11:37:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2013/01/03 11:37:14 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2013/01/03 11:37:14 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2013/01/03 11:37:14 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2013/01/03 11:37:14 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013/01/03 11:37:14 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2013/01/03 11:37:14 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2013/01/03 11:37:14 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2013/01/03 11:37:13 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2013/01/03 11:37:13 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2013/01/03 11:37:13 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2013/01/03 11:37:13 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2013/01/03 11:37:13 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2013/01/03 11:37:13 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2013/01/03 11:37:13 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2013/01/03 11:37:12 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2013/01/03 11:37:12 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2013/01/03 11:37:12 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2013/01/03 11:37:11 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2013/01/03 11:37:11 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2013/01/03 11:37:11 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2013/01/03 11:37:11 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2013/01/03 11:37:11 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2013/01/03 11:37:10 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2013/01/03 11:37:10 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2013/01/03 11:37:10 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2013/01/03 11:37:10 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2013/01/03 11:37:10 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2013/01/03 11:37:09 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2013/01/03 11:37:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2013/01/03 11:37:09 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2013/01/03 11:37:09 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2013/01/03 11:37:09 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2013/01/03 11:37:09 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2013/01/03 11:37:09 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2013/01/03 11:37:09 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2013/01/03 11:37:08 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2013/01/03 11:37:08 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2013/01/03 11:37:08 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2013/01/03 11:37:08 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2013/01/03 11:37:08 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2013/01/03 11:37:08 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2013/01/03 11:37:08 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2013/01/03 11:37:08 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2013/01/03 11:37:08 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2013/01/03 11:37:08 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013/01/03 11:37:08 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2013/01/03 11:37:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2013/01/03 11:37:07 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2013/01/03 11:37:07 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2013/01/03 11:37:07 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2013/01/03 11:37:07 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2013/01/03 11:37:07 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2013/01/03 11:37:07 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2013/01/03 11:37:06 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2013/01/03 11:37:06 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2013/01/03 11:37:06 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2013/01/03 11:37:06 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2013/01/03 11:37:05 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2013/01/03 11:37:05 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2013/01/03 11:37:05 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2013/01/03 11:37:05 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2013/01/03 11:37:04 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2013/01/03 11:37:04 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2013/01/03 11:37:04 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2013/01/03 11:37:04 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2013/01/03 11:37:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2013/01/03 11:37:04 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2013/01/03 11:37:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2013/01/03 11:37:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2013/01/03 11:37:02 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2013/01/03 11:37:02 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2013/01/03 11:37:02 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2013/01/03 11:37:02 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2013/01/03 11:37:02 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2013/01/03 11:37:02 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2013/01/03 11:37:01 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2013/01/03 11:37:01 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2013/01/03 11:37:01 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2013/01/03 11:37:01 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2013/01/03 11:37:00 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2013/01/03 11:37:00 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2013/01/03 11:37:00 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2013/01/03 11:37:00 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2013/01/03 11:37:00 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2013/01/03 11:36:59 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2013/01/03 11:36:59 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2013/01/03 11:36:59 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2013/01/03 11:36:59 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2013/01/03 11:36:59 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2013/01/03 11:36:59 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2013/01/03 11:36:58 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AdmTmpl.dll
[2013/01/03 11:36:57 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2013/01/03 11:36:56 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2013/01/03 11:36:56 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2013/01/03 11:36:55 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2013/01/03 11:36:55 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2013/01/03 11:36:54 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2013/01/03 11:36:53 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2013/01/03 11:36:53 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2013/01/03 11:36:53 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2013/01/03 11:36:53 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2013/01/03 11:36:53 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2013/01/03 11:36:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2013/01/03 11:36:52 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2013/01/03 11:36:52 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2013/01/03 11:36:52 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2013/01/03 11:36:50 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2013/01/03 11:36:50 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2013/01/03 11:36:49 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2013/01/03 11:36:49 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2013/01/03 11:36:49 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2013/01/03 11:36:49 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2013/01/03 11:36:49 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2013/01/03 11:36:48 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2013/01/03 11:36:48 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2013/01/03 11:36:48 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2013/01/03 11:36:47 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2013/01/03 11:36:47 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2013/01/03 11:36:47 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2013/01/03 11:36:47 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2013/01/03 11:36:47 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2013/01/03 11:36:47 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2013/01/03 11:36:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2013/01/03 11:36:46 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2013/01/03 11:36:46 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2013/01/03 11:36:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2013/01/03 11:36:46 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2013/01/03 11:36:45 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2013/01/03 11:36:45 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2013/01/03 11:36:44 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2013/01/03 11:36:44 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2013/01/03 11:36:43 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2013/01/03 11:36:43 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2013/01/03 11:36:43 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2013/01/03 11:36:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2013/01/03 11:36:42 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2013/01/03 11:36:42 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2013/01/03 11:36:42 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2013/01/03 11:36:42 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2013/01/03 11:36:42 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2013/01/03 11:36:42 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2013/01/03 11:36:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2013/01/03 11:36:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2013/01/03 11:36:41 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2013/01/03 11:36:41 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2013/01/03 11:36:41 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2013/01/03 11:36:40 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2013/01/03 11:36:40 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2013/01/03 11:36:40 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2013/01/03 11:36:40 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2013/01/03 11:36:40 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2013/01/03 11:36:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2013/01/03 11:36:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2013/01/03 11:36:40 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2013/01/03 11:36:40 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2013/01/03 11:36:40 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013/01/03 11:36:39 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2013/01/03 11:36:39 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/01/03 11:36:39 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2013/01/03 11:36:39 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2013/01/03 11:36:39 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2013/01/03 11:36:39 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2013/01/03 11:36:39 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2013/01/03 11:36:39 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2013/01/03 11:36:39 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2013/01/03 11:36:39 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2013/01/03 11:36:39 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2013/01/03 11:36:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013/01/03 11:36:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2013/01/03 11:36:38 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2013/01/03 11:36:38 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2013/01/03 11:36:38 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2013/01/03 11:36:38 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2013/01/03 11:36:38 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2013/01/03 11:36:38 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2013/01/03 11:36:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2013/01/03 11:36:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013/01/03 11:36:37 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2013/01/03 11:36:37 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2013/01/03 11:36:37 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2013/01/03 11:36:37 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2013/01/03 11:36:37 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2013/01/03 11:36:37 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2013/01/03 11:36:36 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2013/01/03 11:36:36 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2013/01/03 11:36:36 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2013/01/03 11:36:36 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2013/01/03 11:36:36 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe
[2013/01/03 11:36:35 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2013/01/03 11:36:35 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2013/01/03 11:36:35 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2013/01/03 11:36:35 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2013/01/03 11:36:35 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2013/01/03 11:36:35 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2013/01/03 11:36:35 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2013/01/03 11:36:35 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2013/01/03 11:36:35 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2013/01/03 11:36:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe
[2013/01/03 11:36:34 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2013/01/03 11:36:34 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2013/01/03 11:36:34 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2013/01/03 11:36:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2013/01/03 11:36:34 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe
[2013/01/03 11:36:34 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe
[2013/01/03 11:36:33 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2013/01/03 11:36:33 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2013/01/03 11:36:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2013/01/03 11:36:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2013/01/03 11:36:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2013/01/03 11:36:33 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2013/01/03 11:36:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2013/01/03 11:36:33 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2013/01/03 11:36:33 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe
[2013/01/03 11:36:32 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2013/01/03 11:36:32 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2013/01/03 11:36:32 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2013/01/03 11:36:32 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2013/01/03 11:36:32 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2013/01/03 11:36:32 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2013/01/03 11:36:32 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2013/01/03 11:36:32 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2013/01/03 11:36:32 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2013/01/03 11:36:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2013/01/03 11:36:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe
[2013/01/03 11:36:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe
[2013/01/03 11:36:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe
[2013/01/03 11:36:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe
[2013/01/03 11:36:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe
[2013/01/03 11:36:32 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2013/01/03 11:36:32 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2013/01/03 11:36:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2013/01/03 11:36:31 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2013/01/03 11:36:31 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2013/01/03 11:36:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2013/01/03 11:36:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2013/01/03 11:36:31 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2013/01/03 11:36:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2013/01/03 11:36:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2013/01/03 11:36:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe
[2013/01/03 11:36:31 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2013/01/03 11:36:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe
[2013/01/03 11:36:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe
[2013/01/03 11:36:30 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2013/01/03 11:36:30 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2013/01/03 11:36:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2013/01/03 11:36:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2013/01/03 11:36:30 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2013/01/03 11:36:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2013/01/03 11:36:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe
[2013/01/03 11:36:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2013/01/03 11:36:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2013/01/03 11:36:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2013/01/03 11:36:29 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2013/01/03 11:36:29 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicres.dll
[2013/01/03 11:36:29 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2013/01/03 11:36:29 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2013/01/03 11:36:29 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmstorfltres.dll
[2013/01/03 11:36:29 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2013/01/03 11:36:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2013/01/03 11:36:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2013/01/03 11:36:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2013/01/03 11:36:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2013/01/03 11:36:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2013/01/03 11:36:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe
[2013/01/03 11:36:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe
[2013/01/03 11:36:29 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe
[2013/01/03 11:36:28 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2013/01/03 11:36:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbusres.dll
[2013/01/03 11:36:28 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2013/01/03 11:36:28 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2013/01/03 11:36:27 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2013/01/03 11:36:27 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2013/01/03 11:36:27 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2013/01/03 11:36:27 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2013/01/03 11:36:27 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2013/01/03 11:36:27 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2013/01/03 11:36:26 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2013/01/03 11:36:26 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2013/01/03 11:36:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2013/01/03 11:36:26 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2013/01/03 11:36:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2013/01/03 11:36:26 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2013/01/03 11:36:25 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VMBusHID.sys
[2013/01/03 11:36:25 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2013/01/03 11:36:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2013/01/03 11:36:23 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmbusCoinstaller.dll
[2013/01/03 11:36:23 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmdCoinstall.dll
[2013/01/03 11:36:23 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IcCoinstall.dll
[2013/01/03 11:36:23 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmictimeprovider.dll
[2013/01/03 11:36:23 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2013/01/03 11:36:23 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2013/01/03 11:36:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbuspipe.dll
[2013/01/03 11:36:23 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2013/01/03 11:36:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2013/01/03 11:36:22 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2013/01/03 11:36:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2013/01/03 11:36:22 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2013/01/03 11:36:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2013/01/03 11:36:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2013/01/03 11:36:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2013/01/03 11:36:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2013/01/03 11:36:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2013/01/03 11:36:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2013/01/03 11:36:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2013/01/03 11:36:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2013/01/03 11:36:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2013/01/03 11:36:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2013/01/03 11:36:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2013/01/03 11:36:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2013/01/03 11:36:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2013/01/03 11:36:19 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2013/01/03 11:36:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2013/01/03 11:36:19 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2013/01/03 11:36:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2013/01/03 11:36:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2013/01/03 11:36:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2013/01/03 11:36:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vms3cap.sys
[2013/01/03 11:36:03 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2013/01/03 11:35:50 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2013/01/03 11:35:46 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2013/01/03 11:07:16 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tgl0beSCRIPT
[2013/01/03 11:07:12 | 000,000,000 | ---D | C] -- C:\Tgl0beSCRIPT
[2013/01/03 10:40:26 | 000,000,000 | ---D | C] -- C:\SwSetup
[2013/01/03 09:51:14 | 000,000,000 | ---D | C] -- C:\7698362944e3bce615293560178288
[2013/01/03 07:03:58 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2013/01/03 07:03:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2013/01/03 07:02:45 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2013/01/03 07:02:44 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2013/01/03 07:02:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2013/01/03 04:39:17 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2013/01/03 04:39:17 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2013/01/03 04:23:54 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2013/01/03 04:23:28 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/01/03 04:22:54 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/01/03 04:22:47 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2013/01/03 04:22:32 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013/01/03 04:22:05 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2013/01/03 04:22:04 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2013/01/03 04:22:04 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2013/01/03 04:22:03 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2013/01/03 04:22:03 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2013/01/03 04:22:03 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2013/01/03 04:22:01 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2013/01/03 04:22:00 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2013/01/03 04:21:58 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013/01/03 04:21:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2013/01/03 04:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/01/03 04:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/01/03 04:03:29 | 000,024,416 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\regguard.sys
[2013/01/03 03:55:43 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Malwarebytes
[2013/01/03 03:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/03 03:50:14 | 000,000,000 | ---D | C] -- C:\Windows\patchdir
[2013/01/03 02:55:59 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Mozilla
[2013/01/03 02:55:59 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Local\Mozilla
[2013/01/03 02:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/01/03 02:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/02 20:42:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/01/02 18:40:28 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Macromedia
[2013/01/02 18:40:27 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\Adobe
[2013/01/02 18:39:11 | 000,697,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/02 18:39:11 | 000,074,248 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/02 18:39:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2013/01/02 18:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/01/02 17:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2013/01/02 17:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2013/01/02 17:43:09 | 000,000,000 | ---D | C] -- C:\Users\Phiphi\AppData\Roaming\NCH Software
[2013/01/02 16:35:47 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/01/02 16:35:47 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/01/02 16:35:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/01/02 16:35:46 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/01/02 16:35:46 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/01/02 16:35:46 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/01/02 16:35:46 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/01/02 16:35:46 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/01/02 16:35:46 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013/01/02 16:35:46 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/01/02 16:35:46 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/01/02 16:35:46 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/01/02 16:35:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/01/02 16:35:46 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/01/02 16:35:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/01/02 16:35:45 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/01/02 16:35:45 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/01/02 16:35:45 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/01/02 16:35:45 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/01/02 16:35:45 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/01/02 16:35:45 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/01/02 16:35:45 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/01/02 16:35:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/01/02 16:35:45 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013/01/02 16:35:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013/01/02 16:35:45 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/01/02 16:35:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/01/02 16:35:45 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/01/02 16:35:45 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/01/02 16:35:45 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013/01/02 16:35:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/01/02 16:35:45 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/01/02 16:35:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/01/02 16:35:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/01/02 16:35:45 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/01/02 16:35:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/01/02 16:35:45 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/01/02 16:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/01/02 16:07:12 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/01/02 16:07:12 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013/01/02 16:07:12 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/01/02 15:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tgl0beSCRIPT
[2013/01/02 15:42:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2013/01/02 15:35:47 | 000,604,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2013/01/02 15:32:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2013/01/02 15:19:57 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2013/01/02 15:18:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2013/01/02 15:18:41 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2013/01/02 15:18:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2013/01/02 15:17:52 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2013/01/02 15:17:52 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2013/01/02 15:17:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2013/01/02 15:17:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2013/01/02 15:17:51 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2013/01/02 15:17:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2013/01/02 15:16:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2013/01/02 15:16:19 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe
[2013/01/02 15:16:19 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2013/01/02 15:16:14 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2013/01/02 15:16:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2013/01/02 15:16:09 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2013/01/02 15:15:47 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2013/01/02 15:15:46 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2013/01/02 15:15:46 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2013/01/02 15:15:33 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/01/02 15:15:25 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/01/02 15:15:25 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/01/02 15:15:22 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013/01/02 15:15:22 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013/01/02 15:15:16 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2013/01/02 15:15:00 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2013/01/02 15:14:59 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2013/01/02 15:14:59 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2013/01/02 15:14:59 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2013/01/02 15:14:59 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2013/01/02 15:14:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2013/01/02 15:14:55 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2013/01/02 15:14:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2013/01/02 15:14:13 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2013/01/02 15:14:12 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2013/01/02 15:14:09 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/01/02 15:13:17 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2013/01/02 15:13:14 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2013/01/02 15:07:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/01/02 14:59:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2013/01/02 14:43:43 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013/01/02 14:43:42 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll

========== Files - Modified Within 30 Days ==========

[2013/01/26 01:46:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/26 01:07:01 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/25 22:11:30 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/25 22:11:23 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013/01/25 22:10:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/25 22:09:41 | 000,000,192 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2013/01/25 22:09:41 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2013/01/25 22:09:41 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2013/01/25 22:09:41 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2013/01/25 22:09:41 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2013/01/25 22:09:41 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2013/01/25 22:09:41 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2013/01/25 22:09:41 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2013/01/25 22:09:41 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2013/01/25 22:09:41 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2013/01/25 22:09:41 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2013/01/25 22:09:41 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2013/01/25 22:09:41 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2013/01/25 22:09:41 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2013/01/25 22:09:41 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2013/01/25 22:09:41 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2013/01/25 17:48:04 | 000,002,185 | ---- | M] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/25 17:48:04 | 000,002,161 | ---- | M] () -- C:\Users\Phiphi\Desktop\Google Chrome.lnk
[2013/01/25 16:18:01 | 000,050,477 | ---- | M] () -- C:\Users\Phiphi\Desktop\Defogger.exe
[2013/01/25 13:40:02 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/01/25 10:16:36 | 000,028,936 | ---- | M] () -- C:\Windows\System32\drivers\ERKRmvrDrv.sys
[2013/01/25 06:33:03 | 000,268,256 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/25 06:19:28 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2013/01/25 06:19:28 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2013/01/25 06:19:06 | 003,826,981 | ---- | M] (Nicolas Coolman ) -- C:\Users\Phiphi\Desktop\ZHPDiag2.exe
[2013/01/25 06:15:33 | 001,759,834 | ---- | M] (Nicolas Coolman ) -- C:\Users\Phiphi\Desktop\ZHPFix.exe
[2013/01/25 02:47:33 | 000,002,131 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk
[2013/01/25 02:45:03 | 028,604,832 | ---- | M] (TuneUp Software) -- C:\Users\Phiphi\Desktop\TuneUpUtilities2013_fr-FR.exe
[2013/01/24 21:53:54 | 000,001,051 | ---- | M] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/01/24 21:53:54 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/24 17:42:17 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk
[2013/01/24 15:38:36 | 000,002,929 | ---- | M] () -- C:\Users\Phiphi\Desktop\HiJackThis.lnk
[2013/01/24 14:31:24 | 000,108,544 | ---- | M] (Tigzy) -- C:\Users\Phiphi\Desktop\LogAnalyseur.exe
[2013/01/24 09:28:10 | 000,024,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/24 09:28:10 | 000,024,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/24 02:37:52 | 001,412,377 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2013/01/23 17:22:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\regsvr32
[2013/01/23 17:22:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\icacls
[2013/01/23 06:10:34 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Phiphi\Desktop\TFC.exe
[2013/01/23 02:51:04 | 000,000,052 | ---- | M] () -- C:\Windows\System32\Partizan.RRI
[2013/01/22 17:55:45 | 000,089,048 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2013/01/22 17:28:12 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/22 16:56:09 | 000,001,214 | ---- | M] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/01/22 16:56:09 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/01/22 16:17:16 | 000,705,072 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/01/22 16:17:16 | 000,616,238 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/22 16:17:16 | 000,131,080 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/01/22 16:17:16 | 000,106,618 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/22 15:58:06 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\EasyBCD 2.2.lnk
[2013/01/22 03:53:58 | 000,001,944 | ---- | M] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Web CEO.lnk
[2013/01/22 03:53:58 | 000,001,942 | ---- | M] () -- C:\Users\Phiphi\Desktop\Web CEO.lnk
[2013/01/20 20:54:21 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/01/19 14:11:49 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/19 13:17:47 | 000,000,335 | ---- | M] () -- C:\Windows\nsreg.dat
[2013/01/19 13:17:28 | 000,007,567 | ---- | M] () -- C:\Windows\mozver.dat
[2013/01/19 03:13:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/01/19 03:13:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/01/18 08:30:11 | 000,001,008 | ---- | M] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013/01/18 08:30:11 | 000,000,984 | ---- | M] () -- C:\Users\Phiphi\Desktop\Glary Utilities.lnk
[2013/01/18 08:08:53 | 000,001,906 | ---- | M] () -- C:\Users\Phiphi\Desktop\FileZilla Client.lnk
[2013/01/17 20:36:18 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2013/01/17 20:36:14 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/01/17 20:36:14 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt
[2013/01/17 20:36:14 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2013/01/17 20:36:11 | 000,000,873 | ---- | M] () -- C:\Users\Phiphi\Desktop\UnHackMe.lnk
[2013/01/17 20:32:54 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/01/17 19:02:47 | 000,001,001 | ---- | M] () -- C:\Users\Phiphi\Desktop\mirc.lnk
[2013/01/17 17:51:33 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013/01/17 10:05:12 | 000,001,014 | ---- | M] () -- C:\Users\Phiphi\Desktop\PhotoFiltre Studio X.lnk
[2013/01/15 18:02:07 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2013/01/09 10:46:27 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/09 10:46:27 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/08 14:57:24 | 000,004,544 | ---- | M] () -- C:\Windows\System32\entitlement.xml
[2013/01/08 06:05:30 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/01/08 02:59:39 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2013/01/04 11:47:42 | 000,000,017 | ---- | M] () -- C:\Users\Phiphi\AppData\Local\resmon.resmoncfg
[2013/01/03 16:18:02 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/01/03 12:20:26 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2013/01/03 09:43:06 | 000,000,378 | ---- | M] () -- C:\Windows\CCE.INI
[2013/01/03 04:39:17 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2013/01/03 04:39:17 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2013/01/03 04:03:29 | 000,024,416 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\regguard.sys
[2013/01/02 16:44:28 | 000,001,429 | ---- | M] () -- C:\Users\Phiphi\Desktop\Internet Explorer.lnk
[2013/01/02 16:43:08 | 000,001,423 | ---- | M] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/02 16:35:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/01/02 16:35:47 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/01/02 16:35:47 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/01/02 16:35:46 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/01/02 16:35:46 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/01/02 16:35:46 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/01/02 16:35:46 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/01/02 16:35:46 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/01/02 16:35:46 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/01/02 16:35:46 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013/01/02 16:35:46 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/01/02 16:35:46 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/01/02 16:35:46 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/01/02 16:35:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/01/02 16:35:46 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/01/02 16:35:46 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/01/02 16:35:45 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/01/02 16:35:45 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/01/02 16:35:45 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/01/02 16:35:45 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/01/02 16:35:45 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/01/02 16:35:45 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/01/02 16:35:45 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/01/02 16:35:45 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013/01/02 16:35:45 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013/01/02 16:35:45 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/01/02 16:35:45 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/01/02 16:35:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/01/02 16:35:45 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/01/02 16:35:45 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013/01/02 16:35:45 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/01/02 16:35:45 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/01/02 16:35:45 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/01/02 16:35:45 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013/01/02 16:35:45 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/01/02 16:35:45 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/01/02 16:35:45 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/01/02 16:35:45 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

========== Files Created - No Company Name ==========

[2013/01/25 16:17:59 | 000,050,477 | ---- | C] () -- C:\Users\Phiphi\Desktop\Defogger.exe
[2013/01/25 10:16:36 | 000,028,936 | ---- | C] () -- C:\Windows\System32\drivers\ERKRmvrDrv.sys
[2013/01/25 06:32:49 | 000,268,256 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/25 06:19:28 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2013/01/25 06:15:56 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2013/01/25 02:47:33 | 000,002,131 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk
[2013/01/25 02:47:31 | 000,002,107 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013/01/25 01:54:41 | 000,002,185 | ---- | C] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/24 21:53:54 | 000,001,051 | ---- | C] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/01/24 21:53:54 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/24 17:42:17 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk
[2013/01/24 15:38:36 | 000,002,929 | ---- | C] () -- C:\Users\Phiphi\Desktop\HiJackThis.lnk
[2013/01/24 01:32:24 | 000,002,641 | ---- | C] () -- C:\Windows\System32\drivers\mfencrk.inf
[2013/01/24 01:32:20 | 000,002,946 | ---- | C] () -- C:\Windows\System32\drivers\mfencbdc.inf
[2013/01/23 17:22:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\regsvr32
[2013/01/23 17:22:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\icacls
[2013/01/22 17:55:45 | 000,089,048 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2013/01/22 16:56:09 | 000,001,214 | ---- | C] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/01/22 16:56:09 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/01/22 15:58:06 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\EasyBCD 2.2.lnk
[2013/01/22 03:53:58 | 000,001,944 | ---- | C] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Web CEO.lnk
[2013/01/22 03:53:58 | 000,001,942 | ---- | C] () -- C:\Users\Phiphi\Desktop\Web CEO.lnk
[2013/01/20 20:54:22 | 000,002,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/01/20 20:54:21 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/01/19 13:17:47 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2013/01/19 13:16:59 | 000,007,567 | ---- | C] () -- C:\Windows\mozver.dat
[2013/01/19 03:13:17 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/01/19 03:13:17 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/01/18 08:08:53 | 000,001,906 | ---- | C] () -- C:\Users\Phiphi\Desktop\FileZilla Client.lnk
[2013/01/17 20:39:55 | 000,000,052 | ---- | C] () -- C:\Windows\System32\Partizan.RRI
[2013/01/17 20:36:11 | 000,000,873 | ---- | C] () -- C:\Users\Phiphi\Desktop\UnHackMe.lnk
[2013/01/17 20:23:37 | 000,000,192 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2013/01/17 20:23:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2013/01/17 18:59:40 | 000,001,001 | ---- | C] () -- C:\Users\Phiphi\Desktop\mirc.lnk
[2013/01/17 18:42:54 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/17 10:05:12 | 000,001,014 | ---- | C] () -- C:\Users\Phiphi\Desktop\PhotoFiltre Studio X.lnk
[2013/01/15 17:24:23 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013/01/09 05:02:32 | 000,002,161 | ---- | C] () -- C:\Users\Phiphi\Desktop\Google Chrome.lnk
[2013/01/09 05:02:08 | 000,001,056 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/09 05:02:07 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2013/01/08 16:53:16 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2013/01/08 16:29:16 | 001,412,377 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2013/01/08 14:57:24 | 000,004,544 | ---- | C] () -- C:\Windows\System32\entitlement.xml
[2013/01/08 13:48:39 | 000,032,768 | --S- | C] ( ) -- C:\Windows\System32\Interop.EventSystemLib.dll
[2013/01/08 07:24:46 | 000,000,314 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2013/01/08 07:24:43 | 000,001,008 | ---- | C] () -- C:\Users\Phiphi\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013/01/08 07:24:43 | 000,000,984 | ---- | C] () -- C:\Users\Phiphi\Desktop\Glary Utilities.lnk
[2013/01/08 06:05:30 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/01/04 11:47:42 | 000,000,017 | ---- | C] () -- C:\Users\Phiphi\AppData\Local\resmon.resmoncfg
[2013/01/03 16:18:02 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/03 16:18:02 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/01/03 12:04:46 | 000,010,084 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2013/01/03 11:38:30 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2013/01/03 11:36:31 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013/01/03 11:36:27 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2013/01/03 11:36:17 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2013/01/03 09:43:06 | 000,000,378 | ---- | C] () -- C:\Windows\CCE.INI
[2013/01/03 07:04:20 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/01/03 07:02:44 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/01/03 04:42:42 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2013/01/03 04:02:33 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2013/01/03 04:02:08 | 000,057,556 | ---- | C] () -- C:\Windows\guard.bmp
[2013/01/03 02:55:52 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/03 02:55:52 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/02 18:39:13 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/02 16:44:28 | 000,001,429 | ---- | C] () -- C:\Users\Phiphi\Desktop\Internet Explorer.lnk
[2013/01/02 16:35:45 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
  • 0

#12
Sangoino
Posted 25 January 2013 - 07:12 PM

Sangoino

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
I Dont have the second log of OT, it dont open

Edited by Sangoino, 25 January 2013 - 07:21 PM.

  • 0

#13
Sangoino
Posted 25 January 2013 - 07:21 PM

Sangoino

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org

Version de la base de données: v2013.01.26.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Phiphi :: PHIPHICOMPUTER [administrateur]

Protection: Activé

26/01/2013 02:14:22
mbam-log-2013-01-26 (02-14-22).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 218348
Temps écoulé: 6 minute(s), 7 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
  • 0

#14
Sangoino
Posted 25 January 2013 - 08:19 PM

Sangoino

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
ESET The log dont save, I Have only :

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK




there are some probleme

disconnect on java chat, disconnect on IRC, mozilla, internet slow

it's a virus RAM?virus memory ? I am traced ? I am sure, i am infected

Edited by Sangoino, 25 January 2013 - 08:31 PM.

  • 0

#15
blmadara
Posted 26 January 2013 - 03:26 PM

blmadara

    Trusted Helper

  • Malware Removal
  • 767 posts
Hi Sangoino,

Step One: OTL Fix
Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Note: If you are using the pro version or trial version of Malwarebytes 1.6 or higher please disable it for the duration of this fix as it may interfere with the successful execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.



Run OTL
Posted Image
  • Under the Custom Scans/Fixes box at the bottom, paste in the following (do not copy the word "quote")

    :OTL
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

    :Files
    ipconfig /flushdns /c

    :Commands
    [resethosts]
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done and post the log it produces in your next reply.

Step Two: Kaspersky AVP
Download AVPTool and save it to your desktop.

Run the program you have just downloaded to your desktop (it will be randomly named.)

First we will run a virus scan.
Posted Image

On the first tab select all elements down to Computer and then select start scan.
Posted Image

Once it has finished select report and post that.

Do not close AVPTool or it will self uninstall, if it does uninstall - - then just rerun the setup file on your desktop.

Now an analysis scan.
Select the Manual Disinfection tab.
Press the Gather System Information button.
Posted Image

Once done Open the last report saved folder then attach the zip file to your next post zip.
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip.


Step Three: Windows Repair
Download Windows Repair (all in one) and save it to your desktop.

Install and run the program.
Posted Image

Go to step 3 and allow it to run SFC.
Posted Image

On the start repairs tab click start.
Posted Image

Select the following items and tick restart system when finished.
Posted Image

Step Four: How is your computer running?

Please let me know exactly what problems remain.


What I need in your next post:
1. The log produced by the OTL Fix.
2. Both logs produced by Kaspersky. Paste the 1st one in your next reply and attach the 2nd one, C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip, to your reply.
3. How is your computer running?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP