Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus affecting numerous programs on my PC


  • Please log in to reply

#1
Crazy North

Crazy North

    Member

  • Member
  • PipPip
  • 78 posts
Hi good people from GeeksToGo,

I'm certain I've been infected with a virus, since I've been having numerous problems with my PC in the during the last month.

It started like last year on my previous PC, with Opera browser going nuts, blinking tabs, not being able to open new tabs, errors that close down the browser. I thought maybe it's down to Opera, but when I started using Firefox a few times I had a situation where I wasn't able to close some stupid message about "caret browsing" or something like that, no matter how many times I tried. Turning off browsers and programs in taskmanager is now very often since the virus ended up affecting almost every program I use. For example BS player stops the movie and starts giving me some stupid sounds and I can't do anything, it's hard to even close it with taskmanager. The game I play constantly exits for no reason...
Basically it seems that this virus, I presume a trojan, is eating away my new PC day by day.

Because, once again Avast failed to find anything and the problem seemed similar to the one I had a year ago, when a member here helped me clean my old PC up, I tried with ESET online scanner, malwarebytes anti-malware, ADW Cleaner and such. I cleaned up some malware, ESET found a trojan I think, but the problems didn't go away. Now, every time I do a full scan of my PC with any of these programs, they find nothing.

Here is my OTL log that I hope will help you solve this nightmare... Thanks in advance!


OTL logfile created on: 27-Jun-13 12:58:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petar\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

15.95 Gb Total Physical Memory | 11.17 Gb Available Physical Memory | 70.01% Memory free
31.90 Gb Paging File | 26.98 Gb Available in Paging File | 84.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.56 Gb Total Space | 24.14 Gb Free Space | 24.75% Space Free | Partition Type: NTFS
Drive D: | 833.86 Gb Total Space | 173.42 Gb Free Space | 20.80% Space Free | Partition Type: NTFS
Drive E: | 3.42 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 7.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: PETAR-PC | User Name: Petar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-06-27 00:58:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petar\Downloads\OTL.exe
PRC - [2013-06-15 03:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-06-07 00:06:24 | 001,641,896 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013-05-22 15:16:24 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013-05-16 16:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-05-16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-05-12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-05-11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-04-23 06:48:20 | 000,844,144 | ---- | M] (Samsung) -- D:\PROGRAMI\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013-04-23 06:48:12 | 001,561,968 | ---- | M] (Samsung) -- D:\PROGRAMI\Kies\Kies.exe
PRC - [2012-03-15 17:49:10 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
PRC - [2012-03-15 17:49:04 | 000,286,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe


========== Modules (No Company Name) ==========

MOD - [2013-06-17 18:29:17 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fb24cb5162d2e25d56932e22afb5ecac\System.WorkflowServices.ni.dll
MOD - [2013-06-17 18:29:09 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9d0ff60b104f7e746c371ad2da922812\System.ServiceModel.Web.ni.dll
MOD - [2013-06-17 18:28:43 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2f6d74f7f12671ce91ea457346e1fe78\System.IdentityModel.ni.dll
MOD - [2013-06-17 18:28:42 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\61891736b5213480cd68d7e82199182f\System.ServiceModel.ni.dll
MOD - [2013-06-17 18:28:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\3de1ebb1410ea7f72877f8c261e85531\System.Runtime.Remoting.ni.dll
MOD - [2013-06-17 18:20:22 | 011,914,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ce6b7579fbb77330560e9122d1cf6526\System.Web.ni.dll
MOD - [2013-06-15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll
MOD - [2013-06-15 03:28:41 | 013,140,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
MOD - [2013-06-15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013-06-15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013-06-15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013-06-15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013-06-07 00:06:24 | 001,114,536 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013-05-16 18:31:02 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013-05-16 18:30:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013-05-16 01:28:06 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll
MOD - [2013-05-16 01:27:58 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll
MOD - [2013-05-16 01:27:56 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ded1c6dbf61d19f839da66c951d8fa9\System.Windows.Forms.ni.dll
MOD - [2013-05-16 01:27:54 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll
MOD - [2013-05-16 01:27:52 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll
MOD - [2013-05-16 01:27:51 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll
MOD - [2013-05-07 03:05:20 | 000,654,848 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013-04-30 16:22:19 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
MOD - [2013-04-30 16:21:57 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013-04-30 14:51:27 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013-04-30 14:51:26 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll
MOD - [2013-04-30 14:51:24 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013-04-30 14:51:21 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2013-03-27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013-02-15 13:54:17 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013-02-15 13:51:37 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
MOD - [2013-02-15 13:51:02 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013-02-15 13:50:52 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013-02-15 13:50:50 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013-02-15 13:50:45 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012-12-11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-12-11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-12-11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2010-01-21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011-11-09 18:38:06 | 000,189,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2010-04-06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-06-12 17:31:22 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-06-07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-05-22 15:16:24 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013-05-16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-05-12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-05-12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-05-11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-03-15 17:49:10 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011-08-30 16:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-05-12 02:40:52 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013-05-09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-05-09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-05-09 10:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-05-09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-05-09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-05-09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013-05-09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-05-09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-04-03 09:58:08 | 000,188,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2013-04-03 09:58:08 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2013-04-03 09:58:08 | 000,021,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2013-02-25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012-05-28 05:57:25 | 000,229,120 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2012-05-28 05:57:16 | 000,072,448 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2012-03-15 17:53:20 | 000,024,496 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012-03-15 17:53:18 | 000,567,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012-03-15 14:57:30 | 000,514,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2012-03-08 10:53:14 | 000,022,128 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-09-22 10:49:56 | 000,056,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011-08-09 07:42:36 | 000,315,696 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013-04-18 12:09:20 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2013-02-19 20:09:01 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2013-02-19 20:08:46 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012-12-06 23:01:56 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2011-05-05 18:14:58 | 000,013,864 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\ET6\amifldrv64.sys -- (GENERICDRV)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 F9 E6 C8 89 26 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{CBA30EF2-DF56-4E0A-9EA2-EA6ACBAF6529}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: D:\IGRICE INSTALIRANO\THE SETTLERS 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-04 01:55:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013-06-14 01:40:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petar\AppData\Roaming\Mozilla\Extensions
[2012-12-07 04:38:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petar\AppData\Roaming\Mozilla\Firefox\extensions
[2012-12-07 04:38:33 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Petar\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2013-06-14 01:44:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petar\AppData\Roaming\Mozilla\Firefox\Profiles\2cq7sp94.default\extensions
[2013-06-14 01:44:18 | 000,281,668 | ---- | M] () (No name found) -- C:\Users\Petar\AppData\Roaming\Mozilla\Firefox\Profiles\2cq7sp94.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2013-06-14 01:40:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013-06-14 01:40:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\gcswf32.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Petar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: YouTube = C:\Users\Petar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Petar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\Petar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013-06-07 18:04:11 | 000,000,841 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [FLxHCIm64] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe (Intel Corporation)
O4 - HKCU..\Run: [] D:\PROGRAMI\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [KiesAirMessage] D:\PROGRAMI\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPreload] D:\PROGRAMI\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DE6C8D8-5E86-4AB6-B27F-BA9B245625E8}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-01-05 21:30:20 | 000,000,039 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{80a0bd39-3fdd-11e2-b646-902b3457752f}\Shell - "" = AutoRun
O33 - MountPoints2\{80a0bd39-3fdd-11e2-b646-902b3457752f}\Shell\AutoRun\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-06-25 23:50:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013-06-15 15:48:01 | 000,000,000 | ---D | C] -- C:\Users\Petar\AppData\Local\NVIDIA
[2013-06-15 15:08:18 | 000,000,000 | ---D | C] -- C:\Users\Petar\AppData\Local\Diagnostics
[2013-06-15 02:15:05 | 000,000,000 | ---D | C] -- C:\Users\Petar\Documents\Square Enix
[2013-06-14 01:41:25 | 000,000,000 | ---D | C] -- C:\Users\Petar\AppData\Local\Macromedia
[2013-06-14 01:40:23 | 000,000,000 | ---D | C] -- C:\Users\Petar\AppData\Local\Mozilla
[2013-06-14 01:40:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013-06-14 01:40:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013-06-14 01:40:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-06-14 01:01:06 | 000,000,000 | ---D | C] -- C:\Users\Petar\Documents\FIFA 13
[2013-06-14 00:56:16 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2013-06-07 18:07:53 | 000,000,000 | ---D | C] -- C:\Users\Petar\AppData\Roaming\Malwarebytes
[2013-06-07 18:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-06-07 18:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-06-07 18:07:39 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013-06-07 18:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-06-07 15:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013-06-07 15:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013-06-07 15:12:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013-06-07 15:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013-06-07 15:12:19 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013-06-07 15:12:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013-06-07 15:12:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013-06-07 15:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013-06-07 15:10:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013-06-07 15:09:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013-06-07 15:09:36 | 000,000,000 | ---D | C] -- C:\Users\Petar\AppData\Local\Microsoft Help
[2013-06-07 15:09:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013-06-07 15:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013-06-07 15:09:27 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013-06-06 19:07:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013-06-02 12:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2013-06-02 12:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F1 2012
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-06-27 00:39:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-06-27 00:39:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-06-27 00:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-06-26 20:07:11 | 000,027,424 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-06-26 20:07:10 | 000,027,424 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-06-26 18:05:09 | 003,013,898 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-06-26 18:05:09 | 000,917,084 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-06-26 18:05:09 | 000,006,424 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-06-26 18:00:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-06-26 18:00:23 | 4254,863,358 | -HS- | M] () -- C:\hiberfil.sys
[2013-06-24 23:12:12 | 000,114,924 | ---- | M] () -- C:\Users\Petar\Desktop\1026169_577284805649323_1560135057_o.jpg
[2013-06-24 17:52:54 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2013-06-21 00:33:05 | 000,095,213 | ---- | M] () -- C:\Users\Petar\Desktop\Pampi, Trlaja, Gana.jpg
[2013-06-19 14:41:07 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-06-19 13:59:32 | 000,946,262 | ---- | M] () -- C:\Users\Petar\Desktop\1_DS_home RS 885.jpg
[2013-06-17 23:06:53 | 000,053,382 | ---- | M] () -- C:\Users\Petar\Desktop\2vjo6fa.jpg
[2013-06-15 15:39:42 | 000,648,201 | ---- | M] () -- C:\Users\Petar\Desktop\AdwCleaner.exe
[2013-06-14 01:40:20 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013-06-07 18:58:05 | 000,416,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-06-07 18:07:41 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-06-04 01:55:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013-06-02 03:04:43 | 000,001,150 | ---- | M] () -- C:\Users\Petar\Application Data\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk
[2013-06-02 03:04:43 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\BS.Player FREE.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-06-24 23:12:12 | 000,114,924 | ---- | C] () -- C:\Users\Petar\Desktop\1026169_577284805649323_1560135057_o.jpg
[2013-06-24 17:52:54 | 000,001,845 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013-06-24 17:52:54 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2013-06-21 00:33:04 | 000,095,213 | ---- | C] () -- C:\Users\Petar\Desktop\Pampi, Trlaja, Gana.jpg
[2013-06-19 13:59:30 | 000,946,262 | ---- | C] () -- C:\Users\Petar\Desktop\1_DS_home RS 885.jpg
[2013-06-17 23:06:53 | 000,053,382 | ---- | C] () -- C:\Users\Petar\Desktop\2vjo6fa.jpg
[2013-06-15 15:39:33 | 000,648,201 | ---- | C] () -- C:\Users\Petar\Desktop\AdwCleaner.exe
[2013-06-14 01:40:20 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013-06-14 01:40:20 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013-06-07 18:07:41 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-06-04 01:55:31 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013-06-04 01:55:31 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013-05-22 15:16:25 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013-05-22 15:16:24 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013-04-30 14:55:27 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013-04-30 14:55:27 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2012-12-17 14:51:37 | 000,000,044 | ---- | C] () -- C:\Users\Petar\jagex_cl_runescape_LIVE.dat
[2012-12-17 14:51:37 | 000,000,024 | ---- | C] () -- C:\Users\Petar\random.dat
[2012-12-06 16:36:03 | 000,007,646 | ---- | C] () -- C:\Users\Petar\AppData\Local\resmon.resmoncfg
[2012-12-06 16:08:16 | 000,774,806 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-12-06 16:01:56 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012-12-06 15:59:30 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012-11-28 15:17:24 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012-11-28 15:17:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012-11-28 15:17:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012-11-28 15:17:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012-11-28 15:17:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012-11-21 15:10:20 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe

========== ZeroAccess Check ==========

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012-12-11 00:39:27 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\2K Sports
[2012-12-29 02:27:14 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\BSplayer
[2012-12-23 23:00:24 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\BSplayer Pro
[2013-05-17 18:29:36 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\Canneverbe Limited
[2013-06-14 00:51:42 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\DAEMON Tools Lite
[2012-12-06 20:01:20 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\Opera
[2013-04-30 14:24:02 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\Samsung
[2012-12-26 00:02:47 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\Sports Interactive
[2012-12-06 22:43:37 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\TuneUp Software
[2013-03-17 00:53:39 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\Ubisoft
[2013-06-27 00:57:00 | 000,000,000 | ---D | M] -- C:\Users\Petar\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Crazy North,

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. The 64bit one will be the right version for your machine.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#3
Crazy North

Crazy North

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013
Ran by Petar (administrator) on 03-07-2013 00:29:42
Running from C:\Users\Petar\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Samsung) D:\PROGRAMI\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) D:\PROGRAMI\Kies\Kies.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
(Windows ® Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1641896 2013-06-07] (Valve Corporation)
HKCU\...\Run: [] D:\PROGRAMI\Kies\External\FirmwareUpdate\KiesPDLR.exe [x]
HKCU\...\Run: [KiesAirMessage] D:\PROGRAMI\Kies\KiesAirMessage.exe -startup [x]
HKCU\...\Run: [KiesPreload] D:\PROGRAMI\Kies\Kies.exe /preload [x]
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
MountPoints2: {42cbb115-ba88-11e2-bd1d-902b3457752f} - F:\setup.exe
MountPoints2: {80a0bd39-3fdd-11e2-b646-902b3457752f} - G:\Setup.exe
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2012-03-15] (Intel Corporation)
HKLM-x32\...\Run: [FLxHCIm64] "C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [48128 2012-05-21] (Windows ® Win 7 DDK provider)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Petar\AppData\Roaming\Mozilla\Firefox\Profiles\2cq7sp94.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - D:\IGRICE INSTALIRANO\THE SETTLERS 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll No File
FF Extension: No Name - C:\Users\Petar\AppData\Roaming\Mozilla\Firefox\Profiles\2cq7sp94.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\gcswf32.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\Petar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (YouTube) - C:\Users\Petar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Petar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Petar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-05-22] ()

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22128 2012-03-08] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-12] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2012-12-06] (Windows ® Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2012-12-06] (Windows ® Server 2003 DDK provider)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [72448 2012-05-28] (Fresco Logic)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] ()
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-02-19] (Windows ® Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-02-19] (Windows ® Server 2003 DDK provider)
S3 GENERICDRV; C:\Program Files (x86)\GIGABYTE\ET6\amifldrv64.sys [13864 2011-05-05] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-02-19] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-02-19] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24496 2012-03-15] (Intel Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-03 00:29 - 2013-07-03 00:29 - 01933556 ____A (Farbar) C:\Users\Petar\Desktop\FRST64.exe
2013-07-03 00:29 - 2013-07-03 00:29 - 00000000 ____D C:\FRST
2013-07-02 17:30 - 2013-07-02 17:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-02 17:27 - 2013-07-02 17:27 - 00000000 ____D C:\Windows\LastGood
2013-07-02 17:24 - 2013-06-21 14:06 - 27781920 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-07-02 17:24 - 2013-06-21 14:06 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00432928 ____A (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00372000 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-02 17:24 - 2013-06-21 14:06 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-29 11:33 - 2013-06-29 11:33 - 00000000 ____D C:\ProgramData\Steam
2013-06-27 22:17 - 2013-06-27 22:17 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum
2013-06-27 01:55 - 2013-06-27 22:17 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-06-27 01:55 - 2013-06-27 22:17 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-06-27 01:29 - 2013-06-27 01:29 - 00061194 ____A C:\Users\Petar\Downloads\[kickass.to]company.of.heroes.2.full.sc.torrent
2013-06-27 01:02 - 2013-06-27 01:02 - 00065582 ____A C:\Users\Petar\Downloads\Extras.Txt
2013-06-27 01:01 - 2013-06-27 01:01 - 00089688 ____A C:\Users\Petar\Downloads\OTL.Txt
2013-06-27 00:58 - 2013-06-27 00:58 - 00602112 ____A (OldTimer Tools) C:\Users\Petar\Downloads\OTL.exe
2013-06-25 23:50 - 2013-06-25 23:50 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-25 23:50 - 2013-06-25 23:50 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-25 23:50 - 2013-06-25 23:50 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-25 23:50 - 2013-06-25 23:50 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-25 23:50 - 2013-06-25 23:50 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-24 17:52 - 2013-06-24 17:52 - 00001833 ____A C:\Users\Public\Desktop\Opera.lnk
2013-06-24 00:11 - 2013-06-24 00:11 - 00000314 ____A C:\AdwCleaner[S3].txt
2013-06-24 00:10 - 2013-06-24 00:10 - 00001328 ____A C:\AdwCleaner[R3].txt
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-15 15:48 - 2013-06-15 15:49 - 00001380 ____A C:\AdwCleaner[S2].txt
2013-06-15 15:48 - 2013-06-15 15:48 - 00001316 ____A C:\AdwCleaner[R2].txt
2013-06-15 15:48 - 2013-06-15 15:48 - 00000000 ____D C:\Users\Petar\AppData\Local\NVIDIA
2013-06-15 15:39 - 2013-06-15 15:39 - 00648201 ____A C:\Users\Petar\Desktop\AdwCleaner.exe
2013-06-15 15:37 - 2013-06-15 15:37 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-06-15 15:31 - 2013-06-21 14:06 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-15 15:31 - 2013-06-21 14:06 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-15 15:31 - 2013-05-12 23:42 - 12426216 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\SETFDBB.tmp
2013-06-15 15:31 - 2013-05-12 23:42 - 02597344 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\SETF626.tmp
2013-06-15 15:31 - 2013-05-12 23:42 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432018.dll
2013-06-15 15:31 - 2013-05-12 23:42 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432018.dll
2013-06-15 15:31 - 2013-02-25 07:27 - 00194848 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2013-06-15 15:31 - 2013-02-25 07:27 - 00031520 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2013-06-15 15:19 - 2013-06-15 15:19 - 00001264 ____A C:\Windows\svcpack.log
2013-06-15 02:15 - 2013-06-15 02:15 - 00000000 ____D C:\Users\Petar\Documents\Square Enix
2013-06-14 01:41 - 2013-06-14 01:41 - 00000000 ____D C:\Users\Petar\AppData\Local\Macromedia
2013-06-14 01:40 - 2013-06-14 01:40 - 00001151 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-14 01:40 - 2013-06-14 01:40 - 00000000 ____D C:\Users\Petar\AppData\Local\Mozilla
2013-06-14 01:40 - 2013-06-14 01:40 - 00000000 ____D C:\ProgramData\Mozilla
2013-06-14 01:40 - 2013-06-14 01:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-14 01:40 - 2013-06-14 01:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-14 01:01 - 2013-06-14 01:16 - 00000000 ____D C:\Users\Petar\Documents\FIFA 13
2013-06-14 00:55 - 2013-06-14 00:56 - 00018473 ____A C:\Windows\DirectX.log
2013-06-12 02:32 - 2013-05-17 03:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 02:32 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 02:32 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 02:32 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 02:32 - 2013-05-17 02:58 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 02:32 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 02:32 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 02:32 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 02:32 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 02:32 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-11 22:47 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-11 22:47 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-11 22:47 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-11 22:47 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-11 22:47 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-11 22:47 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-11 22:47 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-11 22:47 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 22:47 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-11 22:47 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-11 22:47 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 22:47 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-11 22:47 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 22:47 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-11 22:47 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 22:47 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-11 22:47 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-11 22:47 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-11 22:47 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-07 18:57 - 2013-06-07 18:57 - 00003558 ____A C:\Windows\PFRO.log
2013-06-07 18:07 - 2013-06-07 18:07 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-07 18:07 - 2013-06-07 18:07 - 00000000 ____D C:\Users\Petar\AppData\Roaming\Malwarebytes
2013-06-07 18:07 - 2013-06-07 18:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-07 18:07 - 2013-06-07 18:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-07 18:07 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-07 15:12 - 2013-06-07 15:12 - 00000000 ____D C:\Windows\PCHEALTH
2013-06-07 15:12 - 2013-06-07 15:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-06-07 15:12 - 2013-06-07 15:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-06-07 15:12 - 2013-06-07 15:12 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-07 15:10 - 2013-06-07 15:10 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-07 15:10 - 2013-06-07 15:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-07 15:09 - 2013-06-07 15:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-07 15:09 - 2013-06-07 15:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-07 15:09 - 2013-06-07 15:09 - 00000000 __RHD C:\MSOCache
2013-06-07 15:09 - 2013-06-07 15:09 - 00000000 ____D C:\Users\Petar\AppData\Local\Microsoft Help
2013-06-07 15:09 - 2013-06-07 15:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-06-06 19:07 - 2013-06-06 19:07 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-06 19:04 - 2013-07-02 17:30 - 00004082 ____A C:\Windows\setupact.log
2013-06-06 19:04 - 2013-06-06 19:04 - 00000000 ____A C:\Windows\setuperr.log
2013-06-06 19:03 - 2013-06-06 19:03 - 00004397 ____A C:\AdwCleaner[R1].txt
2013-06-06 19:03 - 2013-06-06 19:03 - 00004388 ____A C:\AdwCleaner[S1].txt
2013-06-04 01:55 - 2013-06-27 22:17 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-06-04 01:55 - 2013-05-09 10:59 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys

==================== One Month Modified Files and Folders =======

2013-07-03 00:29 - 2013-07-03 00:29 - 01933556 ____A (Farbar) C:\Users\Petar\Desktop\FRST64.exe
2013-07-03 00:29 - 2013-07-03 00:29 - 00000000 ____D C:\FRST
2013-07-02 23:39 - 2012-12-06 16:07 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-02 23:31 - 2013-02-20 19:09 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-02 22:14 - 2012-12-06 15:56 - 01382534 ____A C:\Windows\WindowsUpdate.log
2013-07-02 20:09 - 2012-12-12 21:35 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-02 17:30 - 2013-07-02 17:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-02 17:30 - 2013-06-06 19:04 - 00004082 ____A C:\Windows\setupact.log
2013-07-02 17:30 - 2012-12-06 16:33 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-02 17:30 - 2012-12-06 16:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-02 17:27 - 2013-07-02 17:27 - 00000000 ____D C:\Windows\LastGood
2013-07-02 17:14 - 2009-07-14 07:13 - 00006424 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-02 17:14 - 2009-07-14 06:45 - 00027424 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 17:14 - 2009-07-14 06:45 - 00027424 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 17:07 - 2012-12-06 16:07 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-02 17:06 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-02 01:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-07-01 02:34 - 2012-12-07 04:35 - 00000000 ____D C:\Users\Petar\AppData\Roaming\uTorrent
2013-06-29 11:33 - 2013-06-29 11:33 - 00000000 ____D C:\ProgramData\Steam
2013-06-29 11:33 - 2012-12-09 04:17 - 00000000 ____D C:\Users\Petar\Documents\My Games
2013-06-29 11:33 - 2012-12-07 02:56 - 00000000 ____D C:\Users\Petar\Desktop\Igrice
2013-06-27 22:17 - 2013-06-27 22:17 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum
2013-06-27 22:17 - 2013-06-27 01:55 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-06-27 22:17 - 2013-06-27 01:55 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-06-27 22:17 - 2013-06-04 01:55 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-06-27 22:17 - 2012-12-06 22:18 - 01030952 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-06-27 22:17 - 2012-12-06 22:18 - 00378944 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-06-27 01:29 - 2013-06-27 01:29 - 00061194 ____A C:\Users\Petar\Downloads\[kickass.to]company.of.heroes.2.full.sc.torrent
2013-06-27 01:02 - 2013-06-27 01:02 - 00065582 ____A C:\Users\Petar\Downloads\Extras.Txt
2013-06-27 01:01 - 2013-06-27 01:01 - 00089688 ____A C:\Users\Petar\Downloads\OTL.Txt
2013-06-27 00:58 - 2013-06-27 00:58 - 00602112 ____A (OldTimer Tools) C:\Users\Petar\Downloads\OTL.exe
2013-06-25 23:50 - 2013-06-25 23:50 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-25 23:50 - 2013-06-25 23:50 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-25 23:50 - 2013-06-25 23:50 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-25 23:50 - 2013-06-25 23:50 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-25 23:50 - 2013-06-25 23:50 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-25 23:50 - 2012-12-17 14:50 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-25 23:50 - 2012-12-17 14:50 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-24 17:52 - 2013-06-24 17:52 - 00001833 ____A C:\Users\Public\Desktop\Opera.lnk
2013-06-24 17:52 - 2012-12-06 20:01 - 00000000 ____D C:\Program Files (x86)\Opera
2013-06-24 00:11 - 2013-06-24 00:11 - 00000314 ____A C:\AdwCleaner[S3].txt
2013-06-24 00:10 - 2013-06-24 00:10 - 00001328 ____A C:\AdwCleaner[R3].txt
2013-06-21 14:06 - 2013-07-02 17:24 - 27781920 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 25256224 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 15144928 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 11235104 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-07-02 17:24 - 09239344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 07641832 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 02953504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 02363680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 01832224 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 01511712 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00572704 ____A (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00570656 ____A (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00432928 ____A (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00372000 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00266448 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00218592 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-07-02 17:24 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-06-15 15:31 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-06-15 15:31 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2012-12-06 20:35 - 15920536 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-06-21 14:06 - 2012-12-06 16:28 - 00021578 ____A C:\Windows\System32\nvinfo.pb
2013-06-21 14:06 - 2012-12-06 16:27 - 02936208 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-06-21 14:06 - 2012-12-06 16:27 - 01059560 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-06-21 12:23 - 2012-12-06 16:30 - 06496544 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-06-21 12:23 - 2012-12-06 16:30 - 03514656 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-06-21 12:23 - 2012-12-06 16:30 - 00884512 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-06-21 12:23 - 2012-12-06 16:30 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-06-21 12:23 - 2012-12-06 16:30 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 06:17 - 2012-12-06 16:30 - 03253909 ____A C:\Windows\System32\nvcoproc.bin
2013-06-19 14:41 - 2012-12-06 16:08 - 00002183 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-19 14:21 - 2012-12-06 19:36 - 00000000 ____D C:\Users\Petar\AppData\Local\Adobe
2013-06-19 00:44 - 2012-12-06 22:15 - 00000000 ____D C:\Program Files\AVAST Software
2013-06-15 15:49 - 2013-06-15 15:48 - 00001380 ____A C:\AdwCleaner[S2].txt
2013-06-15 15:48 - 2013-06-15 15:48 - 00001316 ____A C:\AdwCleaner[R2].txt
2013-06-15 15:48 - 2013-06-15 15:48 - 00000000 ____D C:\Users\Petar\AppData\Local\NVIDIA
2013-06-15 15:47 - 2012-12-06 16:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-06-15 15:39 - 2013-06-15 15:39 - 00648201 ____A C:\Users\Petar\Desktop\AdwCleaner.exe
2013-06-15 15:37 - 2013-06-15 15:37 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-06-15 15:37 - 2012-12-06 16:26 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-06-15 15:19 - 2013-06-15 15:19 - 00001264 ____A C:\Windows\svcpack.log
2013-06-15 11:44 - 2012-12-10 22:44 - 00000000 ____D C:\ProgramData\Rockstar Games
2013-06-15 11:44 - 2012-12-06 15:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-15 02:15 - 2013-06-15 02:15 - 00000000 ____D C:\Users\Petar\Documents\Square Enix
2013-06-14 01:41 - 2013-06-14 01:41 - 00000000 ____D C:\Users\Petar\AppData\Local\Macromedia
2013-06-14 01:40 - 2013-06-14 01:40 - 00001151 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-14 01:40 - 2013-06-14 01:40 - 00000000 ____D C:\Users\Petar\AppData\Local\Mozilla
2013-06-14 01:40 - 2013-06-14 01:40 - 00000000 ____D C:\ProgramData\Mozilla
2013-06-14 01:40 - 2013-06-14 01:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-14 01:40 - 2013-06-14 01:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-14 01:40 - 2012-12-07 04:38 - 00000000 ____D C:\Users\Petar\AppData\Roaming\Mozilla
2013-06-14 01:16 - 2013-06-14 01:01 - 00000000 ____D C:\Users\Petar\Documents\FIFA 13
2013-06-14 00:56 - 2013-06-14 00:55 - 00018473 ____A C:\Windows\DirectX.log
2013-06-14 00:51 - 2012-12-06 22:51 - 00000000 ____D C:\Users\Petar\AppData\Roaming\DAEMON Tools Lite
2013-06-12 23:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-12 17:31 - 2013-02-20 19:09 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 17:31 - 2013-02-20 19:09 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 17:19 - 2012-12-07 07:44 - 00000000 ____D C:\Windows\Panther
2013-06-12 02:32 - 2013-02-13 02:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-09 18:29 - 2012-12-06 22:36 - 00000000 ____D C:\Users\Petar\AppData\Roaming\Winamp
2013-06-07 18:58 - 2009-07-14 06:45 - 00416712 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-07 18:57 - 2013-06-07 18:57 - 00003558 ____A C:\Windows\PFRO.log
2013-06-07 18:07 - 2013-06-07 18:07 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-07 18:07 - 2013-06-07 18:07 - 00000000 ____D C:\Users\Petar\AppData\Roaming\Malwarebytes
2013-06-07 18:07 - 2013-06-07 18:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-07 18:07 - 2013-06-07 18:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-07 17:26 - 2012-12-06 16:06 - 00109296 ____A C:\Users\Petar\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-07 15:13 - 2013-06-07 15:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-07 15:12 - 2013-06-07 15:12 - 00000000 ____D C:\Windows\PCHEALTH
2013-06-07 15:12 - 2013-06-07 15:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-06-07 15:12 - 2013-06-07 15:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-06-07 15:12 - 2013-06-07 15:12 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-07 15:12 - 2013-06-07 15:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-07 15:12 - 2009-07-14 09:46 - 00000000 ____D C:\Windows\ShellNew
2013-06-07 15:12 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-06-07 15:11 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-07 15:10 - 2013-06-07 15:10 - 00000000 ____D C:\Program Files\Microsoft Office
2013-06-07 15:10 - 2013-06-07 15:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-06-07 15:09 - 2013-06-07 15:09 - 00000000 __RHD C:\MSOCache
2013-06-07 15:09 - 2013-06-07 15:09 - 00000000 ____D C:\Users\Petar\AppData\Local\Microsoft Help
2013-06-07 15:09 - 2013-06-07 15:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-06-07 15:09 - 2009-07-14 04:34 - 00000478 ____A C:\Windows\win.ini
2013-06-06 19:07 - 2013-06-06 19:07 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-06 19:04 - 2013-06-06 19:04 - 00000000 ____A C:\Windows\setuperr.log
2013-06-06 19:03 - 2013-06-06 19:03 - 00004397 ____A C:\AdwCleaner[R1].txt
2013-06-06 19:03 - 2013-06-06 19:03 - 00004388 ____A C:\AdwCleaner[S1].txt
2013-06-04 01:55 - 2012-12-06 22:18 - 00000000 ____A C:\Windows\SysWOW64\config.nt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 19:56

==================== End Of Log ============================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2013
Ran by Petar at 2013-07-03 00:30:03
Running from C:\Users\Petar\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

@BIOS (x32 Version: 2.27)
µTorrent (x32 Version: 3.3.0.29625)
Adobe Digital Editions 2.0 (x32 Version: 2.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)
Assassin's Creed ® III (x32 Version: 1.01)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
AviSynth (x32 Version: 2.6.0 MT)
BS.Player FREE (x32 Version: 2.65.1074)
CCleaner (Version: 4.01)
CDBurnerXP (x32 Version: 4.5.1.4003)
Civilization.V.GOTY.incl.Gods.and.Kings (x32)
Company of Heroes 2 (x32 Version: 1)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Dishonored (x32)
Easy Tune 6 B12.0713.1 (x32 Version: 1.00.0000)
ESET Online Scanner v3 (x32)
Etron USB3.0 Host Controller (x32 Version: 0.104)
F1 2012 (x32)
Football Manager 2013 (x32)
Fraps (x32)
Fresco Logic USB3.0 Host Controller (Version: 3.5.42.0)
Google Chrome (x32 Version: 27.0.1453.116)
Google Update Helper (x32 Version: 1.3.21.145)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Grand Theft Auto IV (x32 Version: 1.00.0000)
HD Youtube Downloader Free (x32)
Intel® Management Engine Components (x32 Version: 7.1.21.1134)
Intel® Network Connections 17.0.200.2 (Version: 17.0.200.2)
Intel® Rapid Storage Technology enterprise (x32 Version: 3.1.0.1068)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.5)
L.A. Noire (x32 Version: 1.00.0000)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
marvell 91xx driver (x32 Version: 1.2.0.1010)
Media Player Classic - Home Cinema 1.6.1.4235 (x32 Version: 1.6.1.4235)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 21.0 (x86 en-US) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 21.0)
NBA 2K13 (x32 Version: 1.0.0)
NVIDIA 3D Vision Controller Driver 320.49 (Version: 320.49)
NVIDIA 3D Vision Driver 320.49 (Version: 320.49)
NVIDIA Control Panel 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Graphics Driver 320.49 (Version: 320.49)
NVIDIA HD Audio Driver 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX System Software 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
ON_OFF Charge B12.0308.1 (x32 Version: 1.00.0001)
OpenAL (x32)
Opera 12.15 (x32 Version: 12.15.1748)
Pro Evolution Soccer 2013 (x32 Version: 1.00.0000)
PunkBuster Services (x32 Version: 0.991)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Rockstar Games Social Club (x32 Version: 1.0.9.5)
Rockstar Games Social Club (x32 Version: 1.00.0000)
Samsung Kies (x32 Version: 2.5.0.12114_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)
Steam (x32 Version: 1.0.0.0)
The Settlers 7 - Paths to a Kingdom (x32 Version: 1.12.1396)
The Witcher 2 (x32 Version: 1.00.0000)
The Witcher 2 Assassins of Kings version 1.0 (x32 Version: 1.0)
Tom Clancy's Splinter Cell Conviction (x32 Version: 1.00.000)
Total War Shogun 2 - Fall Of The Samurai (x32)
Universal Media Server (x32 Version: 2.1.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Uplay (x32 Version: 2.0)
vanBasco's Karaoke Player (x32)
Winamp (x32 Version: 5.63 )
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
WinRAR 4.20 (64-bit) (Version: 4.20.0)

==================== Restore Points =========================

02-07-2013 20:13:32 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {0C13055C-EF76-4A55-9247-E1B1F0930B4F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06] (Google Inc.)
Task: {13B3F6A3-D476-4174-9547-F12E992DFA08} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {150448C3-D5CA-4114-AB32-2127F2D61585} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06] (Google Inc.)
Task: {8E76777A-B914-473B-9E20-A8A4017A1B2C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {9DA5CFDA-77BA-478A-A7BA-3EC285989EFC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {A1E190B4-3AD0-455A-9A98-C67E684136C3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {FA083270-8CB5-4916-A3A2-6D9E7C41FA6A} - System32\Tasks\{F39109CC-7982-4FDF-8B04-10085BE91D8D} => C:\IGRICE INSTALIRANO\Total War Shogun 2 - Fall Of The Samurai\Shogun2.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2013 06:04:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/02/2013 06:04:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/02/2013 06:04:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/02/2013 06:04:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2013 05:14:24 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/02/2013 05:14:24 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/02/2013 01:43:52 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/02/2013 01:43:52 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/01/2013 02:31:36 AM) (Source: Application Error) (User: )
Description: Faulting application name: fm.exe, version: 13.3.3.31972, time stamp: 0x514c8b4d
Faulting module name: fm.exe, version: 13.3.3.31972, time stamp: 0x514c8b4d
Exception code: 0xc0000005
Fault offset: 0x014dbcc0
Faulting process id: 0xe74
Faulting application start time: 0xfm.exe0
Faulting application path: fm.exe1
Faulting module path: fm.exe2
Report Id: fm.exe3

Error: (07/01/2013 00:31:20 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (06/28/2013 10:16:54 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (06/28/2013 10:16:53 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (06/28/2013 10:16:52 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (06/28/2013 10:16:50 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (06/28/2013 10:16:49 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (06/28/2013 10:16:49 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (06/24/2013 06:32:00 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (06/22/2013 10:54:20 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (06/21/2013 06:24:36 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (06/21/2013 06:24:35 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================
Error: (07/02/2013 06:04:51 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"d:\igrice instalirano\total war shogun 2 - fall of the samurai\redist\flashsecurity1.exe

Error: (07/02/2013 06:04:51 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"d:\igrice instalirano\total war shogun 2 - fall of the samurai\redist\flashsecurity.exe

Error: (07/02/2013 06:04:50 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"d:\igrice instalirano\total war shogun 2 - fall of the samurai\benchmarks\benchmark_output.exe

Error: (07/02/2013 06:04:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (07/02/2013 05:14:24 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (07/02/2013 05:14:24 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (07/02/2013 01:43:52 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (07/02/2013 01:43:52 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (07/01/2013 02:31:36 AM) (Source: Application Error)(User: )
Description: fm.exe13.3.3.31972514c8b4dfm.exe13.3.3.31972514c8b4dc0000005014dbcc0e7401ce75d654b3b9daD:\IGRICE INSTALIRANO\Football Manager 2013\steamapps\common\Football Manager 2013\fm.exeD:\IGRICE INSTALIRANO\Football Manager 2013\steamapps\common\Football Manager 2013\fm.exe96038639-e1e5-11e2-a9d9-902b3457752f

Error: (07/01/2013 00:31:20 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000


CodeIntegrity Errors:
===================================
Date: 2013-04-30 14:55:45.608
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-30 14:55:45.556
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-30 14:55:43.052
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-30 14:55:43.001
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-30 14:55:37.984
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-30 14:55:37.931
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-30 14:55:35.233
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sy_ because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-30 14:55:35.181
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sy_ because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-30 14:55:32.209
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-30 14:55:32.155
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 16333.01 MB
Available physical RAM: 13458.87 MB
Total Pagefile: 32664.2 MB
Available Pagefile: 29714.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:23.97 GB) NTFS (Disk=0 Partition=2)
Drive d: () (Fixed) (Total:833.86 GB) (Free:230.7 GB) NTFS (Disk=0 Partition=3)
Drive e: (My Disc) (CDROM) (Total:3.42 GB) (Free:0 GB) CDFS
Drive f: (COH2) (CDROM) (Total:10.95 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E6A8DF3A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=834 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Crazy North,

but when I started using Firefox a few times I had a situation where I wasn't able to close some stupid message about "caret browsing" or something like that


The link below tells you about what Caret browsing is. Nothing malicious.

http://en.wikipedia....aret_navigation

I believe hitting F7 in Firefox will allow you to turn on/off caret browsing.

Nothing in the way of malware is leaping out at me.

I do see application errors in you event log that appear to be related to Microsoft Visual C++ 2010 Redistributable Package (x86).

Try downloading and installing http://www.microsoft...ls.aspx?id=5555

Reboot after installing and see if it has made a difference.

Come back and tell me how you got on.
  • 0

#5
Crazy North

Crazy North

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
It says that I have a newer version of it, and my Pc doesn't have requirements to install it and such...

The thing with caret browsing was, I open FF and the message pops up about it, and I click ok. Right after it with no pause the same message pops up, then again and again and so on...I can't do nothing but turn my browser off in task manager. Generally a lot of programs are not responding or have strange bugs

Edited by Crazy North, 02 July 2013 - 06:15 PM.

  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Generally a lot of programs are not responding or have strange bugs


The event log suggests conflict going on and there are also other possibilities, software corruption, hardware failure of some sort or maybe overheating.

Having said that let's look a bit further at the possibility of malware.

Firstly let's do this:

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Put a checkmark beside loaded modules.

    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    Posted Image

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  • 0

#7
Crazy North

Crazy North

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Hey, I got 2 reports somehow...TDSSKiller.2.8.16.0_03.07.2013_23.39.40_log and TDSSKiller.2.8.16.0_03.07.2013_23.42.00_log

I'm posting them both. I didn't have cure option, just skip by the way, and 4 threats...

23:39:40.0703 2436 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:39:41.0032 2436 ============================================================
23:39:41.0032 2436 Current date / time: 2013/07/03 23:39:41.0032
23:39:41.0032 2436 SystemInfo:
23:39:41.0032 2436
23:39:41.0032 2436 OS Version: 6.1.7601 ServicePack: 1.0
23:39:41.0032 2436 Product type: Workstation
23:39:41.0032 2436 ComputerName: PETAR-PC
23:39:41.0032 2436 UserName: Petar
23:39:41.0032 2436 Windows directory: C:\Windows
23:39:41.0032 2436 System windows directory: C:\Windows
23:39:41.0032 2436 Running under WOW64
23:39:41.0032 2436 Processor architecture: Intel x64
23:39:41.0032 2436 Number of processors: 8
23:39:41.0032 2436 Page size: 0x1000
23:39:41.0032 2436 Boot type: Normal boot
23:39:41.0032 2436 ============================================================
23:39:45.0015 2436 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:39:45.0031 2436 ============================================================
23:39:45.0031 2436 \Device\Harddisk0\DR0:
23:39:45.0031 2436 MBR partitions:
23:39:45.0031 2436 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:39:45.0031 2436 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31D800
23:39:45.0031 2436 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350000, BlocksNum 0x683B6000
23:39:45.0031 2436 ============================================================
23:39:45.0054 2436 C: <-> \Device\Harddisk0\DR0\Partition2
23:39:45.0082 2436 D: <-> \Device\Harddisk0\DR0\Partition3
23:39:45.0082 2436 ============================================================
23:39:45.0084 2436 Initialize success
23:39:45.0084 2436 ============================================================
23:40:26.0378 2432 Deinitialize success







23:42:00.0253 3768 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:42:02.0266 3768 ============================================================
23:42:02.0266 3768 Current date / time: 2013/07/03 23:42:02.0266
23:42:02.0266 3768 SystemInfo:
23:42:02.0266 3768
23:42:02.0266 3768 OS Version: 6.1.7601 ServicePack: 1.0
23:42:02.0266 3768 Product type: Workstation
23:42:02.0266 3768 ComputerName: PETAR-PC
23:42:02.0266 3768 UserName: Petar
23:42:02.0266 3768 Windows directory: C:\Windows
23:42:02.0266 3768 System windows directory: C:\Windows
23:42:02.0266 3768 Running under WOW64
23:42:02.0266 3768 Processor architecture: Intel x64
23:42:02.0266 3768 Number of processors: 8
23:42:02.0266 3768 Page size: 0x1000
23:42:02.0266 3768 Boot type: Normal boot
23:42:02.0266 3768 ============================================================
23:42:07.0585 3768 BG loaded
23:42:07.0882 3768 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:42:07.0913 3768 ============================================================
23:42:07.0913 3768 \Device\Harddisk0\DR0:
23:42:07.0913 3768 MBR partitions:
23:42:07.0913 3768 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:42:07.0913 3768 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31D800
23:42:07.0913 3768 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350000, BlocksNum 0x683B6000
23:42:07.0913 3768 ============================================================
23:42:07.0944 3768 C: <-> \Device\Harddisk0\DR0\Partition2
23:42:08.0006 3768 D: <-> \Device\Harddisk0\DR0\Partition3
23:42:08.0006 3768 ============================================================
23:42:08.0006 3768 Initialize success
23:42:08.0006 3768 ============================================================
23:42:43.0320 5004 ============================================================
23:42:43.0320 5004 Scan started
23:42:43.0320 5004 Mode: Manual; SigCheck; TDLFS;
23:42:43.0320 5004 ============================================================
23:42:49.0271 5004 ================ Scan system memory ========================
23:42:49.0271 5004 System memory - ok
23:42:49.0271 5004 ================ Scan services =============================
23:42:49.0394 5004 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:42:49.0492 5004 1394ohci - ok
23:42:49.0514 5004 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:42:49.0527 5004 ACPI - ok
23:42:49.0542 5004 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:42:49.0569 5004 AcpiPmi - ok
23:42:49.0622 5004 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:42:49.0644 5004 AdobeARMservice - ok
23:42:49.0744 5004 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:42:49.0760 5004 AdobeFlashPlayerUpdateSvc - ok
23:42:49.0807 5004 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:42:49.0838 5004 adp94xx - ok
23:42:49.0854 5004 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:42:49.0854 5004 adpahci - ok
23:42:49.0869 5004 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:42:49.0890 5004 adpu320 - ok
23:42:49.0907 5004 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:42:49.0940 5004 AeLookupSvc - ok
23:42:49.0965 5004 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:42:49.0995 5004 AFD - ok
23:42:50.0007 5004 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:42:50.0017 5004 agp440 - ok
23:42:50.0027 5004 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:42:50.0045 5004 ALG - ok
23:42:50.0057 5004 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:42:50.0065 5004 aliide - ok
23:42:50.0077 5004 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:42:50.0085 5004 amdide - ok
23:42:50.0087 5004 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:42:50.0100 5004 AmdK8 - ok
23:42:50.0102 5004 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:42:50.0117 5004 AmdPPM - ok
23:42:50.0130 5004 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:42:50.0140 5004 amdsata - ok
23:42:50.0150 5004 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:42:50.0160 5004 amdsbs - ok
23:42:50.0170 5004 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:42:50.0177 5004 amdxata - ok
23:42:50.0210 5004 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:42:50.0265 5004 AppID - ok
23:42:50.0265 5004 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:42:50.0326 5004 AppIDSvc - ok
23:42:50.0341 5004 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
23:42:50.0359 5004 Appinfo - ok
23:42:50.0405 5004 [ 85D561F46E1AA7750726C45598BDB9EC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
23:42:50.0421 5004 AppleCharger - ok
23:42:50.0452 5004 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
23:42:50.0452 5004 AppleChargerSrv - ok
23:42:50.0473 5004 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
23:42:50.0483 5004 AppMgmt - ok
23:42:50.0495 5004 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:42:50.0503 5004 arc - ok
23:42:50.0505 5004 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:42:50.0523 5004 arcsas - ok
23:42:50.0601 5004 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:42:50.0655 5004 aspnet_state - ok
23:42:50.0678 5004 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
23:42:50.0699 5004 aswFsBlk - ok
23:42:50.0735 5004 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:42:50.0740 5004 aswMonFlt - ok
23:42:50.0761 5004 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
23:42:50.0761 5004 aswRdr - ok
23:42:50.0802 5004 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
23:42:50.0830 5004 aswRvrt - ok
23:42:50.0866 5004 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:42:50.0897 5004 aswSnx - ok
23:42:50.0913 5004 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:42:50.0913 5004 aswSP - ok
23:42:50.0934 5004 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
23:42:50.0939 5004 aswTdi - ok
23:42:50.0971 5004 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
23:42:50.0981 5004 aswVmm - ok
23:42:50.0986 5004 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:42:51.0019 5004 AsyncMac - ok
23:42:51.0041 5004 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:42:51.0046 5004 atapi - ok
23:42:51.0074 5004 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:42:51.0114 5004 AudioEndpointBuilder - ok
23:42:51.0121 5004 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:42:51.0146 5004 AudioSrv - ok
23:42:51.0321 5004 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:42:51.0341 5004 avast! Antivirus - ok
23:42:51.0361 5004 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:42:51.0404 5004 AxInstSV - ok
23:42:51.0426 5004 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:42:51.0459 5004 b06bdrv - ok
23:42:51.0474 5004 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:42:51.0504 5004 b57nd60a - ok
23:42:51.0529 5004 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:42:51.0559 5004 BDESVC - ok
23:42:51.0564 5004 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:42:51.0620 5004 Beep - ok
23:42:51.0677 5004 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:42:51.0720 5004 BFE - ok
23:42:51.0737 5004 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:42:51.0825 5004 BITS - ok
23:42:51.0852 5004 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:42:51.0880 5004 blbdrive - ok
23:42:51.0907 5004 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:42:51.0935 5004 bowser - ok
23:42:51.0945 5004 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:42:51.0978 5004 BrFiltLo - ok
23:42:51.0995 5004 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:42:52.0018 5004 BrFiltUp - ok
23:42:52.0035 5004 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:42:52.0053 5004 Browser - ok
23:42:52.0078 5004 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:42:52.0108 5004 Brserid - ok
23:42:52.0120 5004 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:42:52.0140 5004 BrSerWdm - ok
23:42:52.0148 5004 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:42:52.0175 5004 BrUsbMdm - ok
23:42:52.0190 5004 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:42:52.0203 5004 BrUsbSer - ok
23:42:52.0213 5004 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:42:52.0235 5004 BTHMODEM - ok
23:42:52.0245 5004 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:42:52.0288 5004 bthserv - ok
23:42:52.0303 5004 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:42:52.0335 5004 cdfs - ok
23:42:52.0373 5004 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:42:52.0407 5004 cdrom - ok
23:42:52.0422 5004 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:42:52.0454 5004 CertPropSvc - ok
23:42:52.0464 5004 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:42:52.0474 5004 circlass - ok
23:42:52.0489 5004 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:42:52.0499 5004 CLFS - ok
23:42:52.0554 5004 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:42:52.0577 5004 clr_optimization_v2.0.50727_32 - ok
23:42:52.0602 5004 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:42:52.0618 5004 clr_optimization_v2.0.50727_64 - ok
23:42:52.0680 5004 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:42:52.0812 5004 clr_optimization_v4.0.30319_32 - ok
23:42:52.0831 5004 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:42:52.0877 5004 clr_optimization_v4.0.30319_64 - ok
23:42:52.0877 5004 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:42:52.0909 5004 CmBatt - ok
23:42:52.0929 5004 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:42:52.0960 5004 cmdide - ok
23:42:52.0978 5004 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:42:53.0010 5004 CNG - ok
23:42:53.0028 5004 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:42:53.0043 5004 Compbatt - ok
23:42:53.0043 5004 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:42:53.0077 5004 CompositeBus - ok
23:42:53.0077 5004 COMSysApp - ok
23:42:53.0093 5004 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:42:53.0108 5004 crcdisk - ok
23:42:53.0139 5004 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:42:53.0171 5004 CryptSvc - ok
23:42:53.0189 5004 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
23:42:53.0220 5004 CSC - ok
23:42:53.0238 5004 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
23:42:53.0254 5004 CscService - ok
23:42:53.0285 5004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:42:53.0332 5004 DcomLaunch - ok
23:42:53.0363 5004 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:42:53.0402 5004 defragsvc - ok
23:42:53.0437 5004 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:42:53.0499 5004 DfsC - ok
23:42:53.0519 5004 dgderdrv - ok
23:42:53.0529 5004 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:42:53.0562 5004 Dhcp - ok
23:42:53.0574 5004 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:42:53.0617 5004 discache - ok
23:42:53.0634 5004 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:42:53.0644 5004 Disk - ok
23:42:53.0672 5004 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:42:53.0694 5004 Dnscache - ok
23:42:53.0722 5004 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:42:53.0754 5004 dot3svc - ok
23:42:53.0767 5004 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:42:53.0799 5004 DPS - ok
23:42:53.0822 5004 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:42:53.0852 5004 drmkaud - ok
23:42:53.0889 5004 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:42:53.0914 5004 dtsoftbus01 - ok
23:42:53.0972 5004 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:42:54.0014 5004 DXGKrnl - ok
23:42:54.0050 5004 [ E53D32044F4A03D64D6C91CF0A22A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
23:42:54.0066 5004 e1cexpress - ok
23:42:54.0084 5004 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:42:54.0131 5004 EapHost - ok
23:42:54.0256 5004 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:42:54.0339 5004 ebdrv - ok
23:42:54.0354 5004 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:42:54.0401 5004 EFS - ok
23:42:54.0450 5004 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:42:54.0500 5004 ehRecvr - ok
23:42:54.0515 5004 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:42:54.0549 5004 ehSched - ok
23:42:54.0564 5004 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:42:54.0583 5004 elxstor - ok
23:42:54.0598 5004 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:42:54.0614 5004 ErrDev - ok
23:42:54.0629 5004 [ 84486624268E078255BC7AA47F0960BC ] etdrv C:\Windows\etdrv.sys
23:42:54.0629 5004 etdrv - ok
23:42:54.0661 5004 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:42:54.0739 5004 EventSystem - ok
23:42:54.0739 5004 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:42:54.0770 5004 exfat - ok
23:42:54.0785 5004 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:42:54.0801 5004 fastfat - ok
23:42:54.0832 5004 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:42:54.0866 5004 Fax - ok
23:42:54.0881 5004 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:42:54.0897 5004 fdc - ok
23:42:54.0897 5004 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:42:54.0933 5004 fdPHost - ok
23:42:54.0945 5004 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:42:54.0983 5004 FDResPub - ok
23:42:54.0990 5004 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:42:54.0998 5004 FileInfo - ok
23:42:55.0000 5004 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:42:55.0030 5004 Filetrace - ok
23:42:55.0045 5004 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:42:55.0053 5004 flpydisk - ok
23:42:55.0065 5004 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:42:55.0075 5004 FltMgr - ok
23:42:55.0088 5004 [ F462F09219A2A4F3F29A4AD46B65A4FB ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
23:42:55.0095 5004 FLxHCIc - ok
23:42:55.0115 5004 [ CA85C39648882C46B5AF9287C8753C2F ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
23:42:55.0123 5004 FLxHCIh - ok
23:42:55.0188 5004 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
23:42:55.0219 5004 FontCache - ok
23:42:55.0256 5004 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:42:55.0287 5004 FontCache3.0.0.0 - ok
23:42:55.0287 5004 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:42:55.0302 5004 FsDepends - ok
23:42:55.0339 5004 [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk C:\Windows\SysWOW64\FsUsbExDisk.SYS
23:42:55.0354 5004 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
23:42:55.0354 5004 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
23:42:55.0370 5004 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:42:55.0385 5004 Fs_Rec - ok
23:42:55.0432 5004 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:42:55.0466 5004 fvevol - ok
23:42:55.0484 5004 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:42:55.0500 5004 gagp30kx - ok
23:42:55.0515 5004 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
23:42:55.0533 5004 gdrv - ok
23:42:55.0583 5004 [ 530FEB1E37831302F58B7C219BE6B844 ] GENERICDRV C:\Program Files (x86)\GIGABYTE\ET6\amifldrv64.sys
23:42:55.0598 5004 GENERICDRV - ok
23:42:55.0645 5004 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:42:55.0707 5004 gpsvc - ok
23:42:55.0739 5004 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:42:55.0754 5004 gupdate - ok
23:42:55.0754 5004 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:42:55.0770 5004 gupdatem - ok
23:42:55.0785 5004 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
23:42:55.0785 5004 GVTDrv64 - ok
23:42:55.0801 5004 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:42:55.0817 5004 hcw85cir - ok
23:42:55.0848 5004 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:42:55.0866 5004 HdAudAddService - ok
23:42:55.0897 5004 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:42:55.0936 5004 HDAudBus - ok
23:42:55.0936 5004 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:42:55.0985 5004 HidBatt - ok
23:42:55.0985 5004 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:42:56.0016 5004 HidBth - ok
23:42:56.0032 5004 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:42:56.0048 5004 HidIr - ok
23:42:56.0063 5004 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:42:56.0094 5004 hidserv - ok
23:42:56.0112 5004 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:42:56.0128 5004 HidUsb - ok
23:42:56.0162 5004 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:42:56.0209 5004 hkmsvc - ok
23:42:56.0242 5004 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:42:56.0289 5004 HomeGroupListener - ok
23:42:56.0320 5004 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:42:56.0354 5004 HomeGroupProvider - ok
23:42:56.0370 5004 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:42:56.0385 5004 HpSAMD - ok
23:42:56.0411 5004 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:42:56.0459 5004 HTTP - ok
23:42:56.0479 5004 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:42:56.0487 5004 hwpolicy - ok
23:42:56.0507 5004 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:42:56.0517 5004 i8042prt - ok
23:42:56.0534 5004 [ D74C64686AB5B41BBA9CEB700128F818 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
23:42:56.0550 5004 iaStorA - ok
23:42:56.0584 5004 [ 8CE4629A95A0938B377FD3663A672DFD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
23:42:56.0589 5004 IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - warning
23:42:56.0589 5004 IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic (1)
23:42:56.0604 5004 [ 3ECCCB41BDCC7A1270091DC0DA66993A ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
23:42:56.0620 5004 iaStorF - ok
23:42:56.0651 5004 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:42:56.0685 5004 iaStorV - ok
23:42:56.0685 5004 [ 33D4D4A24791587E83F7EE05A446FB7E ] ICCS C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
23:42:56.0700 5004 ICCS ( UnsignedFile.Multi.Generic ) - warning
23:42:56.0700 5004 ICCS - detected UnsignedFile.Multi.Generic (1)
23:42:56.0732 5004 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:42:56.0732 5004 IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:42:56.0732 5004 IDriverT - detected UnsignedFile.Multi.Generic (1)
23:42:56.0763 5004 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:42:56.0799 5004 idsvc - ok
23:42:56.0848 5004 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:42:56.0864 5004 iirsp - ok
23:42:56.0895 5004 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:42:56.0958 5004 IKEEXT - ok
23:42:57.0051 5004 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:42:57.0097 5004 IntcAzAudAddService - ok
23:42:57.0137 5004 [ 4A9EB8AC8959C580ADCADDBDBBEBE033 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
23:42:57.0240 5004 Intel® PROSet Monitoring Service - ok
23:42:57.0261 5004 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:42:57.0282 5004 intelide - ok
23:42:57.0282 5004 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:42:57.0305 5004 intelppm - ok
23:42:57.0327 5004 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:42:57.0388 5004 IPBusEnum - ok
23:42:57.0403 5004 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:42:57.0443 5004 IpFilterDriver - ok
23:42:57.0460 5004 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:42:57.0488 5004 iphlpsvc - ok
23:42:57.0500 5004 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:42:57.0518 5004 IPMIDRV - ok
23:42:57.0528 5004 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:42:57.0543 5004 IPNAT - ok
23:42:57.0558 5004 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:42:57.0582 5004 IRENUM - ok
23:42:57.0582 5004 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:42:57.0597 5004 isapnp - ok
23:42:57.0613 5004 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:42:57.0613 5004 iScsiPrt - ok
23:42:57.0628 5004 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:42:57.0644 5004 kbdclass - ok
23:42:57.0644 5004 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:42:57.0644 5004 kbdhid - ok
23:42:57.0660 5004 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:42:57.0675 5004 KeyIso - ok
23:42:57.0691 5004 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:42:57.0691 5004 KSecDD - ok
23:42:57.0706 5004 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:42:57.0722 5004 KSecPkg - ok
23:42:57.0722 5004 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:42:57.0753 5004 ksthunk - ok
23:42:57.0769 5004 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:42:57.0800 5004 KtmRm - ok
23:42:57.0816 5004 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:42:57.0841 5004 LanmanServer - ok
23:42:57.0857 5004 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:42:57.0872 5004 LanmanWorkstation - ok
23:42:57.0872 5004 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:42:57.0919 5004 lltdio - ok
23:42:57.0919 5004 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:42:57.0968 5004 lltdsvc - ok
23:42:57.0968 5004 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:42:58.0002 5004 lmhosts - ok
23:42:58.0018 5004 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:42:58.0018 5004 LSI_FC - ok
23:42:58.0033 5004 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:42:58.0033 5004 LSI_SAS - ok
23:42:58.0049 5004 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:42:58.0049 5004 LSI_SAS2 - ok
23:42:58.0065 5004 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:42:58.0065 5004 LSI_SCSI - ok
23:42:58.0088 5004 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:42:58.0119 5004 luafv - ok
23:42:58.0150 5004 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:42:58.0150 5004 Mcx2Svc - ok
23:42:58.0166 5004 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:42:58.0166 5004 megasas - ok
23:42:58.0166 5004 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:42:58.0186 5004 MegaSR - ok
23:42:58.0202 5004 [ 86614752D2FAE34CCD9E7B2AABA5FBEC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:42:58.0217 5004 MEIx64 - ok
23:42:58.0254 5004 Microsoft SharePoint Workspace Audit Service - ok
23:42:58.0254 5004 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:42:58.0316 5004 MMCSS - ok
23:42:58.0319 5004 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:42:58.0334 5004 Modem - ok
23:42:58.0368 5004 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:42:58.0383 5004 monitor - ok
23:42:58.0399 5004 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:42:58.0399 5004 mouclass - ok
23:42:58.0415 5004 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:42:58.0415 5004 mouhid - ok
23:42:58.0430 5004 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:42:58.0448 5004 mountmgr - ok
23:42:58.0464 5004 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:42:58.0480 5004 MozillaMaintenance - ok
23:42:58.0480 5004 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:42:58.0495 5004 mpio - ok
23:42:58.0511 5004 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:42:58.0526 5004 mpsdrv - ok
23:42:58.0558 5004 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:42:58.0604 5004 MpsSvc - ok
23:42:58.0620 5004 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:42:58.0636 5004 MRxDAV - ok
23:42:58.0651 5004 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:42:58.0667 5004 mrxsmb - ok
23:42:58.0667 5004 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:42:58.0682 5004 mrxsmb10 - ok
23:42:58.0698 5004 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:42:58.0714 5004 mrxsmb20 - ok
23:42:58.0729 5004 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:42:58.0729 5004 msahci - ok
23:42:58.0745 5004 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:42:58.0760 5004 msdsm - ok
23:42:58.0778 5004 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:42:58.0794 5004 MSDTC - ok
23:42:58.0810 5004 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:42:58.0843 5004 Msfs - ok
23:42:58.0843 5004 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:42:58.0890 5004 mshidkmdf - ok
23:42:58.0893 5004 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:42:58.0908 5004 msisadrv - ok
23:42:58.0929 5004 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:42:58.0944 5004 MSiSCSI - ok
23:42:58.0944 5004 msiserver - ok
23:42:58.0976 5004 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:42:58.0991 5004 MSKSSRV - ok
23:42:58.0991 5004 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:42:59.0025 5004 MSPCLOCK - ok
23:42:59.0041 5004 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:42:59.0072 5004 MSPQM - ok
23:42:59.0102 5004 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:42:59.0115 5004 MsRPC - ok
23:42:59.0122 5004 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:42:59.0130 5004 mssmbios - ok
23:42:59.0140 5004 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:42:59.0162 5004 MSTEE - ok
23:42:59.0172 5004 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:42:59.0182 5004 MTConfig - ok
23:42:59.0187 5004 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:42:59.0195 5004 Mup - ok
23:42:59.0217 5004 [ 97CCA67FCDABB8441149F04B34ABF510 ] mvs91xx C:\Windows\system32\DRIVERS\mvs91xx.sys
23:42:59.0227 5004 mvs91xx - ok
23:42:59.0245 5004 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:42:59.0268 5004 napagent - ok
23:42:59.0314 5004 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:42:59.0330 5004 NativeWifiP - ok
23:42:59.0345 5004 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:42:59.0361 5004 NDIS - ok
23:42:59.0377 5004 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:42:59.0408 5004 NdisCap - ok
23:42:59.0423 5004 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:42:59.0439 5004 NdisTapi - ok
23:42:59.0470 5004 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:42:59.0504 5004 Ndisuio - ok
23:42:59.0535 5004 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:42:59.0566 5004 NdisWan - ok
23:42:59.0582 5004 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:42:59.0605 5004 NDProxy - ok
23:42:59.0605 5004 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:42:59.0636 5004 NetBIOS - ok
23:42:59.0652 5004 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:42:59.0667 5004 NetBT - ok
23:42:59.0693 5004 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:42:59.0695 5004 Netlogon - ok
23:42:59.0711 5004 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:42:59.0742 5004 Netman - ok
23:42:59.0807 5004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:59.0841 5004 NetMsmqActivator - ok
23:42:59.0841 5004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:59.0856 5004 NetPipeActivator - ok
23:42:59.0872 5004 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:42:59.0919 5004 netprofm - ok
23:42:59.0937 5004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:59.0939 5004 NetTcpActivator - ok
23:42:59.0939 5004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:59.0939 5004 NetTcpPortSharing - ok
23:42:59.0971 5004 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:42:59.0971 5004 nfrd960 - ok
23:42:59.0989 5004 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:43:00.0007 5004 NlaSvc - ok
23:43:00.0007 5004 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:43:00.0022 5004 Npfs - ok
23:43:00.0056 5004 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:43:00.0092 5004 nsi - ok
23:43:00.0092 5004 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:43:00.0124 5004 nsiproxy - ok
23:43:00.0155 5004 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:43:00.0204 5004 Ntfs - ok
23:43:00.0204 5004 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:43:00.0253 5004 Null - ok
23:43:00.0287 5004 [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
23:43:00.0303 5004 NVHDA - ok
23:43:00.0466 5004 [ EE6B7B6A54BCAFF516E30B1C15467495 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:43:00.0612 5004 nvlddmkm - ok
23:43:00.0645 5004 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:43:00.0645 5004 nvraid - ok
23:43:00.0676 5004 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:43:00.0676 5004 nvstor - ok
23:43:00.0710 5004 [ 25626309AD2F81D47C829CCB5E46E478 ] nvsvc C:\Windows\system32\nvvsvc.exe
23:43:00.0725 5004 nvsvc - ok
23:43:00.0815 5004 [ A9AFE5B0648C8D7A411A72D8222F7F6E ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:43:00.0858 5004 nvUpdatusService - ok
23:43:00.0886 5004 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:43:00.0886 5004 nv_agp - ok
23:43:00.0902 5004 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:43:00.0918 5004 ohci1394 - ok
23:43:00.0936 5004 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:43:00.0951 5004 ose - ok
23:43:01.0164 5004 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:43:01.0276 5004 osppsvc - ok
23:43:01.0291 5004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:43:01.0307 5004 p2pimsvc - ok
23:43:01.0323 5004 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:43:01.0338 5004 p2psvc - ok
23:43:01.0356 5004 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:43:01.0356 5004 Parport - ok
23:43:01.0372 5004 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:43:01.0387 5004 partmgr - ok
23:43:01.0403 5004 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:43:01.0419 5004 PcaSvc - ok
23:43:01.0452 5004 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:43:01.0468 5004 pci - ok
23:43:01.0484 5004 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:43:01.0486 5004 pciide - ok
23:43:01.0504 5004 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:43:01.0504 5004 pcmcia - ok
23:43:01.0520 5004 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:43:01.0520 5004 pcw - ok
23:43:01.0535 5004 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:43:01.0567 5004 PEAUTH - ok
23:43:01.0631 5004 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:43:01.0663 5004 PeerDistSvc - ok
23:43:01.0709 5004 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:43:01.0741 5004 PerfHost - ok
23:43:01.0819 5004 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:43:01.0919 5004 pla - ok
23:43:01.0935 5004 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:43:01.0966 5004 PlugPlay - ok
23:43:01.0982 5004 PnkBstrA - ok
23:43:01.0982 5004 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:43:02.0013 5004 PNRPAutoReg - ok
23:43:02.0013 5004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:43:02.0028 5004 PNRPsvc - ok
23:43:02.0044 5004 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:43:02.0091 5004 PolicyAgent - ok
23:43:02.0091 5004 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:43:02.0124 5004 Power - ok
23:43:02.0158 5004 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:43:02.0207 5004 PptpMiniport - ok
23:43:02.0236 5004 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:43:02.0276 5004 Processor - ok
23:43:02.0303 5004 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:43:02.0321 5004 ProfSvc - ok
23:43:02.0343 5004 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:43:02.0351 5004 ProtectedStorage - ok
23:43:02.0371 5004 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:43:02.0393 5004 Psched - ok
23:43:02.0423 5004 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:43:02.0456 5004 ql2300 - ok
23:43:02.0471 5004 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:43:02.0478 5004 ql40xx - ok
23:43:02.0491 5004 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:43:02.0506 5004 QWAVE - ok
23:43:02.0516 5004 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:43:02.0528 5004 QWAVEdrv - ok
23:43:02.0533 5004 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:43:02.0556 5004 RasAcd - ok
23:43:02.0558 5004 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:43:02.0589 5004 RasAgileVpn - ok
23:43:02.0605 5004 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:43:02.0620 5004 RasAuto - ok
23:43:02.0636 5004 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:43:02.0667 5004 Rasl2tp - ok
23:43:02.0667 5004 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:43:02.0701 5004 RasMan - ok
23:43:02.0717 5004 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:43:02.0779 5004 RasPppoe - ok
23:43:02.0795 5004 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:43:02.0826 5004 RasSstp - ok
23:43:02.0841 5004 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:43:02.0875 5004 rdbss - ok
23:43:02.0875 5004 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:43:02.0891 5004 rdpbus - ok
23:43:02.0891 5004 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:43:02.0927 5004 RDPCDD - ok
23:43:02.0942 5004 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:43:02.0958 5004 RDPDR - ok
23:43:02.0974 5004 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:43:03.0020 5004 RDPENCDD - ok
23:43:03.0020 5004 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:43:03.0036 5004 RDPREFMP - ok
23:43:03.0067 5004 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:43:03.0067 5004 RdpVideoMiniport - ok
23:43:03.0088 5004 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:43:03.0088 5004 RDPWD - ok
23:43:03.0103 5004 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:43:03.0103 5004 rdyboost - ok
23:43:03.0119 5004 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:43:03.0153 5004 RemoteAccess - ok
23:43:03.0168 5004 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:43:03.0205 5004 RemoteRegistry - ok
23:43:03.0220 5004 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:43:03.0241 5004 RpcEptMapper - ok
23:43:03.0256 5004 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:43:03.0256 5004 RpcLocator - ok
23:43:03.0288 5004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:43:03.0303 5004 RpcSs - ok
23:43:03.0319 5004 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:43:03.0342 5004 rspndr - ok
23:43:03.0357 5004 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:43:03.0373 5004 s3cap - ok
23:43:03.0373 5004 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:43:03.0389 5004 SamSs - ok
23:43:03.0404 5004 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:43:03.0404 5004 sbp2port - ok
23:43:03.0404 5004 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:43:03.0438 5004 SCardSvr - ok
23:43:03.0454 5004 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:43:03.0495 5004 scfilter - ok
23:43:03.0515 5004 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:43:03.0557 5004 Schedule - ok
23:43:03.0572 5004 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:43:03.0592 5004 SCPolicySvc - ok
23:43:03.0604 5004 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:43:03.0624 5004 SDRSVC - ok
23:43:03.0632 5004 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:43:03.0642 5004 secdrv - ok
23:43:03.0673 5004 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:43:03.0705 5004 seclogon - ok
23:43:03.0720 5004 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:43:03.0745 5004 SENS - ok
23:43:03.0758 5004 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:43:03.0768 5004 SensrSvc - ok
23:43:03.0790 5004 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:43:03.0808 5004 Serenum - ok
23:43:03.0818 5004 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:43:03.0828 5004 Serial - ok
23:43:03.0838 5004 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:43:03.0853 5004 sermouse - ok
23:43:03.0873 5004 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:43:03.0895 5004 SessionEnv - ok
23:43:03.0915 5004 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:43:03.0933 5004 sffdisk - ok
23:43:03.0933 5004 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:43:03.0953 5004 sffp_mmc - ok
23:43:03.0955 5004 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:43:03.0973 5004 sffp_sd - ok
23:43:03.0978 5004 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:43:03.0988 5004 sfloppy - ok
23:43:04.0008 5004 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:43:04.0033 5004 SharedAccess - ok
23:43:04.0058 5004 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:43:04.0089 5004 ShellHWDetection - ok
23:43:04.0105 5004 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:43:04.0105 5004 SiSRaid2 - ok
23:43:04.0120 5004 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:43:04.0120 5004 SiSRaid4 - ok
23:43:04.0151 5004 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:43:04.0185 5004 Smb - ok
23:43:04.0201 5004 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:43:04.0201 5004 SNMPTRAP - ok
23:43:04.0216 5004 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:43:04.0216 5004 spldr - ok
23:43:04.0247 5004 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:43:04.0263 5004 Spooler - ok
23:43:04.0312 5004 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:43:04.0380 5004 sppsvc - ok
23:43:04.0398 5004 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:43:04.0410 5004 sppuinotify - ok
23:43:04.0442 5004 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:43:04.0457 5004 srv - ok
23:43:04.0473 5004 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:43:04.0488 5004 srv2 - ok
23:43:04.0488 5004 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:43:04.0504 5004 srvnet - ok
23:43:04.0520 5004 [ 52D6F40B50ECFC051979FEC68E74F0F8 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
23:43:04.0520 5004 ssadbus - ok
23:43:04.0551 5004 [ D6CFD3B2EABCF9327DE39C62BABFA1E3 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
23:43:04.0566 5004 ssadmdfl - ok
23:43:04.0566 5004 [ 5EB01E6148742C3EC2185AC92F6D16FD ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
23:43:04.0587 5004 ssadmdm - ok
23:43:04.0589 5004 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:43:04.0636 5004 SSDPSRV - ok
23:43:04.0652 5004 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:43:04.0667 5004 SstpSvc - ok
23:43:04.0686 5004 Steam Client Service - ok
23:43:04.0735 5004 [ 2222073BE0232E70A397B8302293AA9D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:43:04.0735 5004 Stereo Service - ok
23:43:04.0750 5004 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:43:04.0750 5004 stexstor - ok
23:43:04.0766 5004 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:43:04.0800 5004 stisvc - ok
23:43:04.0815 5004 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:43:04.0833 5004 storflt - ok
23:43:04.0833 5004 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:43:04.0849 5004 storvsc - ok
23:43:04.0849 5004 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:43:04.0865 5004 swenum - ok
23:43:04.0880 5004 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:43:04.0896 5004 swprv - ok
23:43:04.0911 5004 Synth3dVsc - ok
23:43:04.0932 5004 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:43:04.0963 5004 SysMain - ok
23:43:04.0979 5004 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:43:04.0981 5004 TabletInputService - ok
23:43:04.0997 5004 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:43:05.0031 5004 TapiSrv - ok
23:43:05.0046 5004 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:43:05.0077 5004 TBS - ok
23:43:05.0109 5004 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:43:05.0158 5004 Tcpip - ok
23:43:05.0277 5004 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:43:05.0293 5004 TCPIP6 - ok
23:43:05.0351 5004 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:43:05.0354 5004 tcpipreg - ok
23:43:05.0370 5004 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:43:05.0385 5004 TDPIPE - ok
23:43:05.0401 5004 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:43:05.0416 5004 TDTCP - ok
23:43:05.0432 5004 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:43:05.0448 5004 tdx - ok
23:43:05.0463 5004 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:43:05.0479 5004 TermDD - ok
23:43:05.0494 5004 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:43:05.0541 5004 TermService - ok
23:43:05.0557 5004 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:43:05.0572 5004 Themes - ok
23:43:05.0593 5004 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:43:05.0624 5004 THREADORDER - ok
23:43:05.0624 5004 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:43:05.0655 5004 TrkWks - ok
23:43:05.0671 5004 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:43:05.0705 5004 TrustedInstaller - ok
23:43:05.0720 5004 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:43:05.0756 5004 tssecsrv - ok
23:43:05.0756 5004 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:43:05.0790 5004 TsUsbFlt - ok
23:43:05.0793 5004 tsusbhub - ok
23:43:05.0808 5004 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:43:05.0840 5004 tunnel - ok
23:43:05.0855 5004 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:43:05.0863 5004 uagp35 - ok
23:43:05.0870 5004 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:43:05.0895 5004 udfs - ok
23:43:05.0908 5004 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:43:05.0918 5004 UI0Detect - ok
23:43:05.0938 5004 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:43:05.0945 5004 uliagpkx - ok
23:43:05.0948 5004 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
23:43:05.0960 5004 umbus - ok
23:43:05.0973 5004 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:43:05.0988 5004 UmPass - ok
23:43:06.0000 5004 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
23:43:06.0013 5004 UmRdpService - ok
23:43:06.0033 5004 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:43:06.0071 5004 upnphost - ok
23:43:06.0091 5004 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:43:06.0108 5004 usbaudio - ok
23:43:06.0111 5004 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:43:06.0131 5004 usbccgp - ok
23:43:06.0146 5004 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:43:06.0171 5004 usbcir - ok
23:43:06.0186 5004 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:43:06.0202 5004 usbehci - ok
23:43:06.0218 5004 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:43:06.0233 5004 usbhub - ok
23:43:06.0236 5004 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:43:06.0251 5004 usbohci - ok
23:43:06.0267 5004 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:43:06.0282 5004 usbprint - ok
23:43:06.0282 5004 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:43:06.0314 5004 USBSTOR - ok
23:43:06.0314 5004 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:43:06.0329 5004 usbuhci - ok
23:43:06.0345 5004 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:43:06.0376 5004 UxSms - ok
23:43:06.0392 5004 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:43:06.0410 5004 VaultSvc - ok
23:43:06.0417 5004 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:43:06.0425 5004 vdrvroot - ok
23:43:06.0455 5004 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:43:06.0482 5004 vds - ok
23:43:06.0492 5004 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:43:06.0505 5004 vga - ok
23:43:06.0515 5004 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:43:06.0535 5004 VgaSave - ok
23:43:06.0537 5004 VGPU - ok
23:43:06.0552 5004 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:43:06.0560 5004 vhdmp - ok
23:43:06.0562 5004 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:43:06.0570 5004 viaide - ok
23:43:06.0577 5004 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:43:06.0587 5004 vmbus - ok
23:43:06.0597 5004 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:43:06.0597 5004 VMBusHID - ok
23:43:06.0613 5004 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:43:06.0628 5004 volmgr - ok
23:43:06.0644 5004 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:43:06.0660 5004 volmgrx - ok
23:43:06.0675 5004 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:43:06.0678 5004 volsnap - ok
23:43:06.0693 5004 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:43:06.0709 5004 vsmraid - ok
23:43:06.0725 5004 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:43:06.0787 5004 VSS - ok
23:43:06.0787 5004 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:43:06.0803 5004 vwifibus - ok
23:43:06.0836 5004 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:43:06.0867 5004 W32Time - ok
23:43:06.0883 5004 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:43:06.0883 5004 WacomPen - ok
23:43:06.0899 5004 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:43:06.0930 5004 WANARP - ok
23:43:06.0932 5004 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:43:06.0950 5004 Wanarpv6 - ok
23:43:06.0982 5004 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:43:07.0013 5004 wbengine - ok
23:43:07.0028 5004 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:43:07.0031 5004 WbioSrvc - ok
23:43:07.0047 5004 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:43:07.0062 5004 wcncsvc - ok
23:43:07.0062 5004 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:43:07.0098 5004 WcsPlugInService - ok
23:43:07.0098 5004 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:43:07.0114 5004 Wd - ok
23:43:07.0130 5004 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:43:07.0145 5004 Wdf01000 - ok
23:43:07.0161 5004 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:43:07.0181 5004 WdiServiceHost - ok
23:43:07.0184 5004 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:43:07.0184 5004 WdiSystemHost - ok
23:43:07.0215 5004 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:43:07.0246 5004 WebClient - ok
23:43:07.0262 5004 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:43:07.0282 5004 Wecsvc - ok
23:43:07.0298 5004 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:43:07.0334 5004 wercplsupport - ok
23:43:07.0350 5004 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:43:07.0365 5004 WerSvc - ok
23:43:07.0386 5004 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:43:07.0402 5004 WfpLwf - ok
23:43:07.0417 5004 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:43:07.0417 5004 WIMMount - ok
23:43:07.0433 5004 WinDefend - ok
23:43:07.0433 5004 WinHttpAutoProxySvc - ok
23:43:07.0480 5004 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:43:07.0495 5004 Winmgmt - ok
23:43:07.0529 5004 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:43:07.0594 5004 WinRM - ok
23:43:07.0625 5004 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:43:07.0625 5004 WinUsb - ok
23:43:07.0641 5004 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:43:07.0672 5004 Wlansvc - ok
23:43:07.0690 5004 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:43:07.0690 5004 WmiAcpi - ok
23:43:07.0706 5004 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:43:07.0721 5004 wmiApSrv - ok
23:43:07.0739 5004 WMPNetworkSvc - ok
23:43:07.0739 5004 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:43:07.0755 5004 WPCSvc - ok
23:43:07.0770 5004 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:43:07.0786 5004 WPDBusEnum - ok
23:43:07.0802 5004 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:43:07.0833 5004 ws2ifsl - ok
23:43:07.0835 5004 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:43:07.0856 5004 wscsvc - ok
23:43:07.0856 5004 WSearch - ok
23:43:07.0887 5004 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:43:07.0939 5004 wuauserv - ok
23:43:07.0955 5004 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:43:07.0970 5004 WudfPf - ok
23:43:07.0986 5004 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:43:08.0001 5004 WUDFRd - ok
23:43:08.0017 5004 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:43:08.0033 5004 wudfsvc - ok
23:43:08.0048 5004 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:43:08.0079 5004 WwanSvc - ok
23:43:08.0102 5004 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
23:43:08.0118 5004 xnacc - ok
23:43:08.0118 5004 ================ Scan global ===============================
23:43:08.0134 5004 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:43:08.0165 5004 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:43:08.0165 5004 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:43:08.0180 5004 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:43:08.0196 5004 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:43:08.0196 5004 [Global] - ok
23:43:08.0196 5004 ================ Scan MBR ==================================
23:43:08.0212 5004 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:43:08.0518 5004 \Device\Harddisk0\DR0 - ok
23:43:08.0518 5004 ================ Scan VBR ==================================
23:43:08.0552 5004 [ D8F21C2493DA143D493074031B84C81E ] \Device\Harddisk0\DR0\Partition1
23:43:08.0552 5004 \Device\Harddisk0\DR0\Partition1 - ok
23:43:08.0552 5004 [ 29863381CBE9859859B41F26A80C8B15 ] \Device\Harddisk0\DR0\Partition2
23:43:08.0552 5004 \Device\Harddisk0\DR0\Partition2 - ok
23:43:08.0567 5004 [ EAD8E301E8D1618D824817964A9492E5 ] \Device\Harddisk0\DR0\Partition3
23:43:08.0567 5004 \Device\Harddisk0\DR0\Partition3 - ok
23:43:08.0583 5004 ================ Scan active images ========================
23:43:08.0583 5004 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
23:43:08.0585 5004 C:\Windows\System32\drivers\crashdmp.sys - ok
23:43:08.0588 5004 [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
23:43:08.0588 5004 C:\Windows\System32\drivers\Diskdump.sys - ok
23:43:08.0593 5004 [ D74C64686AB5B41BBA9CEB700128F818 ] C:\Windows\System32\drivers\iaStorA.sys
23:43:08.0593 5004 C:\Windows\System32\drivers\iaStorA.sys - ok
23:43:08.0598 5004 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
23:43:08.0598 5004 C:\Windows\System32\drivers\dumpfve.sys - ok
23:43:08.0603 5004 [ 46571ED73AE84469DCA53081D33CF3C8 ] C:\Windows\System32\drivers\dtsoftbus01.sys
23:43:08.0603 5004 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
23:43:08.0608 5004 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
23:43:08.0608 5004 C:\Windows\System32\drivers\cdrom.sys - ok
23:43:08.0610 5004 [ 8C0800CDB501CFC1164B286A0478DC10 ] C:\Windows\System32\drivers\aswSnx.sys
23:43:08.0610 5004 C:\Windows\System32\drivers\aswSnx.sys - ok
23:43:08.0613 5004 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
23:43:08.0613 5004 C:\Windows\System32\drivers\beep.sys - ok
23:43:08.0613 5004 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
23:43:08.0613 5004 C:\Windows\System32\drivers\null.sys - ok
23:43:08.0613 5004 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
23:43:08.0613 5004 C:\Windows\System32\drivers\vga.sys - ok
23:43:08.0629 5004 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
23:43:08.0629 5004 C:\Windows\System32\drivers\videoprt.sys - ok
23:43:08.0629 5004 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
23:43:08.0629 5004 C:\Windows\System32\drivers\watchdog.sys - ok
23:43:08.0629 5004 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
23:43:08.0629 5004 C:\Windows\System32\drivers\RDPCDD.sys - ok
23:43:08.0629 5004 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
23:43:08.0629 5004 C:\Windows\System32\drivers\RDPENCDD.sys - ok
23:43:08.0629 5004 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
23:43:08.0629 5004 C:\Windows\System32\drivers\RDPREFMP.sys - ok
23:43:08.0629 5004 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
23:43:08.0629 5004 C:\Windows\System32\drivers\msfs.sys - ok
23:43:08.0629 5004 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
23:43:08.0629 5004 C:\Windows\System32\drivers\npfs.sys - ok
23:43:08.0644 5004 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
23:43:08.0644 5004 C:\Windows\System32\drivers\tdi.sys - ok
23:43:08.0644 5004 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
23:43:08.0644 5004 C:\Windows\System32\drivers\tdx.sys - ok
23:43:08.0644 5004 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
23:43:08.0644 5004 C:\Windows\System32\drivers\afd.sys - ok
23:43:08.0644 5004 [ 64E2BAB4096C13D2342BC4661C967E07 ] C:\Windows\System32\drivers\aswRdr2.sys
23:43:08.0644 5004 C:\Windows\System32\drivers\aswRdr2.sys - ok
23:43:08.0644 5004 [ 29DD8E458A84171202AA4979364C30C0 ] C:\Windows\System32\drivers\aswTdi.sys
23:43:08.0644 5004 C:\Windows\System32\drivers\aswTdi.sys - ok
23:43:08.0644 5004 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
23:43:08.0644 5004 C:\Windows\System32\drivers\mssmbios.sys - ok
23:43:08.0644 5004 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
23:43:08.0644 5004 C:\Windows\System32\drivers\netbios.sys - ok
23:43:08.0660 5004 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
23:43:08.0660 5004 C:\Windows\System32\drivers\netbt.sys - ok
23:43:08.0660 5004 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
23:43:08.0660 5004 C:\Windows\System32\drivers\nsiproxy.sys - ok
23:43:08.0660 5004 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
23:43:08.0660 5004 C:\Windows\System32\drivers\pacer.sys - ok
23:43:08.0660 5004 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
23:43:08.0660 5004 C:\Windows\System32\drivers\rdbss.sys - ok
23:43:08.0660 5004 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
23:43:08.0660 5004 C:\Windows\System32\drivers\serial.sys - ok
23:43:08.0660 5004 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
23:43:08.0660 5004 C:\Windows\System32\drivers\termdd.sys - ok
23:43:08.0660 5004 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
23:43:08.0660 5004 C:\Windows\System32\drivers\wanarp.sys - ok
23:43:08.0660 5004 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
23:43:08.0660 5004 C:\Windows\System32\drivers\wfplwf.sys - ok
23:43:08.0660 5004 [ 3815DB16CDA62190F5C0A65118F3D714 ] C:\Windows\System32\drivers\aswSP.sys
23:43:08.0660 5004 C:\Windows\System32\drivers\aswSP.sys - ok
23:43:08.0675 5004 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
23:43:08.0675 5004 C:\Windows\System32\drivers\blbdrive.sys - ok
23:43:08.0678 5004 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
23:43:08.0678 5004 C:\Windows\System32\drivers\csc.sys - ok
23:43:08.0680 5004 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
23:43:08.0680 5004 C:\Windows\System32\drivers\dfsc.sys - ok
23:43:08.0680 5004 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
23:43:08.0680 5004 C:\Windows\System32\drivers\discache.sys - ok
23:43:08.0680 5004 [ 85D561F46E1AA7750726C45598BDB9EC ] C:\Windows\System32\drivers\AppleCharger.sys
23:43:08.0680 5004 C:\Windows\System32\drivers\AppleCharger.sys - ok
23:43:08.0680 5004 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
23:43:08.0680 5004 C:\Windows\System32\drivers\tunnel.sys - ok
23:43:08.0680 5004 [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
23:43:08.0680 5004 C:\Windows\System32\smss.exe - ok
23:43:08.0680 5004 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
23:43:08.0680 5004 C:\Windows\System32\ntdll.dll - ok
23:43:08.0680 5004 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
23:43:08.0680 5004 C:\Windows\System32\autochk.exe - ok
23:43:08.0680 5004 [ EE6B7B6A54BCAFF516E30B1C15467495 ] C:\Windows\System32\drivers\nvlddmkm.sys
23:43:08.0680 5004 C:\Windows\System32\drivers\nvlddmkm.sys - ok
23:43:08.0680 5004 [ AF2E16242AA723F68F461B6EAE2EAD3D ] C:\Windows\System32\drivers\dxgkrnl.sys
23:43:08.0680 5004 C:\Windows\System32\drivers\dxgkrnl.sys - ok
23:43:08.0696 5004 [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
23:43:08.0696 5004 C:\Windows\System32\drivers\dxgmms1.sys - ok
23:43:08.0696 5004 [ E53D32044F4A03D64D6C91CF0A22A77E ] C:\Windows\System32\drivers\e1c62x64.sys
23:43:08.0696 5004 C:\Windows\System32\drivers\e1c62x64.sys - ok
23:43:08.0696 5004 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
23:43:08.0696 5004 C:\Windows\System32\drivers\hdaudbus.sys - ok
23:43:08.0696 5004 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
23:43:08.0696 5004 C:\Windows\System32\drivers\usbport.sys - ok
23:43:08.0696 5004 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
23:43:08.0696 5004 C:\Windows\System32\drivers\usbd.sys - ok
23:43:08.0696 5004 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
23:43:08.0696 5004 C:\Windows\System32\drivers\usbehci.sys - ok
23:43:08.0696 5004 [ F462F09219A2A4F3F29A4AD46B65A4FB ] C:\Windows\System32\drivers\FLxHCIc.sys
23:43:08.0696 5004 C:\Windows\System32\drivers\FLxHCIc.sys - ok
23:43:08.0696 5004 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
23:43:08.0696 5004 C:\Windows\System32\drivers\serenum.sys - ok
23:43:08.0712 5004 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
23:43:08.0712 5004 C:\Windows\System32\drivers\wmiacpi.sys - ok
23:43:08.0712 5004 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
23:43:08.0712 5004 C:\Windows\System32\drivers\agilevpn.sys - ok
23:43:08.0712 5004 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
23:43:08.0712 5004 C:\Windows\System32\drivers\CompositeBus.sys - ok
23:43:08.0712 5004 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
23:43:08.0712 5004 C:\Windows\System32\drivers\intelppm.sys - ok
23:43:08.0712 5004 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
23:43:08.0712 5004 C:\Windows\System32\drivers\ndistapi.sys - ok
23:43:08.0712 5004 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
23:43:08.0712 5004 C:\Windows\System32\drivers\ndiswan.sys - ok
23:43:08.0712 5004 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
23:43:08.0712 5004 C:\Windows\System32\drivers\rasl2tp.sys - ok
23:43:08.0712 5004 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
23:43:08.0712 5004 C:\Windows\System32\drivers\raspppoe.sys - ok
23:43:08.0712 5004 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
23:43:08.0712 5004 C:\Windows\System32\drivers\raspptp.sys - ok
23:43:08.0727 5004 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
23:43:08.0727 5004 C:\Windows\System32\drivers\kbdclass.sys - ok
23:43:08.0727 5004 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
23:43:08.0727 5004 C:\Windows\System32\drivers\ks.sys - ok
23:43:08.0727 5004 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
23:43:08.0727 5004 C:\Windows\System32\drivers\mouclass.sys - ok
23:43:08.0727 5004 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
23:43:08.0727 5004 C:\Windows\System32\drivers\rassstp.sys - ok
23:43:08.0727 5004 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
23:43:08.0727 5004 C:\Windows\System32\drivers\rdpbus.sys - ok
23:43:08.0727 5004 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
23:43:08.0727 5004 C:\Windows\System32\drivers\swenum.sys - ok
23:43:08.0727 5004 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
23:43:08.0727 5004 C:\Windows\System32\drivers\umbus.sys - ok
23:43:08.0727 5004 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
23:43:08.0727 5004 C:\Windows\System32\drivers\usbhub.sys - ok
23:43:08.0743 5004 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
23:43:08.0743 5004 C:\Windows\System32\drivers\drmk.sys - ok
23:43:08.0743 5004 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
23:43:08.0743 5004 C:\Windows\System32\drivers\ndproxy.sys - ok
23:43:08.0743 5004 [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] C:\Windows\System32\drivers\nvhda64v.sys
23:43:08.0743 5004 C:\Windows\System32\drivers\nvhda64v.sys - ok
23:43:08.0743 5004 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
23:43:08.0743 5004 C:\Windows\System32\drivers\portcls.sys - ok
23:43:08.0743 5004 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
23:43:08.0743 5004 C:\Windows\System32\drivers\ksthunk.sys - ok
23:43:08.0743 5004 [ C2F868881D48A568B525255F084EF063 ] C:\Windows\System32\drivers\RTKVHD64.sys
23:43:08.0743 5004 C:\Windows\System32\drivers\RTKVHD64.sys - ok
23:43:08.0743 5004 [ CA85C39648882C46B5AF9287C8753C2F ] C:\Windows\System32\drivers\FLxHCIh.sys
23:43:08.0743 5004 C:\Windows\System32\drivers\FLxHCIh.sys - ok
23:43:08.0743 5004 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
23:43:08.0743 5004 C:\Windows\System32\drivers\cdfs.sys - ok
23:43:08.0743 5004 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
23:43:08.0743 5004 C:\Windows\System32\rpcrt4.dll - ok
23:43:08.0758 5004 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
23:43:08.0758 5004 C:\Windows\System32\imagehlp.dll - ok
23:43:08.0758 5004 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
23:43:08.0758 5004 C:\Windows\System32\msctf.dll - ok
23:43:08.0758 5004 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
23:43:08.0758 5004 C:\Windows\System32\normaliz.dll - ok
23:43:08.0758 5004 [ BF11B116409376F070A00D7978C03643 ] C:\Windows\System32\urlmon.dll
23:43:08.0758 5004 C:\Windows\System32\urlmon.dll - ok
23:43:08.0758 5004 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
23:43:08.0758 5004 C:\Windows\System32\gdi32.dll - ok
23:43:08.0758 5004 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
23:43:08.0758 5004 C:\Windows\System32\ole32.dll - ok
23:43:08.0758 5004 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
23:43:08.0758 5004 C:\Windows\System32\clbcatq.dll - ok
23:43:08.0758 5004 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
23:43:08.0758 5004 C:\Windows\System32\lpk.dll - ok
23:43:08.0758 5004 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
23:43:08.0758 5004 C:\Windows\System32\ws2_32.dll - ok
23:43:08.0774 5004 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
23:43:08.0774 5004 C:\Windows\System32\sechost.dll - ok
23:43:08.0776 5004 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
23:43:08.0776 5004 C:\Windows\System32\kernel32.dll - ok
23:43:08.0776 5004 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
23:43:08.0776 5004 C:\Windows\System32\user32.dll - ok
23:43:08.0776 5004 [ 12716D987D475B051F35895659159705 ] C:\Windows\System32\wininet.dll
23:43:08.0776 5004 C:\Windows\System32\wininet.dll - ok
23:43:08.0776 5004 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
23:43:08.0776 5004 C:\Windows\System32\psapi.dll - ok
23:43:08.0776 5004 [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\Windows\System32\shell32.dll
23:43:08.0776 5004 C:\Windows\System32\shell32.dll - ok
23:43:08.0776 5004 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
23:43:08.0776 5004 C:\Windows\System32\difxapi.dll - ok
23:43:08.0776 5004 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
23:43:08.0776 5004 C:\Windows\System32\imm32.dll - ok
23:43:08.0776 5004 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
23:43:08.0776 5004 C:\Windows\System32\Wldap32.dll - ok
23:43:08.0776 5004 [ 9ACD5BC528F8FFA885EFF895A95B35C4 ] C:\Windows\System32\iertutil.dll
23:43:08.0776 5004 C:\Windows\System32\iertutil.dll - ok
23:43:08.0792 5004 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
23:43:08.0792 5004 C:\Windows\System32\advapi32.dll - ok
23:43:08.0792 5004 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
23:43:08.0792 5004 C:\Windows\System32\comdlg32.dll - ok
23:43:08.0792 5004 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
23:43:08.0792 5004 C:\Windows\System32\oleaut32.dll - ok
23:43:08.0792 5004 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
23:43:08.0792 5004 C:\Windows\System32\msvcrt.dll - ok
23:43:08.0792 5004 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
23:43:08.0792 5004 C:\Windows\System32\setupapi.dll - ok
23:43:08.0792 5004 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
23:43:08.0792 5004 C:\Windows\System32\shlwapi.dll - ok
23:43:08.0792 5004 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
23:43:08.0792 5004 C:\Windows\System32\usp10.dll - ok
23:43:08.0792 5004 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
23:43:08.0792 5004 C:\Windows\System32\nsi.dll - ok
23:43:08.0792 5004 [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
23:43:08.0792 5004 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
23:43:08.0808 5004 [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
23:43:08.0808 5004 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
23:43:08.0808 5004 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
23:43:08.0808 5004 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
23:43:08.0808 5004 [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
23:43:08.0808 5004 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
23:43:08.0808 5004 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
23:43:08.0808 5004 C:\Windows\System32\devobj.dll - ok
23:43:08.0808 5004 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
23:43:08.0808 5004 C:\Windows\System32\KernelBase.dll - ok
23:43:08.0808 5004 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
23:43:08.0808 5004 C:\Windows\System32\wintrust.dll - ok
23:43:08.0808 5004 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
23:43:08.0808 5004 C:\Windows\System32\comctl32.dll - ok
23:43:08.0808 5004 [ A96D5ECA5742603E0E345C4F6B801F5E ] C:\Windows\System32\crypt32.dll
23:43:08.0808 5004 C:\Windows\System32\crypt32.dll - ok
23:43:08.0823 5004 [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
23:43:08.0823 5004 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
23:43:08.0826 5004 [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
23:43:08.0826 5004 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
23:43:08.0826 5004 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
23:43:08.0826 5004 C:\Windows\System32\cfgmgr32.dll - ok
23:43:08.0826 5004 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
23:43:08.0826 5004 C:\Windows\System32\msasn1.dll - ok
23:43:08.0826 5004 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
23:43:08.0826 5004 C:\Windows\System32\drivers\usbccgp.sys - ok
23:43:08.0826 5004 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
23:43:08.0826 5004 C:\Windows\System32\drivers\hidclass.sys - ok
23:43:08.0826 5004 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
23:43:08.0826 5004 C:\Windows\System32\drivers\hidparse.sys - ok
23:43:08.0826 5004 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
23:43:08.0826 5004 C:\Windows\System32\drivers\hidusb.sys - ok
23:43:08.0826 5004 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
23:43:08.0826 5004 C:\Windows\System32\drivers\kbdhid.sys - ok
23:43:08.0826 5004 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
23:43:08.0826 5004 C:\Windows\System32\drivers\mouhid.sys - ok
23:43:08.0841 5004 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
23:43:08.0841 5004 C:\Windows\SysWOW64\normaliz.dll - ok
23:43:08.0841 5004 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
23:43:08.0841 5004 C:\Windows\System32\drivers\dxapi.sys - ok
23:43:08.0841 5004 [ A11523523B31086DD760C0189C763359 ] C:\Windows\System32\win32k.sys
23:43:08.0841 5004 C:\Windows\System32\win32k.sys - ok
23:43:08.0841 5004 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
23:43:08.0841 5004 C:\Windows\System32\basesrv.dll - ok
23:43:08.0841 5004 [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
23:43:08.0841 5004 C:\Windows\System32\csrsrv.dll - ok
23:43:08.0841 5004 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
23:43:08.0841 5004 C:\Windows\System32\csrss.exe - ok
23:43:08.0841 5004 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
23:43:08.0841 5004 C:\Windows\System32\winsrv.dll - ok
23:43:08.0841 5004 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
23:43:08.0841 5004 C:\Windows\System32\drivers\monitor.sys - ok
23:43:08.0841 5004 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
23:43:08.0841 5004 C:\Windows\System32\sxssrv.dll - ok
23:43:08.0857 5004 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
23:43:08.0857 5004 C:\Windows\System32\tsddd.dll - ok
23:43:08.0857 5004 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
23:43:08.0857 5004 C:\Windows\System32\wininit.exe - ok
23:43:08.0857 5004 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
23:43:08.0857 5004 C:\Windows\System32\cdd.dll - ok
23:43:08.0857 5004 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
23:43:08.0857 5004 C:\Windows\System32\KBDUS.DLL - ok
23:43:08.0857 5004 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
23:43:08.0857 5004 C:\Windows\System32\profapi.dll - ok
23:43:08.0857 5004 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
23:43:08.0857 5004 C:\Windows\System32\RpcRtRemote.dll - ok
23:43:08.0857 5004 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
23:43:08.0857 5004 C:\Windows\System32\WlS0WndH.dll - ok
23:43:08.0857 5004 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
23:43:08.0857 5004 C:\Windows\System32\sxs.dll - ok
23:43:08.0857 5004 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
23:43:08.0857 5004 C:\Windows\System32\cryptbase.dll - ok
23:43:08.0873 5004 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
23:43:08.0873 5004 C:\Windows\System32\apphelp.dll - ok
23:43:08.0873 5004 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
23:43:08.0873 5004 C:\Windows\System32\lsass.exe - ok
23:43:08.0873 5004 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
23:43:08.0873 5004 C:\Windows\System32\lsm.exe - ok
23:43:08.0873 5004 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
23:43:08.0873 5004 C:\Windows\System32\services.exe - ok
23:43:08.0873 5004 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
23:43:08.0873 5004 C:\Windows\System32\sspicli.dll - ok
23:43:08.0873 5004 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
23:43:08.0873 5004 C:\Windows\System32\sspisrv.dll - ok
23:43:08.0873 5004 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
23:43:08.0873 5004 C:\Windows\System32\scext.dll - ok
23:43:08.0873 5004 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
23:43:08.0873 5004 C:\Windows\System32\sysntfy.dll - ok
23:43:08.0888 5004 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
23:43:08.0888 5004 C:\Windows\System32\wmsgapi.dll - ok
23:43:08.0888 5004 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
23:43:08.0888 5004 C:\Windows\System32\scesrv.dll - ok
23:43:08.0888 5004 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
23:43:08.0888 5004 C:\Windows\System32\secur32.dll - ok
23:43:08.0888 5004 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
23:43:08.0888 5004 C:\Windows\System32\lsasrv.dll - ok
23:43:08.0888 5004 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
23:43:08.0888 5004 C:\Windows\System32\srvcli.dll - ok
23:43:08.0888 5004 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
23:43:08.0888 5004 C:\Windows\System32\samsrv.dll - ok
23:43:08.0888 5004 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
23:43:08.0888 5004 C:\Windows\System32\authz.dll - ok
23:43:08.0888 5004 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
23:43:08.0888 5004 C:\Windows\System32\cngaudit.dll - ok
23:43:08.0888 5004 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
23:43:08.0888 5004 C:\Windows\System32\cryptdll.dll - ok
23:43:08.0904 5004 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
23:43:08.0904 5004 C:\Windows\System32\ncrypt.dll - ok
23:43:08.0904 5004 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
23:43:08.0904 5004 C:\Windows\System32\wevtapi.dll - ok
23:43:08.0904 5004 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
23:43:08.0904 5004 C:\Windows\System32\bcrypt.dll - ok
23:43:08.0904 5004 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
23:43:08.0904 5004 C:\Windows\System32\msprivs.dll - ok
23:43:08.0904 5004 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
23:43:08.0904 5004 C:\Windows\System32\winlogon.exe - ok
23:43:08.0904 5004 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
23:43:08.0904 5004 C:\Windows\System32\netjoin.dll - ok
23:43:08.0904 5004 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
23:43:08.0904 5004 C:\Windows\System32\negoexts.dll - ok
23:43:08.0904 5004 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
23:43:08.0904 5004 C:\Windows\System32\kerberos.dll - ok
23:43:08.0904 5004 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
23:43:08.0904 5004 C:\Windows\System32\cryptsp.dll - ok
23:43:08.0919 5004 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
23:43:08.0919 5004 C:\Windows\System32\mswsock.dll - ok
23:43:08.0919 5004 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
23:43:08.0919 5004 C:\Windows\System32\wship6.dll - ok
23:43:08.0919 5004 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
23:43:08.0919 5004 C:\Windows\System32\msv1_0.dll - ok
23:43:08.0919 5004 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
23:43:08.0919 5004 C:\Windows\System32\winsta.dll - ok
23:43:08.0919 5004 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
23:43:08.0919 5004 C:\Windows\System32\netlogon.dll - ok
23:43:08.0919 5004 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
23:43:08.0919 5004 C:\Windows\System32\dnsapi.dll - ok
23:43:08.0919 5004 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
23:43:08.0919 5004 C:\Windows\System32\logoncli.dll - ok
23:43:08.0919 5004 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
23:43:08.0919 5004 C:\Windows\System32\schannel.dll - ok
23:43:08.0919 5004 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
23:43:08.0919 5004 C:\Windows\System32\wdigest.dll - ok
23:43:08.0935 5004 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
23:43:08.0935 5004 C:\Windows\System32\rsaenh.dll - ok
23:43:08.0937 5004 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
23:43:08.0937 5004 C:\Windows\System32\TSpkg.dll - ok
23:43:08.0937 5004 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
23:43:08.0937 5004 C:\Windows\System32\pku2u.dll - ok
23:43:08.0937 5004 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
23:43:08.0937 5004 C:\Windows\System32\bcryptprimitives.dll - ok
23:43:08.0937 5004 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
23:43:08.0937 5004 C:\Windows\System32\efslsaext.dll - ok
23:43:08.0937 5004 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
23:43:08.0937 5004 C:\Windows\System32\credssp.dll - ok
23:43:08.0937 5004 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
23:43:08.0937 5004 C:\Windows\System32\ubpm.dll - ok
23:43:08.0937 5004 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
23:43:08.0937 5004 C:\Windows\System32\scecli.dll - ok
23:43:08.0937 5004 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
23:43:08.0937 5004 C:\Windows\System32\svchost.exe - ok
23:43:08.0937 5004 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
23:43:08.0937 5004 C:\Windows\System32\devrtl.dll - ok
23:43:08.0953 5004 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
23:43:08.0953 5004 C:\Windows\System32\SPInf.dll - ok
23:43:08.0953 5004 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
23:43:08.0953 5004 C:\Windows\System32\umpnpmgr.dll - ok
23:43:08.0953 5004 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
23:43:08.0953 5004 C:\Windows\System32\gpapi.dll - ok
23:43:08.0953 5004 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
23:43:08.0953 5004 C:\Windows\System32\userenv.dll - ok
23:43:08.0953 5004 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
23:43:08.0953 5004 C:\Windows\System32\pcwum.dll - ok
23:43:08.0953 5004 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
23:43:08.0953 5004 C:\Windows\System32\umpo.dll - ok
23:43:08.0953 5004 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
23:43:08.0953 5004 C:\Windows\System32\powrprof.dll - ok
23:43:08.0953 5004 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] C:\Windows\System32\drivers\aswFsBlk.sys
23:43:08.0953 5004 C:\Windows\System32\drivers\aswFsBlk.sys - ok
23:43:08.0953 5004 [ FA562F34ED6633C66170B09182B4C049 ] C:\Windows\System32\drivers\aswMonFlt.sys
23:43:08.0953 5004 C:\Windows\System32\drivers\aswMonFlt.sys - ok
23:43:08.0969 5004 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
23:43:08.0969 5004 C:\Windows\System32\drivers\luafv.sys - ok
23:43:08.0969 5004 [ 25626309AD2F81D47C829CCB5E46E478 ] C:\Windows\System32\nvvsvc.exe
23:43:08.0969 5004 C:\Windows\System32\nvvsvc.exe - ok
23:43:08.0969 5004 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
23:43:08.0969 5004 C:\Windows\System32\wtsapi32.dll - ok
23:43:08.0969 5004 [ 2222073BE0232E70A397B8302293AA9D ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:43:08.0969 5004 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
23:43:08.0969 5004 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
23:43:08.0969 5004 C:\Windows\SysWOW64\ntdll.dll - ok
23:43:08.0969 5004 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
23:43:08.0969 5004 C:\Windows\System32\wow64.dll - ok
23:43:08.0969 5004 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
23:43:08.0969 5004 C:\Windows\System32\wow64cpu.dll - ok
23:43:08.0969 5004 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
23:43:08.0969 5004 C:\Windows\System32\wow64win.dll - ok
23:43:08.0984 5004 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
23:43:08.0984 5004 C:\Windows\SysWOW64\kernel32.dll - ok
23:43:08.0984 5004 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
23:43:08.0984 5004 C:\Windows\SysWOW64\KernelBase.dll - ok
23:43:08.0987 5004 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
23:43:08.0987 5004 C:\Windows\SysWOW64\version.dll - ok
23:43:08.0987 5004 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
23:43:08.0987 5004 C:\Windows\SysWOW64\msvcrt.dll - ok
23:43:08.0987 5004 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
23:43:08.0987 5004 C:\Windows\SysWOW64\setupapi.dll - ok
23:43:08.0987 5004 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
23:43:08.0987 5004 C:\Windows\SysWOW64\cfgmgr32.dll - ok
23:43:08.0987 5004 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
23:43:08.0987 5004 C:\Windows\SysWOW64\rpcrt4.dll - ok
23:43:08.0987 5004 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
23:43:08.0987 5004 C:\Windows\SysWOW64\advapi32.dll - ok
23:43:08.0987 5004 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
23:43:08.0987 5004 C:\Windows\SysWOW64\cryptbase.dll - ok
23:43:08.0987 5004 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
23:43:08.0987 5004 C:\Windows\SysWOW64\gdi32.dll - ok
23:43:08.0987 5004 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
23:43:08.0987 5004 C:\Windows\SysWOW64\sechost.dll - ok
23:43:09.0002 5004 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
23:43:09.0002 5004 C:\Windows\SysWOW64\sspicli.dll - ok
23:43:09.0002 5004 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
23:43:09.0002 5004 C:\Windows\SysWOW64\user32.dll - ok
23:43:09.0002 5004 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
23:43:09.0002 5004 C:\Windows\SysWOW64\lpk.dll - ok
23:43:09.0002 5004 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
23:43:09.0002 5004 C:\Windows\SysWOW64\usp10.dll - ok
23:43:09.0002 5004 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
23:43:09.0002 5004 C:\Windows\SysWOW64\ole32.dll - ok
23:43:09.0002 5004 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
23:43:09.0002 5004 C:\Windows\SysWOW64\oleaut32.dll - ok
23:43:09.0002 5004 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
23:43:09.0002 5004 C:\Windows\SysWOW64\devobj.dll - ok
23:43:09.0002 5004 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
23:43:09.0002 5004 C:\Windows\SysWOW64\imm32.dll - ok
23:43:09.0002 5004 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
23:43:09.0002 5004 C:\Windows\SysWOW64\winspool.drv - ok
23:43:09.0018 5004 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
23:43:09.0018 5004 C:\Windows\SysWOW64\msctf.dll - ok
23:43:09.0018 5004 [ E51E9939C1266E70D3F93D5265C1E7D0 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
23:43:09.0018 5004 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
23:43:09.0018 5004 [ 23FF4CD0C71A23BD170DC40B33604D29 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
23:43:09.0018 5004 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
23:43:09.0018 5004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
23:43:09.0018 5004 C:\Windows\System32\rpcss.dll - ok
23:43:09.0018 5004 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
23:43:09.0018 5004 C:\Windows\SysWOW64\wintrust.dll - ok
23:43:09.0018 5004 [ 92245C959E5BC378809D2CC5E9F6E9C7 ] C:\Windows\SysWOW64\crypt32.dll
23:43:09.0018 5004 C:\Windows\SysWOW64\crypt32.dll - ok
23:43:09.0018 5004 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
23:43:09.0018 5004 C:\Windows\SysWOW64\msasn1.dll - ok
23:43:09.0018 5004 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
23:43:09.0018 5004 C:\Windows\SysWOW64\ntmarta.dll - ok
23:43:09.0034 5004 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
23:43:09.0034 5004 C:\Windows\SysWOW64\Wldap32.dll - ok
23:43:09.0034 5004 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
23:43:09.0034 5004 C:\Windows\System32\RpcEpMap.dll - ok
23:43:09.0034 5004 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
23:43:09.0034 5004 C:\Windows\System32\WSHTCPIP.DLL - ok
23:43:09.0034 5004 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
23:43:09.0034 5004 C:\Windows\System32\wshqos.dll - ok
23:43:09.0034 5004 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
23:43:09.0034 5004 C:\Windows\SysWOW64\devrtl.dll - ok
23:43:09.0034 5004 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
23:43:09.0034 5004 C:\Windows\SysWOW64\SPInf.dll - ok
23:43:09.0034 5004 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
23:43:09.0034 5004 C:\Windows\System32\FirewallAPI.dll - ok
23:43:09.0034 5004 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
23:43:09.0034 5004 C:\Windows\System32\version.dll - ok
23:43:09.0034 5004 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
23:43:09.0034 5004 C:\Windows\System32\wevtsvc.dll - ok
23:43:09.0049 5004 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
23:43:09.0049 5004 C:\Windows\System32\LogonUI.exe - ok
23:43:09.0049 5004 [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
23:43:09.0049 5004 C:\Windows\System32\authui.dll - ok
23:43:09.0049 5004 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
23:43:09.0049 5004 C:\Windows\System32\audiosrv.dll - ok
23:43:09.0049 5004 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
23:43:09.0049 5004 C:\Windows\System32\avrt.dll - ok
23:43:09.0049 5004 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
23:43:09.0049 5004 C:\Windows\System32\mmcss.dll - ok
23:43:09.0049 5004 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
23:43:09.0049 5004 C:\Windows\System32\FntCache.dll - ok
23:43:09.0049 5004 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
23:43:09.0049 5004 C:\Windows\System32\ntmarta.dll - ok
23:43:09.0049 5004 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
23:43:09.0049 5004 C:\Windows\System32\netprofm.dll - ok
23:43:09.0049 5004 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
23:43:09.0049 5004 C:\Windows\System32\adtschema.dll - ok
23:43:09.0065 5004 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
23:43:09.0065 5004 C:\Windows\System32\cryptui.dll - ok
23:43:09.0065 5004 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
23:43:09.0065 5004 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
23:43:09.0065 5004 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
23:43:09.0065 5004 C:\Windows\System32\MMDevAPI.dll - ok
23:43:09.0065 5004 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
23:43:09.0065 5004 C:\Windows\System32\propsys.dll - ok
23:43:09.0065 5004 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
23:43:09.0065 5004 C:\Windows\System32\samlib.dll - ok
23:43:09.0065 5004 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
23:43:09.0065 5004 C:\Windows\System32\shacct.dll - ok
23:43:09.0065 5004 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
23:43:09.0065 5004 C:\Windows\System32\uxtheme.dll - ok
23:43:09.0065 5004 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
23:43:09.0065 5004 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
23:43:09.0080 5004 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
23:43:09.0080 5004 C:\Windows\System32\dui70.dll - ok
23:43:09.0080 5004 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
23:43:09.0080 5004 C:\Windows\System32\duser.dll - ok
23:43:09.0080 5004 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
23:43:09.0080 5004 C:\Windows\System32\audiodg.exe - ok
23:43:09.0080 5004 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
23:43:09.0080 5004 C:\Windows\System32\cscsvc.dll - ok
23:43:09.0080 5004 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
23:43:09.0080 5004 C:\Windows\System32\gpsvc.dll - ok
23:43:09.0080 5004 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
23:43:09.0080 5004 C:\Windows\System32\nlaapi.dll - ok
23:43:09.0080 5004 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
23:43:09.0080 5004 C:\Windows\System32\atl.dll - ok
23:43:09.0080 5004 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
23:43:09.0080 5004 C:\Windows\System32\dsrole.dll - ok
23:43:09.0080 5004 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
23:43:09.0080 5004 C:\Windows\System32\es.dll - ok
23:43:09.0096 5004 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
23:43:09.0096 5004 C:\Windows\System32\PeerDist.dll - ok
23:43:09.0096 5004 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
23:43:09.0096 5004 C:\Windows\System32\profsvc.dll - ok
23:43:09.0096 5004 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
23:43:09.0096 5004 C:\Windows\System32\slc.dll - ok
23:43:09.0096 5004 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
23:43:09.0096 5004 C:\Windows\System32\taskschd.dll - ok
23:43:09.0096 5004 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
23:43:09.0096 5004 C:\Windows\System32\themeservice.dll - ok
23:43:09.0096 5004 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
23:43:09.0096 5004 C:\Windows\System32\Sens.dll - ok
23:43:09.0096 5004 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
23:43:09.0096 5004 C:\Windows\System32\mstask.dll - ok
23:43:09.0096 5004 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
23:43:09.0096 5004 C:\Windows\System32\uxsms.dll - ok
23:43:09.0096 5004 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
23:43:09.0096 5004 C:\Windows\System32\drivers\lltdio.sys - ok
23:43:09.0112 5004 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
23:43:09.0112 5004 C:\Windows\System32\drivers\rspndr.sys - ok
23:43:09.0114 5004 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
23:43:09.0114 5004 C:\Windows\System32\lmhsvc.dll - ok
23:43:09.0114 5004 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
23:43:09.0114 5004 C:\Windows\System32\nsisvc.dll - ok
23:43:09.0117 5004 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
23:43:09.0117 5004 C:\Windows\System32\dnsrslvr.dll - ok
23:43:09.0117 5004 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
23:43:09.0117 5004 C:\Windows\System32\winnsi.dll - ok
23:43:09.0117 5004 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
23:43:09.0117 5004 C:\Windows\System32\FWPUCLNT.DLL - ok
23:43:09.0117 5004 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
23:43:09.0117 5004 C:\Windows\System32\comres.dll - ok
23:43:09.0117 5004 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
23:43:09.0117 5004 C:\Windows\System32\dnsext.dll - ok
23:43:09.0117 5004 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
23:43:09.0117 5004 C:\Windows\System32\IPHLPAPI.DLL - ok
23:43:09.0117 5004 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
23:43:09.0117 5004 C:\Windows\System32\nrpsrv.dll - ok
23:43:09.0117 5004 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
23:43:09.0117 5004 C:\Windows\System32\dhcpcore.dll - ok
23:43:09.0117 5004 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
23:43:09.0117 5004 C:\Windows\System32\dhcpcore6.dll - ok
23:43:09.0132 5004 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
23:43:09.0132 5004 C:\Windows\System32\dwmapi.dll - ok
23:43:09.0132 5004 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
23:43:09.0132 5004 C:\Windows\System32\hid.dll - ok
23:43:09.0132 5004 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
23:43:09.0132 5004 C:\Windows\System32\ksuser.dll - ok
23:43:09.0132 5004 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
23:43:09.0132 5004 C:\Windows\System32\SndVolSSO.dll - ok
23:43:09.0132 5004 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
23:43:09.0132 5004 C:\Windows\System32\wdmaud.drv - ok
23:43:09.0132 5004 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
23:43:09.0132 5004 C:\Windows\System32\winmm.dll - ok
23:43:09.0132 5004 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
23:43:09.0132 5004 C:\Windows\System32\dhcpcsvc.dll - ok
23:43:09.0132 5004 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
23:43:09.0132 5004 C:\Windows\System32\dhcpcsvc6.dll - ok
23:43:09.0148 5004 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
23:43:09.0148 5004 C:\Windows\System32\MPSSVC.dll - ok
23:43:09.0148 5004 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
23:43:09.0148 5004 C:\Windows\System32\xmllite.dll - ok
23:43:09.0148 5004 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
23:43:09.0148 5004 C:\Windows\System32\AudioSes.dll - ok
23:43:09.0148 5004 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
23:43:09.0148 5004 C:\Windows\System32\midimap.dll - ok
23:43:09.0148 5004 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
23:43:09.0148 5004 C:\Windows\System32\msacm32.dll - ok
23:43:09.0148 5004 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
23:43:09.0148 5004 C:\Windows\System32\msacm32.drv - ok
23:43:09.0148 5004 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
23:43:09.0148 5004 C:\Windows\System32\AudioEng.dll - ok
23:43:09.0148 5004 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:43:09.0148 5004 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
23:43:09.0148 5004 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
23:43:09.0148 5004 C:\Windows\SysWOW64\ws2_32.dll - ok
23:43:09.0163 5004 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
23:43:09.0163 5004 C:\Windows\SysWOW64\nsi.dll - ok
23:43:09.0166 5004 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
23:43:09.0166 5004 C:\Windows\System32\drivers\fltMgr.sys - ok
23:43:09.0166 5004 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
23:43:09.0166 5004 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
23:43:09.0166 5004 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
23:43:09.0166 5004 C:\Windows\System32\PSHED.DLL - ok
23:43:09.0166 5004 [ 54AE15322C30814FC23FC26907A563B3 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
23:43:09.0166 5004 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
23:43:09.0166 5004 [ 1F9319EA6D87522C70271A55AC3BE365 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
23:43:09.0166 5004 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
23:43:09.0166 5004 [ 40F2889475EDC401F98FD7938F0BBF66 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
23:43:09.0166 5004 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
23:43:09.0166 5004 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
23:43:09.0166 5004 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
23:43:09.0166 5004 [ 3D7BB6DD7A87B3E36E44CA94444247A8 ] C:\Windows\System32\WindowsCodecs.dll
23:43:09.0166 5004 C:\Windows\System32\WindowsCodecs.dll - ok
23:43:09.0166 5004 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
23:43:09.0166 5004 C:\Windows\System32\AUDIOKSE.dll - ok
23:43:09.0181 5004 [ BC34B8831FAE17E5E7BD8318EDDC90BB ] C:\Windows\System32\RtkAPO64.dll
23:43:09.0181 5004 C:\Windows\System32\RtkAPO64.dll - ok
23:43:09.0181 5004 [ 0C70F8F5CC8359AC633724BECF6ABAF3 ] C:\Program Files\AVAST Software\Avast\ashBase.dll
23:43:09.0181 5004 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
23:43:09.0181 5004 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
23:43:09.0181 5004 C:\Windows\System32\winbrand.dll - ok
23:43:09.0181 5004 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
23:43:09.0181 5004 C:\Windows\SysWOW64\wsock32.dll - ok
23:43:09.0181 5004 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
23:43:09.0181 5004 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
23:43:09.0181 5004 [ F79B2469046122E24450FB66AE580C83 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
23:43:09.0181 5004 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
23:43:09.0181 5004 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
23:43:09.0181 5004 C:\Windows\SysWOW64\psapi.dll - ok
23:43:09.0181 5004 [ 2473CA6595A2659D7039A4A89FECA269 ] C:\Windows\SysWOW64\wininet.dll
23:43:09.0181 5004 C:\Windows\SysWOW64\wininet.dll - ok
23:43:09.0197 5004 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
23:43:09.0197 5004 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
23:43:09.0197 5004 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
23:43:09.0197 5004 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
23:43:09.0197 5004 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
23:43:09.0197 5004 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
23:43:09.0197 5004 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
23:43:09.0197 5004 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
23:43:09.0197 5004 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
23:43:09.0197 5004 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
23:43:09.0197 5004 [ 21B16760CB0D7D7A6DAC89285203DD8F ] C:\Windows\SysWOW64\iertutil.dll
23:43:09.0197 5004 C:\Windows\SysWOW64\iertutil.dll - ok
23:43:09.0197 5004 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
23:43:09.0197 5004 C:\Windows\SysWOW64\shlwapi.dll - ok
23:43:09.0197 5004 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
23:43:09.0197 5004 C:\Windows\System32\VaultCredProvider.dll - ok
23:43:09.0213 5004 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
23:43:09.0213 5004 C:\Windows\System32\WMALFXGFXDSP.dll - ok
23:43:09.0213 5004 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
23:43:09.0213 5004 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
23:43:09.0213 5004 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
23:43:09.0213 5004 C:\Windows\System32\BioCredProv.dll - ok
23:43:09.0213 5004 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
23:43:09.0213 5004 C:\Windows\System32\winbio.dll - ok
23:43:09.0213 5004 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
23:43:09.0213 5004 C:\Windows\System32\credui.dll - ok
23:43:09.0213 5004 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
23:43:09.0213 5004 C:\Windows\System32\netapi32.dll - ok
23:43:09.0213 5004 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
23:43:09.0213 5004 C:\Windows\System32\netutils.dll - ok
23:43:09.0213 5004 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
23:43:09.0213 5004 C:\Windows\System32\vaultcli.dll - ok
23:43:09.0213 5004 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
23:43:09.0213 5004 C:\Windows\System32\wkscli.dll - ok
23:43:09.0228 5004 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
23:43:09.0228 5004 C:\Windows\System32\samcli.dll - ok
23:43:09.0228 5004 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
23:43:09.0228 5004 C:\Windows\System32\certCredProvider.dll - ok
23:43:09.0228 5004 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
23:43:09.0228 5004 C:\Windows\System32\rasplap.dll - ok
23:43:09.0228 5004 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
23:43:09.0228 5004 C:\Windows\System32\rasapi32.dll - ok
23:43:09.0228 5004 [ C86121BF74BB07FC99DB9DB0ED1B49FF ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
23:43:09.0228 5004 C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
23:43:09.0228 5004 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
23:43:09.0228 5004 C:\Windows\SysWOW64\apphelp.dll - ok
23:43:09.0228 5004 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
23:43:09.0228 5004 C:\Windows\System32\conhost.exe - ok
23:43:09.0228 5004 [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
23:43:09.0228 5004 C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
23:43:09.0228 5004 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
23:43:09.0228 5004 C:\Windows\System32\rasman.dll - ok
23:43:09.0244 5004 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
23:43:09.0244 5004 C:\Windows\System32\rtutils.dll - ok
23:43:09.0244 5004 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
23:43:09.0244 5004 C:\Windows\SysWOW64\winhttp.dll - ok
23:43:09.0244 5004 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
23:43:09.0244 5004 C:\Windows\System32\UXInit.dll - ok
23:43:09.0244 5004 [ A8C30A4422B07B90E02FB133369DF2DE ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
23:43:09.0244 5004 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
23:43:09.0244 5004 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
23:43:09.0244 5004 C:\Windows\System32\mfplat.dll - ok
23:43:09.0244 5004 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
23:43:09.0244 5004 C:\Windows\System32\oleacc.dll - ok
23:43:09.0244 5004 [ 7AA8F91EEB5011A8F1241ACC0283DCEB ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
23:43:09.0244 5004 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
23:43:09.0244 5004 [ 59D07A2A1558C75FB9B7A2BB8BACF866 ] C:\Windows\System32\nvsvc64.dll
23:43:09.0244 5004 C:\Windows\System32\nvsvc64.dll - ok
23:43:09.0259 5004 [ 625FBDF1C3B7FC4F5962B805ADA8DA88 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
23:43:09.0259 5004 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
23:43:09.0259 5004 [ 920B4D089E02FB4A3F8ADA8B4BEF9B26 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
23:43:09.0259 5004 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
23:43:09.0259 5004 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
23:43:09.0259 5004 C:\Windows\System32\shsvcs.dll - ok
23:43:09.0259 5004 [ DA8B8A95780F406EBB213C1C5D4C0D90 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
23:43:09.0259 5004 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
23:43:09.0259 5004 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
23:43:09.0259 5004 C:\Windows\SysWOW64\webio.dll - ok
23:43:09.0259 5004 [ D068312FEC645A9D7C1398808734B142 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
23:43:09.0259 5004 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
23:43:09.0259 5004 [ 64BF5CD9B9D7BD391CBC9EDE847A2902 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
23:43:09.0259 5004 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
23:43:09.0259 5004 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
23:43:09.0259 5004 C:\Windows\System32\fveapi.dll - ok
23:43:09.0259 5004 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
23:43:09.0259 5004 C:\Windows\SysWOW64\credssp.dll - ok
23:43:09.0275 5004 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
23:43:09.0275 5004 C:\Windows\SysWOW64\cryptsp.dll - ok
23:43:09.0275 5004 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
23:43:09.0275 5004 C:\Windows\SysWOW64\mswsock.dll - ok
23:43:09.0275 5004 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
23:43:09.0275 5004 C:\Windows\SysWOW64\wship6.dll - ok
23:43:09.0275 5004 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
23:43:09.0275 5004 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
23:43:09.0275 5004 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
23:43:09.0275 5004 C:\Windows\System32\UIAutomationCore.dll - ok
23:43:09.0275 5004 [ D873AF6112E377CDBCBF3055B86C30A9 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
23:43:09.0275 5004 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
23:43:09.0275 5004 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
23:43:09.0275 5004 C:\Windows\System32\imageres.dll - ok
23:43:09.0275 5004 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
23:43:09.0275 5004 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
23:43:09.0291 5004 [ 69B9DD83535C421F229227B0B303082A ] C:\Program Files\AVAST Software\Avast\ashTask.dll
23:43:09.0291 5004 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
23:43:09.0291 5004 [ 91F1D56F6DC6B2AEC45369765787B64D ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
23:43:09.0291 5004 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
23:43:09.0291 5004 [ 1919B2A6BB69BD206A4F0C20FBA5E4B6 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
23:43:09.0291 5004 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
23:43:09.0291 5004 [ B3B4DDCD7263993FA3C42573066A16BE ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
23:43:09.0291 5004 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
23:43:09.0291 5004 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
23:43:09.0291 5004 C:\Windows\System32\tbs.dll - ok
23:43:09.0291 5004 [ B25B6B588471D8E23607CCAB922CF6C8 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
23:43:09.0291 5004 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
23:43:09.0291 5004 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
23:43:09.0291 5004 C:\Windows\System32\mscms.dll - ok
23:43:09.0291 5004 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
23:43:09.0291 5004 C:\Windows\System32\msimg32.dll - ok
23:43:09.0291 5004 [ 2AB3B6BF054D96592545CB7E2AB60856 ] C:\Windows\System32\nvapi64.dll
23:43:09.0291 5004 C:\Windows\System32\nvapi64.dll - ok
23:43:09.0306 5004 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
23:43:09.0306 5004 C:\Windows\System32\fvecerts.dll - ok
23:43:09.0306 5004 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
23:43:09.0306 5004 C:\Windows\System32\wiarpc.dll - ok
23:43:09.0306 5004 [ 7D289D7E6253BC998F51CAADB54C5192 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
23:43:09.0306 5004 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
23:43:09.0306 5004 [ BB2BE07A396B5B22AC56787FACF8D86F ] C:\Program Files\AVAST Software\Avast\aswDld.dll
23:43:09.0306 5004 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
23:43:09.0306 5004 [ 79B5BAEC23456D3F7EC10FC8374DA2CC ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
23:43:09.0306 5004 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
23:43:09.0306 5004 [ E43B269964099D96DDDAAED0E57F109E ] C:\Program Files\AVAST Software\Avast\avastIP.dll
23:43:09.0306 5004 C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
23:43:09.0306 5004 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
23:43:09.0306 5004 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
23:43:09.0306 5004 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
23:43:09.0306 5004 C:\Windows\SysWOW64\winnsi.dll - ok
23:43:09.0322 5004 [ D7CA52F89A7F4520610FF3682F0E42EE ] C:\Windows\System32\nvsvcr.dll
23:43:09.0322 5004 C:\Windows\System32\nvsvcr.dll - ok
23:43:09.0322 5004 [ 52D0FE133CBE687ED4E83FBDA70EBC9C ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
23:43:09.0322 5004 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
23:43:09.0322 5004 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
23:43:09.0322 5004 C:\Windows\System32\schedsvc.dll - ok
23:43:09.0322 5004 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
23:43:09.0322 5004 C:\Windows\System32\ktmw32.dll - ok
23:43:09.0322 5004 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
23:43:09.0322 5004 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
23:43:09.0322 5004 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
23:43:09.0322 5004 C:\Windows\SysWOW64\wscisvif.dll - ok
23:43:09.0322 5004 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
23:43:09.0322 5004 C:\Windows\System32\taskcomp.dll - ok
23:43:09.0322 5004 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
23:43:09.0322 5004 C:\Windows\SysWOW64\wscapi.dll - ok
23:43:09.0322 5004 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
23:43:09.0322 5004 C:\Windows\System32\drivers\http.sys - ok
23:43:09.0337 5004 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
23:43:09.0337 5004 C:\Windows\System32\spoolsv.exe - ok
23:43:09.0340 5004 [ 889217182E0E260900B83737EF89B921 ] C:\Windows\System32\nvcpl.dll
23:43:09.0340 5004 C:\Windows\System32\nvcpl.dll - ok
23:43:09.0340 5004 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
23:43:09.0340 5004 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
23:43:09.0342 5004 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
23:43:09.0342 5004 C:\Windows\System32\winspool.drv - ok
23:43:09.0342 5004 [ 2400A2B7020CEEE84B0E2CB75A0E0C2E ] C:\Program Files\AVAST Software\Avast\defs\13070300\aswEngin.dll
23:43:09.0342 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\aswEngin.dll - ok
23:43:09.0342 5004 [ C4689286E13EB33929B219C010BB44C1 ] C:\Program Files\AVAST Software\Avast\defs\13070300\aswCmnIS.dll
23:43:09.0342 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\aswCmnIS.dll - ok
23:43:09.0342 5004 [ 701BFC8672B9AA1BC9190157BF764C8D ] C:\Program Files\AVAST Software\Avast\defs\13070300\aswCmnOS.dll
23:43:09.0342 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\aswCmnOS.dll - ok
23:43:09.0342 5004 [ 603103B004A4335713C962A2442C01C5 ] C:\Program Files\AVAST Software\Avast\defs\13070300\aswCmnBS.dll
23:43:09.0342 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\aswCmnBS.dll - ok
23:43:09.0342 5004 [ F0A7639DE0A66BBB92E8912CDEB1A567 ] C:\Program Files\AVAST Software\Avast\defs\13070300\aswScan.dll
23:43:09.0342 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\aswScan.dll - ok
23:43:09.0342 5004 [ 32ED62D8C410117E09B0B7CA44FC4456 ] C:\Program Files\AVAST Software\Avast\defs\13070300\aswRep.dll
23:43:09.0342 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\aswRep.dll - ok
23:43:09.0342 5004 [ 2399F8068E969D9C25A05B6F779A790A ] C:\Program Files\AVAST Software\Avast\defs\13070300\aswFiDb.dll
23:43:09.0342 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\aswFiDb.dll - ok
23:43:09.0358 5004 [ 0549F9F191DC6F0AF23407E8C851494F ] C:\Program Files\AVAST Software\Avast\defs\13070300\algo.dll
23:43:09.0358 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\algo.dll - ok
23:43:09.0358 5004 [ C1DD6288ABA16EECBA39C3299C4040FE ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
23:43:09.0358 5004 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
23:43:09.0358 5004 [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\SysWOW64\shell32.dll
23:43:09.0358 5004 C:\Windows\SysWOW64\shell32.dll - ok
23:43:09.0358 5004 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
23:43:09.0358 5004 C:\Windows\SysWOW64\secur32.dll - ok
23:43:09.0358 5004 [ C946428303FDBD85D6F17C9F104938D7 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
23:43:09.0358 5004 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
23:43:09.0358 5004 [ 2522FE10F4059F9F3373B18DA900168B ] C:\Windows\System32\nvumdshimx.dll
23:43:09.0358 5004 C:\Windows\System32\nvumdshimx.dll - ok
23:43:09.0358 5004 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
23:43:09.0358 5004 C:\Windows\System32\BFE.DLL - ok
23:43:09.0358 5004 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
23:43:09.0358 5004 C:\Windows\System32\drivers\bowser.sys - ok
23:43:09.0374 5004 [ EB22CA88194FE5EE6ADFBFCA19277727 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
23:43:09.0374 5004 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
23:43:09.0374 5004 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
23:43:09.0374 5004 C:\Windows\System32\drivers\mpsdrv.sys - ok
23:43:09.0374 5004 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
23:43:09.0374 5004 C:\Windows\System32\wfapigp.dll - ok
23:43:09.0374 5004 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
23:43:09.0374 5004 C:\Windows\System32\pcasvc.dll - ok
23:43:09.0374 5004 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
23:43:09.0374 5004 C:\Windows\System32\snmptrap.exe - ok
23:43:09.0374 5004 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
23:43:09.0374 5004 C:\Windows\System32\drivers\mrxsmb.sys - ok
23:43:09.0374 5004 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
23:43:09.0374 5004 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
23:43:09.0374 5004 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
23:43:09.0374 5004 C:\Windows\System32\PeerDistSh.dll - ok
23:43:09.0374 5004 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
23:43:09.0374 5004 C:\Windows\System32\provsvc.dll - ok
23:43:09.0389 5004 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
23:43:09.0389 5004 C:\Windows\System32\sstpsvc.dll - ok
23:43:09.0392 5004 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:43:09.0392 5004 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
23:43:09.0392 5004 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
23:43:09.0392 5004 C:\Windows\System32\drivers\mrxsmb10.sys - ok
23:43:09.0392 5004 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
23:43:09.0392 5004 C:\Windows\System32\drivers\mrxsmb20.sys - ok
23:43:09.0392 5004 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
23:43:09.0392 5004 C:\Windows\System32\wkssvc.dll - ok
23:43:09.0392 5004 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] C:\Windows\System32\cryptsvc.dll
23:43:09.0392 5004 C:\Windows\System32\cryptsvc.dll - ok
23:43:09.0392 5004 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
23:43:09.0392 5004 C:\Windows\System32\dps.dll - ok
23:43:09.0392 5004 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
23:43:09.0392 5004 C:\Windows\System32\IKEEXT.DLL - ok
23:43:09.0392 5004 [ 4A9EB8AC8959C580ADCADDBDBBEBE033 ] C:\Windows\System32\IPROSetMonitor.exe
23:43:09.0392 5004 C:\Windows\System32\IPROSetMonitor.exe - ok
23:43:09.0392 5004 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
23:43:09.0392 5004 C:\Windows\System32\vpnikeapi.dll - ok
23:43:09.0407 5004 [ 2C4C22EA1735F21F355EB1A39832F7DF ] C:\Windows\System32\cryptnet.dll
23:43:09.0407 5004 C:\Windows\System32\cryptnet.dll - ok
23:43:09.0407 5004 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
23:43:09.0407 5004 C:\Windows\System32\vssapi.dll - ok
23:43:09.0407 5004 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
23:43:09.0407 5004 C:\Windows\System32\vsstrace.dll - ok
23:43:09.0407 5004 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
23:43:09.0407 5004 C:\Windows\System32\msvcp100.dll - ok
23:43:09.0407 5004 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
23:43:09.0407 5004 C:\Windows\System32\msvcr100.dll - ok
23:43:09.0407 5004 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
23:43:09.0407 5004 C:\Windows\System32\nlasvc.dll - ok
23:43:09.0407 5004 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
23:43:09.0407 5004 C:\Windows\System32\mpr.dll - ok
23:43:09.0407 5004 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
23:43:09.0407 5004 C:\Windows\SysWOW64\fltLib.dll - ok
23:43:09.0423 5004 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
23:43:09.0423 5004 C:\Windows\SysWOW64\winsta.dll - ok
23:43:09.0423 5004 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
23:43:09.0423 5004 C:\Windows\SysWOW64\wtsapi32.dll - ok
23:43:09.0425 5004 [ E385B9E07B08C3F686B45D52C9F5A9B9 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
23:43:09.0425 5004 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
23:43:09.0428 5004 [ E28034BDEDD48E44C889FF40C462005D ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
23:43:09.0428 5004 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
23:43:09.0428 5004 [ B20C06BDE50900C33CEE861E5B288ABF ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
23:43:09.0428 5004 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
23:43:09.0428 5004 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
23:43:09.0428 5004 C:\Windows\SysWOW64\netapi32.dll - ok
23:43:09.0428 5004 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
23:43:09.0428 5004 C:\Windows\SysWOW64\netutils.dll - ok
23:43:09.0428 5004 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
23:43:09.0428 5004 C:\Windows\SysWOW64\srvcli.dll - ok
23:43:09.0428 5004 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
23:43:09.0428 5004 C:\Windows\SysWOW64\wkscli.dll - ok
23:43:09.0428 5004 [ DAC5B3F300E08EFA9782F6DD0E4A9FDA ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
23:43:09.0428 5004 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
23:43:09.0428 5004 [ 5B07E1B2414CE6A7F8942493F194B697 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
23:43:09.0428 5004 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
23:43:09.0444 5004 [ D6515FEDDF987CAA7B4EFA826AD4C82F ] C:\Windows\SysWOW64\urlmon.dll
23:43:09.0444 5004 C:\Windows\SysWOW64\urlmon.dll - ok
23:43:09.0444 5004 [ F9AA8285BE0CCB3BDD77549DFC817423 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
23:43:09.0444 5004 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
23:43:09.0444 5004 [ 90622E62EABD12FFEACEF083E765707C ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
23:43:09.0444 5004 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
23:43:09.0444 5004 [ B7F721185071CF20CAB25CC2869BE0C2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
23:43:09.0444 5004 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
23:43:09.0444 5004 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
23:43:09.0444 5004 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
23:43:09.0444 5004 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
23:43:09.0444 5004 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
23:43:09.0444 5004 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
23:43:09.0444 5004 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
23:43:09.0444 5004 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
23:43:09.0444 5004 C:\Windows\SysWOW64\wlanapi.dll - ok
23:43:09.0444 5004 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
23:43:09.0444 5004 C:\Windows\SysWOW64\wlanutil.dll - ok
23:43:09.0459 5004 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
23:43:09.0459 5004 C:\Windows\SysWOW64\netshell.dll - ok
23:43:09.0459 5004 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
23:43:09.0459 5004 C:\Windows\SysWOW64\clbcatq.dll - ok
23:43:09.0459 5004 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
23:43:09.0459 5004 C:\Windows\SysWOW64\nlaapi.dll - ok
23:43:09.0459 5004 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
23:43:09.0459 5004 C:\Windows\SysWOW64\rsaenh.dll - ok
23:43:09.0459 5004 [ A2EAE71B251BD27B0F4185CF9699A1C2 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
23:43:09.0459 5004 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
23:43:09.0459 5004 [ 98E46DC6744B11882CA9C0BB5D38B9DD ] C:\Program Files\AVAST Software\Avast\defs\13070300\ArPot.dll
23:43:09.0459 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\ArPot.dll - ok
23:43:09.0459 5004 [ 8ED6DA45BAB5CFC809229F26D4D4A2CE ] C:\Program Files\AVAST Software\Avast\libeay32.dll
23:43:09.0459 5004 C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
23:43:09.0459 5004 [ 44BD658E0E4D21C42023AD9EBEFFDB90 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
23:43:09.0459 5004 C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
23:43:09.0475 5004 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
23:43:09.0475 5004 C:\Windows\SysWOW64\profapi.dll - ok
23:43:09.0475 5004 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
23:43:09.0475 5004 C:\Windows\SysWOW64\userenv.dll - ok
23:43:09.0475 5004 [ B6D90C99A72044AEF85A2B7D78FEBEF4 ] C:\Program Files\AVAST Software\Avast\defs\13070300\exts.dll
23:43:09.0475 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\exts.dll - ok
23:43:09.0475 5004 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
23:43:09.0475 5004 C:\Windows\System32\ncsi.dll - ok
23:43:09.0475 5004 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
23:43:09.0475 5004 C:\Windows\System32\winhttp.dll - ok
23:43:09.0475 5004 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
23:43:09.0475 5004 C:\Windows\System32\webio.dll - ok
23:43:09.0475 5004 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
23:43:09.0475 5004 C:\Windows\System32\ssdpapi.dll - ok
23:43:09.0475 5004 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
23:43:09.0475 5004 C:\Windows\System32\dllhost.exe - ok
23:43:09.0475 5004 [ F6F7943CAC73C59FA9996206A899146D ] C:\Program Files\AVAST Software\Avast\snxhk64.dll
23:43:09.0475 5004 C:\Program Files\AVAST Software\Avast\snxhk64.dll - ok
23:43:09.0490 5004 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
23:43:09.0490 5004 C:\Windows\SysWOW64\dnsapi.dll - ok
23:43:09.0493 5004 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
23:43:09.0493 5004 C:\Windows\SysWOW64\NapiNSP.dll - ok
23:43:09.0493 5004 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
23:43:09.0493 5004 C:\Windows\SysWOW64\pnrpnsp.dll - ok
23:43:09.0493 5004 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
23:43:09.0493 5004 C:\Windows\SysWOW64\winrnr.dll - ok
23:43:09.0493 5004 [ BF0873241C01C97E9E027C68863914C6 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
23:43:09.0493 5004 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
23:43:09.0493 5004 [ 0F2B9A24F8463EEC4E363AA36F763917 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
23:43:09.0493 5004 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
23:43:09.0493 5004 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
23:43:09.0493 5004 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
23:43:09.0493 5004 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
23:43:09.0493 5004 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
23:43:09.0493 5004 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
23:43:09.0493 5004 C:\Windows\SysWOW64\rasadhlp.dll - ok
23:43:09.0493 5004 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
23:43:09.0493 5004 C:\Windows\SysWOW64\security.dll - ok
23:43:09.0508 5004 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
23:43:09.0508 5004 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
23:43:09.0508 5004 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
23:43:09.0508 5004 C:\Windows\System32\IDStore.dll - ok
23:43:09.0508 5004 [ 10AA3E99691C9782308A4768F0485D8D ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
23:43:09.0508 5004 C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
23:43:09.0508 5004 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
23:43:09.0508 5004 C:\Windows\SysWOW64\samcli.dll - ok
23:43:09.0508 5004 [ 21986BB855E40C1FAF8943B4A6EC775F ] C:\Program Files\AVAST Software\Avast\defs\13070300\swhealthex.dll
23:43:09.0508 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\swhealthex.dll - ok
23:43:09.0508 5004 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
23:43:09.0508 5004 C:\Windows\SysWOW64\samlib.dll - ok
23:43:09.0508 5004 [ 5D95FBFFCADED2660663EA3FAF3C00DA ] C:\Program Files\AVAST Software\Avast\defs\13070300\aswAR.dll
23:43:09.0508 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\aswAR.dll - ok
23:43:09.0508 5004 [ 1EC4FB3EE4185A22E2869C66A6E6E8ED ] C:\Program Files\AVAST Software\Avast\defs\13070300\aswRawFS.dll
23:43:09.0508 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\aswRawFS.dll - ok
23:43:09.0524 5004 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
23:43:09.0524 5004 C:\Windows\SysWOW64\imagehlp.dll - ok
23:43:09.0524 5004 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
23:43:09.0524 5004 C:\Windows\SysWOW64\bcrypt.dll - ok
23:43:09.0524 5004 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
23:43:09.0524 5004 C:\Windows\SysWOW64\ncrypt.dll - ok
23:43:09.0524 5004 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
23:43:09.0524 5004 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
23:43:09.0524 5004 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
23:43:09.0524 5004 C:\Windows\SysWOW64\gpapi.dll - ok
23:43:09.0524 5004 [ 8A8B277067C22F4BF6AA9A31692FC4D3 ] C:\Windows\SysWOW64\cryptnet.dll
23:43:09.0524 5004 C:\Windows\SysWOW64\cryptnet.dll - ok
23:43:09.0524 5004 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
23:43:09.0524 5004 C:\Windows\SysWOW64\SensApi.dll - ok
23:43:09.0524 5004 [ AC42BC4B927A946BF1B1BC7F922BDAC2 ] C:\Program Files (x86)\Java\jre7\bin\keytool.exe
23:43:09.0524 5004 C:\Program Files (x86)\Java\jre7\bin\keytool.exe - ok
23:43:09.0540 5004 [ F3CD3269896D64ECAEA4CA34BCEAC381 ] C:\Program Files\AVAST Software\Avast\snxhk.dll
23:43:09.0540 5004 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
23:43:09.0540 5004 [ 8598C2AE3A7C7281B1290297C7CCFD57 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
23:43:09.0540 5004 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
23:43:09.0540 5004 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
23:43:09.0540 5004 C:\Windows\SysWOW64\mpr.dll - ok
23:43:09.0540 5004 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
23:43:09.0540 5004 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
23:43:09.0540 5004 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
23:43:09.0540 5004 C:\Windows\SysWOW64\oleacc.dll - ok
23:43:09.0540 5004 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
23:43:09.0540 5004 C:\Windows\SysWOW64\powrprof.dll - ok
23:43:09.0540 5004 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
23:43:09.0540 5004 C:\Windows\SysWOW64\comdlg32.dll - ok
23:43:09.0540 5004 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
23:43:09.0540 5004 C:\Windows\SysWOW64\msimg32.dll - ok
23:43:09.0540 5004 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
23:43:09.0540 5004 C:\Windows\SysWOW64\oledlg.dll - ok
23:43:09.0555 5004 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
23:43:09.0555 5004 C:\Windows\SysWOW64\winmm.dll - ok
23:43:09.0555 5004 [ DD502A2E7B85EA7A3814C1034E6C23D3 ] C:\Windows\AppPatch\AcGenral.dll
23:43:09.0555 5004 C:\Windows\AppPatch\AcGenral.dll - ok
23:43:09.0555 5004 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
23:43:09.0555 5004 C:\Windows\SysWOW64\msacm32.dll - ok
23:43:09.0555 5004 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
23:43:09.0555 5004 C:\Windows\SysWOW64\uxtheme.dll - ok
23:43:09.0555 5004 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
23:43:09.0555 5004 C:\Windows\SysWOW64\dwmapi.dll - ok
23:43:09.0555 5004 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
23:43:09.0555 5004 C:\Windows\SysWOW64\sfc.dll - ok
23:43:09.0555 5004 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
23:43:09.0555 5004 C:\Windows\SysWOW64\sfc_os.dll - ok
23:43:09.0555 5004 [ A9AFE5B0648C8D7A411A72D8222F7F6E ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:43:09.0555 5004 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe - ok
23:43:09.0555 5004 [ 47E98873EE5AC2A7822BC7367D6C92A2 ] C:\Program Files (x86)\Java\jre7\bin\jli.dll
23:43:09.0555 5004 C:\Program Files (x86)\Java\jre7\bin\jli.dll - ok
23:43:09.0571 5004 [ 7623A2CF7C3665BD2993F2EE157F24EB ] C:\Windows\System32\KBDYCC.DLL
23:43:09.0571 5004 C:\Windows\System32\KBDYCC.DLL - ok
23:43:09.0571 5004 [ 5D2EBA32B47E194E08D9825FCBB35FCF ] C:\Windows\System32\KBDYCL.DLL
23:43:09.0571 5004 C:\Windows\System32\KBDYCL.DLL - ok
23:43:09.0571 5004 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
23:43:09.0571 5004 C:\Windows\System32\taskhost.exe - ok
23:43:09.0571 5004 [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
23:43:09.0571 5004 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
23:43:09.0571 5004 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
23:43:09.0571 5004 C:\Windows\System32\AtBroker.exe - ok
23:43:09.0571 5004 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
23:43:09.0571 5004 C:\Windows\System32\esent.dll - ok
23:43:09.0571 5004 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
23:43:09.0571 5004 C:\Windows\System32\userinit.exe - ok
23:43:09.0571 5004 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
23:43:09.0571 5004 C:\Windows\System32\MsCtfMonitor.dll - ok
23:43:09.0586 5004 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
23:43:09.0586 5004 C:\Windows\System32\PlaySndSrv.dll - ok
23:43:09.0586 5004 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
23:43:09.0586 5004 C:\Windows\System32\msutb.dll - ok
23:43:09.0589 5004 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
23:43:09.0589 5004 C:\Windows\System32\HotStartUserAgent.dll - ok
23:43:09.0591 5004 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
23:43:09.0591 5004 C:\Windows\System32\drivers\PEAuth.sys - ok
23:43:09.0591 5004 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] C:\Windows\SysWOW64\PnkBstrA.exe
23:43:09.0591 5004 C:\Windows\SysWOW64\PnkBstrA.exe - ok
23:43:09.0591 5004 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
23:43:09.0591 5004 C:\Windows\System32\drivers\secdrv.sys - ok
23:43:09.0591 5004 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
23:43:09.0591 5004 C:\Windows\System32\drivers\srvnet.sys - ok
23:43:09.0591 5004 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
23:43:09.0591 5004 C:\Windows\System32\wiaservc.dll - ok
23:43:09.0591 5004 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
23:43:09.0591 5004 C:\Windows\System32\wiatrace.dll - ok
23:43:09.0591 5004 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
23:43:09.0591 5004 C:\Windows\System32\aepic.dll - ok
23:43:09.0591 5004 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
23:43:09.0591 5004 C:\Windows\System32\drivers\tcpipreg.sys - ok
23:43:09.0591 5004 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
23:43:09.0591 5004 C:\Windows\System32\sfc.dll - ok
23:43:09.0607 5004 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
23:43:09.0607 5004 C:\Windows\System32\sfc_os.dll - ok
23:43:09.0607 5004 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
23:43:09.0607 5004 C:\Windows\System32\sysmain.dll - ok
23:43:09.0607 5004 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
23:43:09.0607 5004 C:\Windows\explorer.exe - ok
23:43:09.0607 5004 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
23:43:09.0607 5004 C:\Windows\System32\ExplorerFrame.dll - ok
23:43:09.0607 5004 [ BBC016A0189C605FBBFCAEED315D0F64 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
23:43:09.0607 5004 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
23:43:09.0607 5004 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
23:43:09.0607 5004 C:\Windows\System32\msi.dll - ok
23:43:09.0607 5004 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
23:43:09.0607 5004 C:\Windows\System32\EhStorShell.dll - ok
23:43:09.0607 5004 [ 97BB37731F04CEBC15C4FD09C8CE5176 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
23:43:09.0607 5004 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
23:43:09.0623 5004 [ 0D7BE936A44E6B70F822D272A5CEBC22 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
23:43:09.0623 5004 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
23:43:09.0623 5004 [ BE165318E0052A91F7EA36F515B5F2B1 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll
23:43:09.0623 5004 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok
23:43:09.0623 5004 [ 18E756E0FE2FFCD5DE35F6B9F91244A6 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll
23:43:09.0623 5004 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll - ok
23:43:09.0623 5004 [ 2189278AB7A6FA4428188606D93D202B ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
23:43:09.0623 5004 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
23:43:09.0623 5004 [ 53FE14BD8160EBE29EF29B0A5366F34A ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
23:43:09.0623 5004 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
23:43:09.0623 5004 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
23:43:09.0623 5004 C:\Windows\System32\cscui.dll - ok
23:43:09.0623 5004 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
23:43:09.0623 5004 C:\Windows\System32\cscapi.dll - ok
23:43:09.0623 5004 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
23:43:09.0623 5004 C:\Windows\System32\cscdll.dll - ok
23:43:09.0638 5004 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
23:43:09.0638 5004 C:\Windows\System32\ntshrui.dll - ok
23:43:09.0638 5004 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
23:43:09.0638 5004 C:\Windows\System32\IconCodecService.dll - ok
23:43:09.0638 5004 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
23:43:09.0638 5004 C:\Windows\System32\runonce.exe - ok
23:43:09.0638 5004 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
23:43:09.0638 5004 C:\Windows\SysWOW64\runonce.exe - ok
23:43:09.0638 5004 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll
23:43:09.0638 5004 C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll - ok
23:43:09.0638 5004 [ 3025D52F50B7A1815855503F81209570 ] C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll
23:43:09.0638 5004 C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll - ok
23:43:09.0638 5004 [ 299DF5D9F63238F171617FA5D92FEF03 ] C:\Program Files (x86)\Java\jre7\bin\verify.dll
23:43:09.0638 5004 C:\Program Files (x86)\Java\jre7\bin\verify.dll - ok
23:43:09.0638 5004 [ 78B3EA7D2E62254D54BD4F735D5EEA25 ] C:\Program Files (x86)\Java\jre7\bin\java.dll
23:43:09.0638 5004 C:\Program Files (x86)\Java\jre7\bin\java.dll - ok
23:43:09.0638 5004 [ EDF4EEB92E4E0C6F316CE326632E2265 ] C:\Program Files (x86)\Java\jre7\bin\zip.dll
23:43:09.0638 5004 C:\Program Files (x86)\Java\jre7\bin\zip.dll - ok
23:43:09.0654 5004 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
23:43:09.0654 5004 C:\Windows\System32\dwm.exe - ok
23:43:09.0654 5004 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
23:43:09.0654 5004 C:\Windows\System32\trkwks.dll - ok
23:43:09.0654 5004 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
23:43:09.0654 5004 C:\Windows\System32\wbem\WMIsvc.dll - ok
23:43:09.0654 5004 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
23:43:09.0654 5004 C:\Windows\System32\dwmcore.dll - ok
23:43:09.0654 5004 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
23:43:09.0654 5004 C:\Windows\System32\dwmredir.dll - ok
23:43:09.0654 5004 [ 0807D50FC2050F1DB8C96C6375B590F2 ] C:\ProgramData\NVIDIA\Updatus\ApplicationOntology\Ontology.dll
23:43:09.0654 5004 C:\ProgramData\NVIDIA\Updatus\ApplicationOntology\Ontology.dll - ok
23:43:09.0654 5004 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
23:43:09.0654 5004 C:\Windows\SysWOW64\propsys.dll - ok
23:43:09.0654 5004 [ 86D177F43030F61A8610259A2E8F07FE ] C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
23:43:09.0654 5004 C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL - ok
23:43:09.0669 5004 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
23:43:09.0669 5004 C:\Windows\System32\aeevts.dll - ok
23:43:09.0669 5004 [ 78B62E4C13378F737603136975A07E1A ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll
23:43:09.0669 5004 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll - ok
23:43:09.0669 5004 [ FFC54FA19FD67DDE232CFC0A87B0B1A7 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
23:43:09.0669 5004 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
23:43:09.0669 5004 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
23:43:09.0669 5004 C:\Windows\SysWOW64\cmd.exe - ok
23:43:09.0669 5004 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
23:43:09.0669 5004 C:\Windows\System32\wbemcomn.dll - ok
23:43:09.0669 5004 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
23:43:09.0669 5004 C:\Windows\SysWOW64\winbrand.dll - ok
23:43:09.0669 5004 [ 6BEE2FD9430ED8709073426C145DDA24 ] C:\Program Files (x86)\Java\jre7\bin\sunec.dll
23:43:09.0669 5004 C:\Program Files (x86)\Java\jre7\bin\sunec.dll - ok
23:43:09.0669 5004 [ CB6DE2477C9E03159A637AC4D255C598 ] C:\Windows\SysWOW64\ieframe.dll
23:43:09.0669 5004 C:\Windows\SysWOW64\ieframe.dll - ok
23:43:09.0669 5004 [ ECA1EB059ECBB62E55206AA3DB34979E ] C:\Program Files (x86)\Java\jre7\bin\sunmscapi.dll
23:43:09.0669 5004 C:\Program Files (x86)\Java\jre7\bin\sunmscapi.dll - ok
23:43:09.0685 5004 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
23:43:09.0685 5004 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
23:43:09.0688 5004 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
23:43:09.0688 5004 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
23:43:09.0688 5004 [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\SysWOW64\shdocvw.dll
23:43:09.0688 5004 C:\Windows\SysWOW64\shdocvw.dll - ok
23:43:09.0688 5004 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Petar\AppData\Local\Temp\32D39D35-02C4-4A96-83AC-68E6EFF221F1.exe
23:43:09.0688 5004 C:\Users\Petar\AppData\Local\Temp\32D39D35-02C4-4A96-83AC-68E6EFF221F1.exe - ok
23:43:09.0688 5004 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
23:43:09.0688 5004 C:\Windows\System32\timedate.cpl - ok
23:43:09.0688 5004 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
23:43:09.0688 5004 C:\Windows\System32\drivers\srv2.sys - ok
23:43:09.0688 5004 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
23:43:09.0688 5004 C:\Windows\System32\actxprxy.dll - ok
23:43:09.0688 5004 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
23:43:09.0688 5004 C:\Windows\System32\wbem\WinMgmtR.dll - ok
23:43:09.0688 5004 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
23:43:09.0688 5004 C:\Windows\System32\localspl.dll - ok
23:43:09.0703 5004 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
23:43:09.0703 5004 C:\Windows\System32\rasadhlp.dll - ok
23:43:09.0703 5004 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
23:43:09.0703 5004 C:\Windows\System32\taskeng.exe - ok
23:43:09.0703 5004 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
23:43:09.0703 5004 C:\Windows\System32\umb.dll - ok
23:43:09.0703 5004 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
23:43:09.0703 5004 C:\Windows\System32\FXSMON.dll - ok
23:43:09.0703 5004 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
23:43:09.0703 5004 C:\Windows\System32\PrintIsolationProxy.dll - ok
23:43:09.0703 5004 [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\Windows\System32\shdocvw.dll
23:43:09.0703 5004 C:\Windows\System32\shdocvw.dll - ok
23:43:09.0703 5004 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
23:43:09.0703 5004 C:\Windows\System32\spoolss.dll - ok
23:43:09.0703 5004 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
23:43:09.0703 5004 C:\Windows\System32\tcpmon.dll - ok
23:43:09.0703 5004 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
23:43:09.0703 5004 C:\Windows\System32\snmpapi.dll - ok
23:43:09.0719 5004 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
23:43:09.0719 5004 C:\Windows\System32\wsnmp32.dll - ok
23:43:09.0719 5004 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
23:43:09.0719 5004 C:\Windows\System32\msxml6.dll - ok
23:43:09.0719 5004 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:43:09.0719 5004 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
23:43:09.0719 5004 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
23:43:09.0719 5004 C:\Windows\System32\TSChannel.dll - ok
23:43:09.0719 5004 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
23:43:09.0719 5004 C:\Windows\System32\linkinfo.dll - ok
23:43:09.0719 5004 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
23:43:09.0719 5004 C:\Windows\System32\usbmon.dll - ok
23:43:09.0719 5004 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
23:43:09.0719 5004 C:\Windows\System32\WSDMon.dll - ok
23:43:09.0719 5004 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
23:43:09.0719 5004 C:\Windows\System32\WSDApi.dll - ok
23:43:09.0719 5004 [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll
23:43:09.0719 5004 C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll - ok
23:43:09.0734 5004 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
23:43:09.0734 5004 C:\Windows\System32\webservices.dll - ok
23:43:09.0737 5004 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
23:43:09.0737 5004 C:\Windows\System32\msftedit.dll - ok
23:43:09.0737 5004 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
23:43:09.0737 5004 C:\Windows\System32\fundisc.dll - ok
23:43:09.0737 5004 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
23:43:09.0737 5004 C:\Windows\System32\fdPnp.dll - ok
23:43:09.0737 5004 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
23:43:09.0737 5004 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
23:43:09.0737 5004 [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
23:43:09.0737 5004 C:\Windows\System32\win32spl.dll - ok
23:43:09.0737 5004 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
23:43:09.0737 5004 C:\Windows\System32\inetpp.dll - ok
23:43:09.0737 5004 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
23:43:09.0737 5004 C:\Windows\System32\gameux.dll - ok
23:43:09.0737 5004 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
23:43:09.0737 5004 C:\Windows\SysWOW64\msi.dll - ok
23:43:09.0737 5004 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
23:43:09.0737 5004 C:\Windows\System32\wer.dll - ok
23:43:09.0752 5004 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
23:43:09.0752 5004 C:\Windows\SysWOW64\cscapi.dll - ok
23:43:09.0752 5004 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
23:43:09.0752 5004 C:\Windows\SysWOW64\dbghelp.dll - ok
23:43:09.0752 5004 [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
23:43:09.0752 5004 C:\Windows\System32\msls31.dll - ok
23:43:09.0752 5004 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
23:43:09.0752 5004 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
23:43:09.0752 5004 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
23:43:09.0752 5004 C:\Windows\System32\DeviceCenter.dll - ok
23:43:09.0752 5004 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
23:43:09.0752 5004 C:\Windows\System32\msiltcfg.dll - ok
23:43:09.0752 5004 [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
23:43:09.0752 5004 C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
23:43:09.0752 5004 [ 4E252E85E5DC31BD645E809222AFAF27 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
23:43:09.0752 5004 C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe - ok
23:43:09.0768 5004 [ 834A309C2FDF52FC09353F348CFE1235 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:43:09.0768 5004 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
23:43:09.0768 5004 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
23:43:09.0768 5004 C:\Windows\SysWOW64\mstask.dll - ok
23:43:09.0768 5004 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
23:43:09.0768 5004 C:\Windows\System32\dsound.dll - ok
23:43:09.0768 5004 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
23:43:09.0768 5004 C:\Windows\System32\dbghelp.dll - ok
23:43:09.0768 5004 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
23:43:09.0768 5004 C:\Windows\System32\oledlg.dll - ok
23:43:09.0768 5004 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
23:43:09.0768 5004 C:\Windows\System32\wbem\fastprox.dll - ok
23:43:09.0768 5004 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
23:43:09.0768 5004 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
23:43:09.0768 5004 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
23:43:09.0768 5004 C:\Windows\System32\ntdsapi.dll - ok
23:43:09.0768 5004 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
23:43:09.0768 5004 C:\Windows\System32\RtkCfg64.dll - ok
23:43:09.0784 5004 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
23:43:09.0784 5004 C:\Windows\System32\drivers\srv.sys - ok
23:43:09.0786 5004 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
23:43:09.0786 5004 C:\Windows\System32\iphlpsvc.dll - ok
23:43:09.0786 5004 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
23:43:09.0786 5004 C:\Windows\System32\sqmapi.dll - ok
23:43:09.0786 5004 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
23:43:09.0786 5004 C:\Windows\System32\srvsvc.dll - ok
23:43:09.0786 5004 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
23:43:09.0786 5004 C:\Windows\System32\wdscore.dll - ok
23:43:09.0786 5004 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
23:43:09.0786 5004 C:\Windows\System32\browser.dll - ok
23:43:09.0786 5004 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
23:43:09.0786 5004 C:\Windows\System32\d3d10_1.dll - ok
23:43:09.0786 5004 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
23:43:09.0786 5004 C:\Windows\System32\d3d10_1core.dll - ok
23:43:09.0786 5004 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
23:43:09.0786 5004 C:\Windows\System32\dxgi.dll - ok
23:43:09.0786 5004 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
23:43:09.0786 5004 C:\Windows\System32\netmsg.dll - ok
23:43:09.0802 5004 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
23:43:09.0802 5004 C:\Windows\System32\wbem\wbemprox.dll - ok
23:43:09.0802 5004 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
23:43:09.0802 5004 C:\Windows\System32\netcfgx.dll - ok
23:43:09.0802 5004 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
23:43:09.0802 5004 C:\Windows\System32\hnetcfg.dll - ok
23:43:09.0802 5004 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
23:43:09.0802 5004 C:\Windows\System32\sscore.dll - ok
23:43:09.0802 5004 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
23:43:09.0802 5004 C:\Windows\System32\clusapi.dll - ok
23:43:09.0802 5004 [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll
23:43:09.0802 5004 C:\Windows\System32\d3d11.dll - ok
23:43:09.0802 5004 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
23:43:09.0802 5004 C:\Windows\System32\SyncCenter.dll - ok
23:43:09.0802 5004 [ 6B08632F7634F344372B25A507DA7C47 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
23:43:09.0802 5004 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe - ok
23:43:09.0802 5004 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
23:43:09.0802 5004 C:\Windows\System32\thumbcache.dll - ok
23:43:09.0817 5004 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
23:43:09.0817 5004 C:\Windows\System32\networkexplorer.dll - ok
23:43:09.0817 5004 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
23:43:09.0817 5004 C:\Windows\System32\resutils.dll - ok
23:43:09.0817 5004 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
23:43:09.0817 5004 C:\Windows\System32\nci.dll - ok
23:43:09.0817 5004 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
23:43:09.0817 5004 C:\Windows\System32\wbem\wbemcore.dll - ok
23:43:09.0817 5004 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
23:43:09.0817 5004 C:\Windows\System32\wbem\esscli.dll - ok
23:43:09.0817 5004 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
23:43:09.0817 5004 C:\Windows\System32\wbem\wbemsvc.dll - ok
23:43:09.0817 5004 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
23:43:09.0817 5004 C:\Windows\System32\wbem\wmiutils.dll - ok
23:43:09.0817 5004 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
23:43:09.0817 5004 C:\Windows\System32\wbem\repdrvfs.dll - ok
23:43:09.0833 5004 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
23:43:09.0833 5004 C:\Windows\System32\netman.dll - ok
23:43:09.0835 5004 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
23:43:09.0835 5004 C:\Windows\System32\qmgr.dll - ok
23:43:09.0835 5004 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
23:43:09.0835 5004 C:\Windows\System32\wdi.dll - ok
23:43:09.0835 5004 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
23:43:09.0835 5004 C:\Windows\System32\bitsigd.dll - ok
23:43:09.0835 5004 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
23:43:09.0835 5004 C:\Windows\System32\bitsperf.dll - ok
23:43:09.0835 5004 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
23:43:09.0835 5004 C:\Windows\System32\perftrack.dll - ok
23:43:09.0835 5004 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
23:43:09.0835 5004 C:\Windows\System32\wpdbusenum.dll - ok
23:43:09.0835 5004 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
23:43:09.0835 5004 C:\Windows\System32\hidserv.dll - ok
23:43:09.0835 5004 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
23:43:09.0835 5004 C:\Windows\System32\upnp.dll - ok
23:43:09.0835 5004 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
23:43:09.0835 5004 C:\Windows\System32\netshell.dll - ok
23:43:09.0851 5004 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
23:43:09.0851 5004 C:\Windows\System32\ssdpsrv.dll - ok
23:43:09.0851 5004 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
23:43:09.0851 5004 C:\Windows\System32\npmproxy.dll - ok
23:43:09.0851 5004 [ 742B2EBE81DEE9AB229E14AD9D3BA578 ] C:\Windows\System32\nvwgf2umx.dll
23:43:09.0851 5004 C:\Windows\System32\nvwgf2umx.dll - ok
23:43:09.0851 5004 [ 97D965A341C76FCB35B4344BFA2CBC06 ] C:\Program Files (x86)\Steam\Steam.exe
23:43:09.0851 5004 C:\Program Files (x86)\Steam\Steam.exe - ok
23:43:09.0851 5004 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
23:43:09.0851 5004 C:\Windows\System32\stobject.dll - ok
23:43:09.0851 5004 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
23:43:09.0851 5004 C:\Windows\System32\uDWM.dll - ok
23:43:09.0851 5004 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
23:43:09.0851 5004 C:\Windows\System32\batmeter.dll - ok
23:43:09.0851 5004 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
23:43:09.0851 5004 C:\Windows\System32\PortableDeviceApi.dll - ok
23:43:09.0851 5004 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
23:43:09.0851 5004 C:\Windows\System32\dot3api.dll - ok
23:43:09.0867 5004 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
23:43:09.0867 5004 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
23:43:09.0867 5004 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
23:43:09.0867 5004 C:\Windows\System32\eappcfg.dll - ok
23:43:09.0867 5004 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
23:43:09.0867 5004 C:\Windows\System32\wlanhlp.dll - ok
23:43:09.0867 5004 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
23:43:09.0867 5004 C:\Windows\System32\wlanapi.dll - ok
23:43:09.0867 5004 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
23:43:09.0867 5004 C:\Windows\System32\prnfldr.dll - ok
23:43:09.0867 5004 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
23:43:09.0867 5004 C:\Windows\System32\wlanutil.dll - ok
23:43:09.0867 5004 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
23:43:09.0867 5004 C:\Windows\System32\onex.dll - ok
23:43:09.0867 5004 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
23:43:09.0867 5004 C:\Windows\System32\eappprxy.dll - ok
23:43:09.0867 5004 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
23:43:09.0867 5004 C:\Windows\System32\fdProxy.dll - ok
23:43:09.0882 5004 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
23:43:09.0882 5004 C:\Windows\System32\DXP.dll - ok
23:43:09.0882 5004 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
23:43:09.0882 5004 C:\Windows\System32\Syncreg.dll - ok
23:43:09.0882 5004 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
23:43:09.0882 5004 C:\Windows\ehome\ehSSO.dll - ok
23:43:09.0882 5004 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
23:43:09.0882 5004 C:\Windows\System32\AltTab.dll - ok
23:43:09.0882 5004 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
23:43:09.0882 5004 C:\Windows\SysWOW64\netprofm.dll - ok
23:43:09.0882 5004 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
23:43:09.0882 5004 C:\Windows\SysWOW64\npmproxy.dll - ok
23:43:09.0882 5004 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
23:43:09.0882 5004 C:\Windows\System32\PortableDeviceTypes.dll - ok
23:43:09.0882 5004 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
23:43:09.0882 5004 C:\Windows\System32\WPDShServiceObj.dll - ok
23:43:09.0882 5004 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
23:43:09.0882 5004 C:\Windows\System32\SearchIndexer.exe - ok
23:43:09.0898 5004 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
23:43:09.0898 5004 C:\Windows\System32\tquery.dll - ok
23:43:09.0898 5004 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
23:43:09.0898 5004 C:\Windows\System32\mssrch.dll - ok
23:43:09.0898 5004 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
23:43:09.0898 5004 C:\Windows\System32\pnidui.dll - ok
23:43:09.0898 5004 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
23:43:09.0898 5004 C:\Windows\System32\dimsjob.dll - ok
23:43:09.0898 5004 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
23:43:09.0898 5004 C:\Windows\System32\pautoenr.dll - ok
23:43:09.0898 5004 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
23:43:09.0898 5004 C:\Windows\System32\certcli.dll - ok
23:43:09.0898 5004 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
23:43:09.0898 5004 C:\Windows\System32\CertEnroll.dll - ok
23:43:09.0898 5004 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
23:43:09.0898 5004 C:\Windows\System32\aelupsvc.dll - ok
23:43:09.0898 5004 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
23:43:09.0898 5004 C:\Windows\System32\diagperf.dll - ok
23:43:09.0913 5004 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
23:43:09.0913 5004 C:\Windows\System32\msidle.dll - ok
23:43:09.0913 5004 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
23:43:09.0913 5004 C:\Windows\System32\mssprxy.dll - ok
23:43:09.0913 5004 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
23:43:09.0913 5004 C:\Windows\System32\QUTIL.DLL - ok
23:43:09.0913 5004 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
23:43:09.0913 5004 C:\Windows\System32\NapiNSP.dll - ok
23:43:09.0913 5004 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
23:43:09.0913 5004 C:\Windows\System32\pnrpnsp.dll - ok
23:43:09.0913 5004 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
23:43:09.0913 5004 C:\Windows\System32\winrnr.dll - ok
23:43:09.0913 5004 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
23:43:09.0913 5004 C:\Windows\System32\cscobj.dll - ok
23:43:09.0913 5004 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
23:43:09.0913 5004 C:\Windows\System32\srchadmin.dll - ok
23:43:09.0929 5004 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
23:43:09.0929 5004 C:\Windows\System32\Apphlpdm.dll - ok
23:43:09.0929 5004 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
23:43:09.0929 5004 C:\Windows\System32\en-US\tquery.dll.mui - ok
23:43:09.0929 5004 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
23:43:09.0929 5004 C:\Windows\System32\pnpts.dll - ok
23:43:09.0929 5004 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
23:43:09.0929 5004 C:\Windows\System32\radardt.dll - ok
23:43:09.0929 5004 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
23:43:09.0929 5004 C:\Windows\System32\wdiasqmmodule.dll - ok
23:43:09.0929 5004 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
23:43:09.0929 5004 C:\Windows\System32\ActionCenter.dll - ok
23:43:09.0929 5004 [ BB7B759E9ED35321C934A620DC4BD9B0 ] C:\Program Files (x86)\Steam\crashhandler.dll
23:43:09.0929 5004 C:\Program Files (x86)\Steam\crashhandler.dll - ok
23:43:09.0929 5004 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
23:43:09.0929 5004 C:\Windows\System32\rundll32.exe - ok
23:43:09.0929 5004 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
23:43:09.0929 5004 C:\Windows\System32\qmgrprxy.dll - ok
23:43:09.0945 5004 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
23:43:09.0945 5004 C:\Windows\SysWOW64\qmgrprxy.dll - ok
23:43:09.0947 5004 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
23:43:09.0947 5004 C:\Windows\System32\msxml3.dll - ok
23:43:09.0947 5004 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
23:43:09.0947 5004 C:\Windows\System32\bthprops.cpl - ok
23:43:09.0950 5004 [ 38026FA060E7802D1ACBA462E4CEAA54 ] C:\Windows\System32\ieframe.dll
23:43:09.0950 5004 C:\Windows\System32\ieframe.dll - ok
23:43:09.0950 5004 [ 5521928AA79079565B7CB8FCE6806131 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
23:43:09.0950 5004 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
23:43:09.0950 5004 [ 07DFD28E57879554D054464EE4A5662D ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
23:43:09.0950 5004 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
23:43:09.0950 5004 [ DC5ECEA062C0633346B6D199FA2B578D ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
23:43:09.0950 5004 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
23:43:09.0950 5004 [ FE1897800D8FCA8579CCABC83A0CA181 ] C:\Program Files\WinRAR\WinRAR.exe
23:43:09.0950 5004 C:\Program Files\WinRAR\WinRAR.exe - ok
23:43:09.0950 5004 [ A1987D2842E598D20FD4D0453742EEDB ] C:\Program Files (x86)\Java\jre7\bin\java.exe
23:43:09.0950 5004 C:\Program Files (x86)\Java\jre7\bin\java.exe - ok
23:43:09.0950 5004 [ 64CA382622F90218B6D1805FDFF50C96 ] C:\Program Files\Java\jre7\bin\java.exe
23:43:09.0950 5004 C:\Program Files\Java\jre7\bin\java.exe - ok
23:43:09.0950 5004 [ C5520FEB7AD5F6E3692B6DE41F6A1A27 ] C:\Program Files (x86)\Opera\opera.exe
23:43:09.0950 5004 C:\Program Files (x86)\Opera\opera.exe - ok
23:43:09.0965 5004 [ F4ED77EE7CBD4F92A0DB9CDFF0AB86FA ] D:\PROGRAMI\Kies\External\FirmwareUpdate\KiesPDLR.exe
23:43:09.0965 5004 D:\PROGRAMI\Kies\External\FirmwareUpdate\KiesPDLR.exe - ok
23:43:09.0965 5004 [ 728CDDF56C9FF4F4FEDDAC916CA76613 ] D:\PROGRAMI\Kies\External\FirmwareUpdate\AgentDialogs.dll
23:43:09.0965 5004 D:\PROGRAMI\Kies\External\FirmwareUpdate\AgentDialogs.dll - ok
23:43:09.0965 5004 [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
23:43:09.0965 5004 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
23:43:09.0965 5004 [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
23:43:09.0965 5004 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
23:43:09.0965 5004 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
23:43:09.0965 5004 C:\Windows\System32\rasdlg.dll - ok
23:43:09.0965 5004 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
23:43:09.0965 5004 C:\Windows\System32\mprapi.dll - ok
23:43:09.0965 5004 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
23:43:09.0965 5004 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
23:43:09.0965 5004 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
23:43:09.0965 5004 C:\Windows\System32\WWanAPI.dll - ok
23:43:09.0981 5004 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
23:43:09.0981 5004 C:\Windows\System32\wwapi.dll - ok
23:43:09.0981 5004 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
23:43:09.0981 5004 C:\Windows\System32\QAGENT.DLL - ok
23:43:09.0981 5004 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
23:43:09.0981 5004 C:\Windows\System32\FXSST.dll - ok
23:43:09.0981 5004 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
23:43:09.0981 5004 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
23:43:09.0981 5004 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
23:43:09.0981 5004 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
23:43:09.0981 5004 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
23:43:09.0981 5004 C:\Windows\System32\FXSAPI.dll - ok
23:43:09.0981 5004 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
23:43:09.0981 5004 C:\Windows\System32\FXSRESM.dll - ok
23:43:09.0981 5004 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
23:43:09.0981 5004 C:\Windows\System32\wsock32.dll - ok
23:43:09.0981 5004 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
23:43:09.0981 5004 C:\Windows\System32\wmdrmdev.dll - ok
23:43:09.0996 5004 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
23:43:09.0996 5004 C:\Windows\System32\drmv2clt.dll - ok
23:43:09.0996 5004 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
23:43:09.0996 5004 C:\Windows\System32\FXSSVC.exe - ok
23:43:09.0996 5004 [ 9184EDE06DF1922A0B4AF9F90C510826 ] C:\Users\Petar\Desktop\FRST64.exe
23:43:09.0996 5004 C:\Users\Petar\Desktop\FRST64.exe - ok
23:43:09.0996 5004 [ 128689348FF25EAFE5FBAEFD113AD4FE ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
23:43:09.0996 5004 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
23:43:09.0996 5004 [ D4E8693383A84DC2BC3DF27B9834B56C ] D:\PROGRAMI\Kies\External\FirmwareUpdate\AgentModels.dll
23:43:09.0996 5004 D:\PROGRAMI\Kies\External\FirmwareUpdate\AgentModels.dll - ok
23:43:09.0996 5004 [ C8B5FB0ED09E9F24DB844905521AC205 ] C:\Program Files (x86)\Steam\steamerrorreporter.exe
23:43:09.0996 5004 C:\Program Files (x86)\Steam\steamerrorreporter.exe - ok
23:43:09.0996 5004 [ 715BFF236158F61C042928A53C0D5AA8 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
23:43:09.0996 5004 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
23:43:09.0996 5004 [ C5BEF5C18AE2199A6619769414D42BA4 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
23:43:09.0996 5004 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
23:43:10.0012 5004 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
23:43:10.0012 5004 C:\Windows\System32\wmp.dll - ok
23:43:10.0012 5004 [ 529EFD4CD976A5418B88DFCDE40EC239 ] C:\Program Files (x86)\Steam\tier0_s.dll
23:43:10.0012 5004 C:\Program Files (x86)\Steam\tier0_s.dll - ok
23:43:10.0012 5004 [ 548CB85DE1EAD453292A7EA02C4CFCA9 ] C:\Program Files (x86)\Steam\vstdlib_s.dll
23:43:10.0012 5004 C:\Program Files (x86)\Steam\vstdlib_s.dll - ok
23:43:10.0012 5004 [ 760ACD103FFB86AD65DC41CDEB08ABCF ] D:\PROGRAMI\Kies\KiesAirMessage.exe
23:43:10.0012 5004 D:\PROGRAMI\Kies\KiesAirMessage.exe - ok
23:43:10.0012 5004 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
23:43:10.0012 5004 C:\Windows\System32\SearchProtocolHost.exe - ok
23:43:10.0012 5004 [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll
23:43:10.0012 5004 C:\Windows\System32\webcheck.dll - ok
23:43:10.0012 5004 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
23:43:10.0012 5004 C:\Windows\System32\mlang.dll - ok
23:43:10.0012 5004 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
23:43:10.0012 5004 C:\Windows\System32\imapi2.dll - ok
23:43:10.0012 5004 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
23:43:10.0012 5004 C:\Windows\System32\msshooks.dll - ok
23:43:10.0028 5004 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
23:43:10.0028 5004 C:\Windows\System32\SearchFilterHost.exe - ok
23:43:10.0030 5004 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
23:43:10.0030 5004 C:\Windows\System32\mscoree.dll - ok
23:43:10.0030 5004 [ 6EB75D77133B9B42C0EB9D4D0F861CD9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
23:43:10.0030 5004 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
23:43:10.0030 5004 [ 37D7A787487F7EEB8E251B97D763FEC4 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
23:43:10.0030 5004 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
23:43:10.0030 5004 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
23:43:10.0030 5004 C:\Windows\System32\wmploc.DLL - ok
23:43:10.0030 5004 [ E503E15C88B4BBDA3F6345E34FED3E92 ] C:\Windows\System32\mssvp.dll
23:43:10.0030 5004 C:\Windows\System32\mssvp.dll - ok
23:43:10.0030 5004 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
23:43:10.0030 5004 C:\Windows\System32\UIAnimation.dll - ok
23:43:10.0030 5004 [ CCF663A34D75B59114003B63692818B6 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
23:43:10.0030 5004 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
23:43:10.0030 5004 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
23:43:10.0030 5004 C:\Windows\System32\notepad.exe - ok
23:43:10.0030 5004 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
23:43:10.0030 5004 C:\Windows\System32\mapi32.dll - ok
23:43:10.0046 5004 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
23:43:10.0046 5004 C:\Windows\System32\hgcpl.dll - ok
23:43:10.0046 5004 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
23:43:10.0046 5004 C:\Windows\System32\fdPHost.dll - ok
23:43:10.0046 5004 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
23:43:10.0046 5004 C:\Windows\System32\FDResPub.dll - ok
23:43:10.0046 5004 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
23:43:10.0046 5004 C:\Windows\System32\fdSSDP.dll - ok
23:43:10.0046 5004 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
23:43:10.0046 5004 C:\Windows\System32\fdWSD.dll - ok
23:43:10.0046 5004 [ 779464B09172159AB3910263D93706EA ] D:\PROGRAMI\Kies\External\FirmwareUpdate\GlobalUtil.dll
23:43:10.0046 5004 D:\PROGRAMI\Kies\External\FirmwareUpdate\GlobalUtil.dll - ok
23:43:10.0046 5004 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
23:43:10.0046 5004 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
23:43:10.0046 5004 [ F26792DB5558410F2A3E9C55AFE2CB36 ] C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
23:43:10.0046 5004 C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok
23:43:10.0061 5004 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
23:43:10.0061 5004 C:\Windows\System32\httpapi.dll - ok
23:43:10.0061 5004 [ 8DAA13E03FE2F9369EE3385078216B91 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
23:43:10.0061 5004 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
23:43:10.0061 5004 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
23:43:10.0061 5004 C:\Windows\System32\ListSvc.dll - ok
23:43:10.0061 5004 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
23:43:10.0061 5004 C:\Windows\System32\P2P.dll - ok
23:43:10.0061 5004 [ 423069307FB726E51E2A66F1C3F738FE ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll
23:43:10.0061 5004 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll - ok
23:43:10.0061 5004 [ 659474582C6E060DBD8FFFF97DC892C5 ] D:\PROGRAMI\Kies\Kies.exe
23:43:10.0061 5004 D:\PROGRAMI\Kies\Kies.exe - ok
23:43:10.0061 5004 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
23:43:10.0061 5004 C:\Windows\SysWOW64\mscoree.dll - ok
23:43:10.0061 5004 [ 92F8656D0167412A2379517C3F704FFB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
23:43:10.0061 5004 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
23:43:10.0077 5004 [ F575A5AC8F4D2BE570CB095B3DD87B1A ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
23:43:10.0077 5004 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe - ok
23:43:10.0077 5004 [ CD76F9CC2F4DD608CF2AB377F6CCF698 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
23:43:10.0077 5004 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
23:43:10.0077 5004 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
23:43:10.0077 5004 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
23:43:10.0077 5004 [ 7875EBF6A5077E79E04DAF170D6390F2 ] D:\PROGRAMI\Kies\External\FirmwareUpdate\CommonModule.dll
23:43:10.0077 5004 D:\PROGRAMI\Kies\External\FirmwareUpdate\CommonModule.dll - ok
23:43:10.0077 5004 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
23:43:10.0077 5004 C:\Windows\System32\p2pcollab.dll - ok
23:43:10.0077 5004 [ 5D8843488433E6636EA17D36A3225ED2 ] D:\PROGRAMI\Kies\KiesAirMessageCtl.dll
23:43:10.0077 5004 D:\PROGRAMI\Kies\KiesAirMessageCtl.dll - ok
23:43:10.0077 5004 [ FF31511C480A30CD6D07A717AA900C80 ] D:\PROGRAMI\Kies\External\FirmwareUpdate\AgentModule.dll
23:43:10.0077 5004 D:\PROGRAMI\Kies\External\FirmwareUpdate\AgentModule.dll - ok
23:43:10.0077 5004 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
23:43:10.0077 5004 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
23:43:10.0077 5004 [ 918B4BBA10008D2E41F7D40BBC618F68 ] D:\PROGRAMI\Kies\External\FirmwareUpdate\BaseUI.dll
23:43:10.0077 5004 D:\PROGRAMI\Kies\External\FirmwareUpdate\BaseUI.dll - ok
23:43:10.0093 5004 [ 03C6EC6D8C6D69B5384EA4C9791DDBBF ] D:\PROGRAMI\Kies\External\FirmwareUpdate\ToolkitPro1331vc90U.dll
23:43:10.0093 5004 D:\PROGRAMI\Kies\External\FirmwareUpdate\ToolkitPro1331vc90U.dll - ok
23:43:10.0095 5004 [ 2A632A95433E9719F37AE06BA00543AC ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
23:43:10.0095 5004 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL - ok
23:43:10.0098 5004 [ 64CF515C9E1C53840FCC0684D0147951 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
23:43:10.0098 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll - ok
23:43:10.0098 5004 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\92458527.sys
23:43:10.0098 5004 C:\Windows\System32\drivers\92458527.sys - ok
23:43:10.0100 5004 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
23:43:10.0100 5004 C:\Windows\SysWOW64\sxs.dll - ok
23:43:10.0103 5004 [ C83AA72213EC6B5A15F00DA47C56A4C0 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
23:43:10.0103 5004 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
23:43:10.0103 5004 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
23:43:10.0103 5004 C:\Windows\SysWOW64\riched20.dll - ok
23:43:10.0105 5004 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
23:43:10.0105 5004 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
23:43:10.0108 5004 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
23:43:10.0108 5004 C:\Windows\SysWOW64\duser.dll - ok
23:43:10.0110 5004 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
23:43:10.0110 5004 C:\Windows\SysWOW64\dui70.dll - ok
23:43:10.0110 5004 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
23:43:10.0110 5004 C:\Windows\System32\ncobjapi.dll - ok
23:43:10.0113 5004 [ 80D472A78E7118DD1FB9CB1B87FD27CC ] C:\Windows\SysWOW64\nvapi.dll
23:43:10.0113 5004 C:\Windows\SysWOW64\nvapi.dll - ok
23:43:10.0115 5004 [ F5DBD0D61AAA7ED8F6AD57CE8A8C6AAC ] C:\Windows\SysWOW64\nvd3dum.dll
23:43:10.0115 5004 C:\Windows\SysWOW64\nvd3dum.dll - ok
23:43:10.0115 5004 [ 5025FC3EADB4A394DF4F6497A0460D5B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
23:43:10.0115 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll - ok
23:43:10.0118 5004 [ B24F81FE24E1E00D86E6DCC099235C53 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll
23:43:10.0118 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll - ok
23:43:10.0120 5004 [ AFE3883FB37A5567C913E7DFCF2924A5 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
23:43:10.0120 5004 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe - ok
23:43:10.0123 5004 [ 3F11B20D12D89365D7721BDC860CE5F0 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
23:43:10.0123 5004 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
23:43:10.0125 5004 [ 335A04D6395336CC142340B9A254B603 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
23:43:10.0125 5004 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe - ok
23:43:10.0125 5004 [ 5BD2176B85AADA5C5547D8FFC3BE8DFA ] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
23:43:10.0125 5004 C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe - ok
23:43:10.0128 5004 [ 49531A59899FB6C888D3AC76C908693D ] C:\Windows\System32\usbui.dll
23:43:10.0128 5004 C:\Windows\System32\usbui.dll - ok
23:43:10.0130 5004 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:43:10.0130 5004 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
23:43:10.0133 5004 [ 67BD916F01424DEB8AB8CD9E0096F277 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
23:43:10.0133 5004 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
23:43:10.0135 5004 [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:43:10.0135 5004 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
23:43:10.0135 5004 [ 34ED4524A7EBD74F4B8F4134E31EAEE1 ] C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll
23:43:10.0135 5004 C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll - ok
23:43:10.0138 5004 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
23:43:10.0138 5004 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
23:43:10.0140 5004 [ 086F19D0444F20725B585C7C1BACB6AF ] C:\Windows\SysWOW64\nvwgf2um.dll
23:43:10.0140 5004 C:\Windows\SysWOW64\nvwgf2um.dll - ok
23:43:10.0143 5004 [ A3E098E6539755F01D2CC485726C2164 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll
23:43:10.0143 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll - ok
23:43:10.0143 5004 [ 5063A88F0743070B41401725950AFD3A ] C:\Windows\SysWOW64\nvoglv32.dll
23:43:10.0143 5004 C:\Windows\SysWOW64\nvoglv32.dll - ok
23:43:10.0145 5004 [ 7864ACDF316457FAD14DDDB4ACA88C72 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll
23:43:10.0145 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll - ok
23:43:10.0148 5004 [ 47984440E7EE2C626B31D79E903A3DEC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
23:43:10.0148 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll - ok
23:43:10.0150 5004 [ AA54488747B30113C60B6B03CB9B2733 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll
23:43:10.0150 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll - ok
23:43:10.0153 5004 [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\SysWOW64\DWrite.dll
23:43:10.0153 5004 C:\Windows\SysWOW64\DWrite.dll - ok
23:43:10.0153 5004 [ 5F3818A610098D5DFB61D596383A3DB2 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
23:43:10.0153 5004 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
23:43:10.0155 5004 [ 9383D302F0D95DB0802308CF250727F3 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
23:43:10.0155 5004 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
23:43:10.0158 5004 [ 5F59A5E21B387B1258F5BC979B6BC5E7 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
23:43:10.0158 5004 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
23:43:10.0160 5004 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
23:43:10.0160 5004 C:\Windows\SysWOW64\wbemcomn.dll - ok
23:43:10.0160 5004 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
23:43:10.0160 5004 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
23:43:10.0163 5004 [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
23:43:10.0163 5004 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
23:43:10.0165 5004 [ 8CBB3860288730839D26181467896950 ] D:\PROGRAMI\Kies\Common\Kies.Common.Util.dll
23:43:10.0165 5004 D:\PROGRAMI\Kies\Common\Kies.Common.Util.dll - ok
23:43:10.0168 5004 [ 2E14DB49B7DC3DFF744E31E25036979F ] D:\PROGRAMI\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
23:43:10.0168 5004 D:\PROGRAMI\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll - ok
23:43:10.0170 5004 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
23:43:10.0170 5004 C:\Windows\System32\wbem\wbemess.dll - ok
23:43:10.0170 5004 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
23:43:10.0170 5004 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
23:43:10.0173 5004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
23:43:10.0173 5004 C:\Windows\System32\pnrpsvc.dll - ok
23:43:10.0175 5004 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
23:43:10.0175 5004 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
23:43:10.0175 5004 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
23:43:10.0175 5004 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
23:43:10.0178 5004 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
23:43:10.0178 5004 C:\Windows\System32\IdListen.dll - ok
23:43:10.0180 5004 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
23:43:10.0180 5004 C:\Windows\SysWOW64\msvcp100.dll - ok
23:43:10.0183 5004 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
23:43:10.0183 5004 C:\Windows\SysWOW64\msvcr100.dll - ok
23:43:10.0183 5004 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
23:43:10.0183 5004 C:\Windows\SysWOW64\ntdsapi.dll - ok
23:43:10.0185 5004 [ A5BE518E515EF80EFD10B6727F31E366 ] C:\Program Files\Internet Explorer\ieproxy.dll
23:43:10.0185 5004 C:\Program Files\Internet Explorer\ieproxy.dll - ok
23:43:10.0188 5004 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
23:43:10.0188 5004 C:\Windows\System32\QAGENTRT.DLL - ok
23:43:10.0190 5004 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
23:43:10.0190 5004 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
23:43:10.0190 5004 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
23:43:10.0190 5004 C:\Windows\System32\hgprint.dll - ok
23:43:10.0193 5004 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\winsxs\amd64_microsoft-windows-w..ovider-cimwin32-dll_31bf3856ad364e35_6.1.7601.17514_none_2dd0f6a01caf55c6\cimwin32.dll
23:43:10.0193 5004 C:\Windows\winsxs\amd64_microsoft-windows-w..ovider-cimwin32-dll_31bf3856ad364e35_6.1.7601.17514_none_2dd0f6a01caf55c6\cimwin32.dll - ok
23:43:10.0195 5004 [ C22983E20481AA2E07E564632C82B81E ] C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll
23:43:10.0195 5004 C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll - ok
23:43:10.0198 5004 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
23:43:10.0198 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
23:43:10.0198 5004 [ 5EEE5470D53FDD42A3315064A7BE6789 ] D:\PROGRAMI\Kies\Theme\Kies.Theme.dll
23:43:10.0198 5004 D:\PROGRAMI\Kies\Theme\Kies.Theme.dll - ok
23:43:10.0200 5004 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
23:43:10.0200 5004 C:\Windows\System32\framedynos.dll - ok
23:43:10.0203 5004 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
23:43:10.0203 5004 C:\Windows\System32\wmi.dll - ok
23:43:10.0205 5004 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
23:43:10.0205 5004 C:\Windows\System32\dssenh.dll - ok
23:43:10.0205 5004 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
23:43:10.0205 5004 C:\Windows\System32\security.dll - ok
23:43:10.0208 5004 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
23:43:10.0208 5004 C:\Windows\System32\browcli.dll - ok
23:43:10.0210 5004 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
23:43:10.0210 5004 C:\Windows\System32\schedcli.dll - ok
23:43:10.0210 5004 [ F92B3868E3801653AF196C76078829FA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
23:43:10.0210 5004 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
23:43:10.0213 5004 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
23:43:10.0213 5004 C:\Windows\SysWOW64\cryptui.dll - ok
23:43:10.0215 5004 [ 56DB34F4DC39CECBC871A895C6FCF1C3 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
23:43:10.0215 5004 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
23:43:10.0218 5004 [ 3851909899A5E6210C58DB9CC02068D3 ] C:\Program Files\AVAST Software\Avast\aswData.dll
23:43:10.0218 5004 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
23:43:10.0218 5004 [ B27A2CB514C1A18A7485B2FD2B7BD2AD ] D:\PROGRAMI\Kies\Common\Kies.UI.dll
23:43:10.0218 5004 D:\PROGRAMI\Kies\Common\Kies.UI.dll - ok
23:43:10.0220 5004 [ 1ABD3F012E390FD5B80D597842D26A74 ] D:\PROGRAMI\Kies\MVVM\Kies.MVVM.dll
23:43:10.0220 5004 D:\PROGRAMI\Kies\MVVM\Kies.MVVM.dll - ok
23:43:10.0223 5004 [ 9481918E8A43376731104FBDDF5A997B ] D:\PROGRAMI\Kies\Common\Kies.Interface.dll
23:43:10.0223 5004 D:\PROGRAMI\Kies\Common\Kies.Interface.dll - ok
23:43:10.0225 5004 [ EC8F242B967894EB2D21E7E8257CE135 ] D:\PROGRAMI\Kies\Locale\Kies.Locale.dll
23:43:10.0225 5004 D:\PROGRAMI\Kies\Locale\Kies.Locale.dll - ok
23:43:10.0225 5004 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
23:43:10.0225 5004 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
23:43:10.0228 5004 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
23:43:10.0228 5004 C:\Windows\System32\fveui.dll - ok
23:43:10.0230 5004 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
23:43:10.0230 5004 C:\Windows\System32\p2psvc.dll - ok
23:43:10.0230 5004 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
23:43:10.0230 5004 C:\Windows\System32\P2PGraph.dll - ok
23:43:10.0233 5004 [ B5565D3131852039BC93917B89A33135 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorUtil.dll
23:43:10.0233 5004 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorUtil.dll - ok
23:43:10.0235 5004 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
23:43:10.0235 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
23:43:10.0238 5004 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
23:43:10.0238 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
23:43:10.0240 5004 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
23:43:10.0240 5004 C:\Windows\SysWOW64\schannel.dll - ok
23:43:10.0240 5004 [ 5CE2C1433B9B634591F0A1C4C1203A0B ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
23:43:10.0240 5004 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
23:43:10.0243 5004 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
23:43:10.0243 5004 C:\Windows\SysWOW64\msxml3.dll - ok
23:43:10.0245 5004 [ A3BB91467FBDDA34039686C95A31C8C2 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
23:43:10.0245 5004 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
23:43:10.0248 5004 [ 5684CD3B207C1668DEE6BD2802C25B19 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
23:43:10.0248 5004 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
23:43:10.0248 5004 [ 9FE4F370831A4CFF6E90E4D1FF383273 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\3de1ebb1410ea7f72877f8c261e85531\System.Runtime.Remoting.ni.dll
23:43:10.0248 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\3de1ebb1410ea7f72877f8c261e85531\System.Runtime.Remoting.ni.dll - ok
23:43:10.0250 5004 [ 95110A1C5A1D228AC1DDF6AB67D00BEB ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
23:43:10.0250 5004 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
23:43:10.0253 5004 [ 8DB479E065F2B546BFBD7323E5EE5B02 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_224.ocx
23:43:10.0253 5004 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_224.ocx - ok
23:43:10.0255 5004 [ 548AAB0656CA8F5A31D256ED5D488907 ] C:\Program Files (x86)\Steam\Steam.dll
23:43:10.0255 5004 C:\Program Files (x86)\Steam\Steam.dll - ok
23:43:10.0255 5004 [ F3B302C554FCA6C3BE17164A159BE29E ] C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll
23:43:10.0255 5004 C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll - ok
23:43:10.0258 5004 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
23:43:10.0258 5004 C:\Windows\SysWOW64\taskschd.dll - ok
23:43:10.0260 5004 [ 1B6A1BC9D0A840A966A3DCA2701075FD ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
23:43:10.0260 5004 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
23:43:10.0263 5004 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
23:43:10.0263 5004 C:\Windows\SysWOW64\xmllite.dll - ok
23:43:10.0265 5004 [ 8D17F8532958E0AC4A32B0E7E3C94EF2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
23:43:10.0265 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll - ok
23:43:10.0265 5004 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
23:43:10.0265 5004 C:\Windows\System32\wmpps.dll - ok
23:43:10.0268 5004 [ C19F74D59B294488E0A2D8A824C4E89B ] C:\Program Files (x86)\Steam\SteamUI.dll
23:43:10.0268 5004 C:\Program Files (x86)\Steam\SteamUI.dll - ok
23:43:10.0270 5004 [ C6458BF42FD8A9194EA4B2C81AA3B157 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
23:43:10.0270 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll - ok
23:43:10.0273 5004 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
23:43:10.0273 5004 C:\Windows\System32\wmpmde.dll - ok
23:43:10.0273 5004 [ B06633C5840EFBE99242F7B90D70C135 ] C:\Program Files (x86)\Steam\SDL2.dll
23:43:10.0273 5004 C:\Program Files (x86)\Steam\SDL2.dll - ok
23:43:10.0275 5004 [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
23:43:10.0275 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
23:43:10.0278 5004 [ CA9E8B047DD9EEACF87EABA5354055B4 ] D:\PROGRAMI\Kies\Common\Kies.Common.Multimedia.dll
23:43:10.0278 5004 D:\PROGRAMI\Kies\Common\Kies.Common.Multimedia.dll - ok
23:43:10.0280 5004 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
23:43:10.0280 5004 C:\Windows\System32\WinSATAPI.dll - ok
23:43:10.0280 5004 [ 41905052445D8481457E824C27DB14A2 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
23:43:10.0280 5004 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
23:43:10.0283 5004 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
23:43:10.0283 5004 C:\Windows\System32\MSMPEG2ENC.DLL - ok
23:43:10.0285 5004 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
23:43:10.0285 5004 C:\Windows\System32\devenum.dll - ok
23:43:10.0285 5004 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
23:43:10.0285 5004 C:\Windows\System32\msdmo.dll - ok
23:43:10.0288 5004 [ A7532E66EA2F168A0970E829D8986423 ] C:\Program Files (x86)\Steam\dbghelp.dll
23:43:10.0288 5004 C:\Program Files (x86)\Steam\dbghelp.dll - ok
23:43:10.0290 5004 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
23:43:10.0290 5004 C:\Windows\System32\upnphost.dll - ok
23:43:10.0293 5004 [ 173C217E677C4B0C4F8A6D54BA13BF9B ] C:\Program Files (x86)\Steam\CSERHelper.dll
23:43:10.0293 5004 C:\Program Files (x86)\Steam\CSERHelper.dll - ok
23:43:10.0293 5004 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
23:43:10.0293 5004 C:\Windows\System32\wbem\wmiprov.dll - ok
23:43:10.0295 5004 [ D5E1C86C58D6850B8CC45D845A3A5686 ] C:\Program Files (x86)\Steam\bin\filesystem_stdio.dll
23:43:10.0295 5004 C:\Program Files (x86)\Steam\bin\filesystem_stdio.dll - ok
23:43:10.0298 5004 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
23:43:10.0298 5004 C:\Windows\SysWOW64\dsound.dll - ok
23:43:10.0300 5004 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
23:43:10.0300 5004 C:\Windows\SysWOW64\mscms.dll - ok
23:43:10.0300 5004 [ E4093B24A9530D13191660C2AD78EE64 ] C:\Program Files (x86)\Steam\bin\vgui2_s.dll
23:43:10.0300 5004 C:\Program Files (x86)\Steam\bin\vgui2_s.dll - ok
23:43:10.0303 5004 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
23:43:10.0303 5004 C:\Windows\SysWOW64\opengl32.dll - ok
23:43:10.0305 5004 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
23:43:10.0305 5004 C:\Windows\SysWOW64\dciman32.dll - ok
23:43:10.0305 5004 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
23:43:10.0305 5004 C:\Windows\SysWOW64\ddraw.dll - ok
23:43:10.0308 5004 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
23:43:10.0308 5004 C:\Windows\SysWOW64\glu32.dll - ok
23:43:10.0310 5004 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
23:43:10.0310 5004 C:\Windows\SysWOW64\actxprxy.dll - ok
23:43:10.0310 5004 [ C5C8C2BB002BCD580CDF3AA61D9AB6BF ] C:\Program Files (x86)\Steam\bin\chromehtml.dll
23:43:10.0310 5004 C:\Program Files (x86)\Steam\bin\chromehtml.dll - ok
23:43:10.0313 5004 [ F19EF79481B83549A8BF3042CBC803BD ] C:\Program Files\AVAST Software\Avast\defs\13070300\uiext.dll
23:43:10.0313 5004 C:\Program Files\AVAST Software\Avast\defs\13070300\uiext.dll - ok
23:43:10.0315 5004 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll
23:43:10.0315 5004 C:\Windows\SysWOW64\activeds.dll - ok
23:43:10.0318 5004 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
23:43:10.0318 5004 C:\Windows\SysWOW64\adsldpc.dll - ok
23:43:10.0318 5004 [ 3E709F7BFA217CD3B6FC338780465E20 ] C:\Windows\SysWOW64\adsldp.dll
23:43:10.0318 5004 C:\Windows\SysWOW64\adsldp.dll - ok
23:43:10.0320 5004 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
23:43:10.0320 5004 C:\Windows\SysWOW64\atl.dll - ok
23:43:10.0323 5004 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
23:43:10.0323 5004 C:\Windows\SysWOW64\logoncli.dll - ok
23:43:10.0325 5004 [ 3E8FDA791A00206C4C198EC4A51AC482 ] D:\PROGRAMI\Kies\Common\Kies.Common.AllShare.dll
23:43:10.0325 5004 D:\PROGRAMI\Kies\Common\Kies.Common.AllShare.dll - ok
23:43:10.0325 5004 [ E9067797A1034BF10E8B725E1A276B7D ] D:\PROGRAMI\Kies\External\MACSSDK.dll
23:43:10.0325 5004 D:\PROGRAMI\Kies\External\MACSSDK.dll - ok
23:43:10.0328 5004 [ 066EEB52A3FE535BD89D4D76AA68777B ] D:\PROGRAMI\Kies\External\MediaModules\ASF_cSharpAPI.dll
23:43:10.0328 5004 D:\PROGRAMI\Kies\External\MediaModules\ASF_cSharpAPI.dll - ok
23:43:10.0330 5004 [ BE1513A1A1A8458F5B30D5799476CAA4 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
23:43:10.0330 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll - ok
23:43:10.0333 5004 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
23:43:10.0333 5004 C:\Windows\System32\udhisapi.dll - ok
23:43:10.0333 5004 [ 720F0FDC2F4F3246807009CFEEAF75F1 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll
23:43:10.0333 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll - ok
23:43:10.0335 5004 [ BEDF84C51B17F3B52E41BAB90900AAFF ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
23:43:10.0335 5004 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll - ok
23:43:10.0338 5004 [ 9DA621EE05B8F692ABC52B5D8076C3C7 ] C:\Program Files (x86)\Steam\bin\libcef.dll
23:43:10.0338 5004 C:\Program Files (x86)\Steam\bin\libcef.dll - ok
23:43:10.0340 5004 [ 045D0F4F41CA53D4CB22BDC814A22B64 ] C:\Program Files (x86)\Steam\bin\icudt.dll
23:43:10.0340 5004 C:\Program Files (x86)\Steam\bin\icudt.dll - ok
23:43:10.0340 5004 [ BBA1FE328CEA501FCCE1E5DF16276439 ] C:\Program Files (x86)\Steam\bin\avcodec-53.dll
23:43:10.0340 5004 C:\Program Files (x86)\Steam\bin\avcodec-53.dll - ok
23:43:10.0343 5004 [ 2A8B8A15A58EDF3B443083EC29894E54 ] C:\Program Files (x86)\Steam\bin\avutil-51.dll
23:43:10.0343 5004 C:\Program Files (x86)\Steam\bin\avutil-51.dll - ok
23:43:10.0345 5004 [ C5CCB86CD745746B9908031A54315F90 ] C:\Program Files (x86)\Steam\bin\avformat-53.dll
23:43:10.0345 5004 C:\Program Files (x86)\Steam\bin\avformat-53.dll - ok
23:43:10.0348 5004 [ CE074F292FA09B5E67819BA6CA85711F ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvcInterfaces.dll
23:43:10.0348 5004 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvcInterfaces.dll - ok
23:43:10.0348 5004 [ 25CC8259CA0E491AD08CF1EEC9282ECB ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorCommon.dll
23:43:10.0348 5004 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorCommon.dll - ok
23:43:10.0350 5004 [ 3A3B0E2CDAAFC52481C81B45C5BA2075 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\61891736b5213480cd68d7e82199182f\System.ServiceModel.ni.dll
23:43:10.0350 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\61891736b5213480cd68d7e82199182f\System.ServiceModel.ni.dll - ok
23:43:10.0353 5004 [ A2BD298E0D4EAB4618DDA2C4C237261C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
23:43:10.0353 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll - ok
23:43:10.0355 5004 [ 84C62605B877A378FE6F76E380D97E7B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
23:43:10.0355 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll - ok
23:43:10.0358 5004 [ 24443DDF8D34C6698074777A27A65F63 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ce6b7579fbb77330560e9122d1cf6526\System.Web.ni.dll
23:43:10.0358 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ce6b7579fbb77330560e9122d1cf6526\System.Web.ni.dll - ok
23:43:10.0358 5004 [ B8C3ECA1758201686499CA6DC47F36C8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fb24cb5162d2e25d56932e22afb5ecac\System.WorkflowServices.ni.dll
23:43:10.0358 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fb24cb5162d2e25d56932e22afb5ecac\System.WorkflowServices.ni.dll - ok
23:43:10.0360 5004 [ 4A0FCFEFD79635E46968B786194B5F55 ] C:\Program Files (x86)\Steam\steamclient.dll
23:43:10.0360 5004 C:\Program Files (x86)\Steam\steamclient.dll - ok
23:43:10.0363 5004 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
23:43:10.0363 5004 C:\Windows\SysWOW64\pdh.dll - ok
23:43:10.0365 5004 [ 1996FFD14A421007FEAAA3417B3DFB60 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9d0ff60b104f7e746c371ad2da922812\System.ServiceModel.Web.ni.dll
23:43:10.0365 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9d0ff60b104f7e746c371ad2da922812\System.ServiceModel.Web.ni.dll - ok
23:43:10.0365 5004 [ 68AAEBC82D899A7C4F0E5F4E27DC3679 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2f6d74f7f12671ce91ea457346e1fe78\System.IdentityModel.ni.dll
23:43:10.0365 5004 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2f6d74f7f12671ce91ea457346e1fe78\System.IdentityModel.ni.dll - ok
23:43:10.0368 5004 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
23:43:10.0368 5004 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
23:43:10.0370 5004 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
23:43:10.0370 5004 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
23:43:10.0373 5004 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
23:43:10.0373 5004 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
23:43:10.0373 5004 [ FAACDEBF241027F2469FA0C1769DF13B ] C:\Program Files (x86)\Steam\bin\steamservice.dll
23:43:10.0373 5004 C:\Program Files (x86)\Steam\bin\steamservice.dll - ok
23:43:10.0375 5004 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
23:43:10.0375 5004 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
23:43:10.0378 5004 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
23:43:10.0378 5004 C:\Windows\SysWOW64\MMDevAPI.dll - ok
23:43:10.0380 5004 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
23:43:10.0380 5004 C:\Windows\SysWOW64\wdmaud.drv - ok
23:43:10.0380 5004 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
23:43:10.0380 5004 C:\Windows\SysWOW64\AudioSes.dll - ok
23:43:10.0383 5004 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
23:43:10.0383 5004 C:\Windows\SysWOW64\avrt.dll - ok
23:43:10.0385 5004 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
23:43:10.0385 5004 C:\Windows\SysWOW64\ksuser.dll - ok
23:43:10.0385 5004 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
23:43:10.0388 5004 C:\Windows\System32\drprov.dll - ok
23:43:10.0388 5004 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
23:43:10.0388 5004 C:\Windows\SysWOW64\midimap.dll - ok
23:43:10.0390 5004 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
23:43:10.0390 5004 C:\Windows\SysWOW64\msacm32.drv - ok
23:43:10.0393 5004 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
23:43:10.0393 5004 C:\Windows\System32\ntlanman.dll - ok
23:43:10.0393 5004 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
23:43:10.0393 5004 C:\Windows\System32\davclnt.dll - ok
23:43:10.0395 5004 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
23:43:10.0395 5004 C:\Windows\System32\davhlpr.dll - ok
23:43:10.0398 5004 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
23:43:10.0398 5004 C:\Windows\SysWOW64\hid.dll - ok
23:43:10.0400 5004 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
23:43:10.0400 5004 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
23:43:10.0400 5004 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
23:43:10.0400 5004 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
23:43:10.0403 5004 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
23:43:10.0403 5004 C:\Windows\SysWOW64\shfolder.dll - ok
23:43:10.0405 5004 [ A3F352AAF9943BE62550ED6D8A36E46A ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IntelVisualDesign.dll
23:43:10.0405 5004 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IntelVisualDesign.dll - ok
23:43:10.0408 5004 [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll
23:43:10.0408 5004 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
23:43:10.0408 5004 [ 5C24852FB8A910FA0C6AEC0DD10FA85E ] C:\Program Files (x86)\Opera\opera.dll
23:43:10.0408 5004 C:\Program Files (x86)\Opera\opera.dll - ok
23:43:10.0410 5004 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
23:43:10.0410 5004 C:\Windows\SysWOW64\rasapi32.dll - ok
23:43:10.0413 5004 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
23:43:10.0413 5004 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
23:43:10.0415 5004 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
23:43:10.0415 5004 C:\Windows\SysWOW64\rasman.dll - ok
23:43:10.0415 5004 [ C6B6F8D9190F0D942168A03E12B0973D ] C:\Program Files\Internet Explorer\sqmapi.dll
23:43:10.0415 5004 C:\Program Files\Internet Explorer\sqmapi.dll - ok
23:43:10.0418 5004 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
23:43:10.0418 5004 C:\Windows\System32\wbem\wmipcima.dll - ok
23:43:10.0420 5004 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
23:43:10.0420 5004 C:\Windows\SysWOW64\linkinfo.dll - ok
23:43:10.0420 5004 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
23:43:10.0420 5004 C:\Windows\SysWOW64\devenum.dll - ok
23:43:10.0423 5004 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
23:43:10.0423 5004 C:\Windows\SysWOW64\msdmo.dll - ok
23:43:10.0425 5004 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
23:43:10.0425 5004 C:\Windows\SysWOW64\avicap32.dll - ok
23:43:10.0425 5004 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
23:43:10.0428 5004 C:\Windows\SysWOW64\msvfw32.dll - ok
23:43:10.0428 5004 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
23:43:10.0428 5004 C:\Windows\SysWOW64\quartz.dll - ok
23:43:10.0430 5004 [ 42A9B216A7A288512CE2F9A6BCCE96BC ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
23:43:10.0430 5004 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll - ok
23:43:10.0433 5004 [ 3D76B5C0E02ECC19C1F5756E8FD97F72 ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
23:43:10.0433 5004 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - ok
23:43:10.0435 5004 [ D7324EB1EDCB8990F8522DE0311359E9 ] C:\Windows\SysWOW64\npDeployJava1.dll
23:43:10.0435 5004 C:\Windows\SysWOW64\npDeployJava1.dll - ok
23:43:10.0435 5004 [ ABCB4A6EAB701C629378255ABCB308E5 ] C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
23:43:10.0435 5004 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll - ok
23:43:10.0438 5004 [ 7E2B763CF671ADB558D5F7110889D469 ] C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
23:43:10.0438 5004 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL - ok
23:43:10.0440 5004 [ DB9CEF13F8C898DFA5C4B31E39547BB9 ] C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
23:43:10.0440 5004 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL - ok
23:43:10.0443 5004 [ 545E63EE9B530BDD10AAF477A8DD7C63 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
23:43:10.0443 5004 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll - ok
23:43:10.0445 5004 [ 7EE6B6E962FD9E02BBDBF15052E0576D ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
23:43:10.0445 5004 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - ok
23:43:10.0445 5004 [ 3D928B3FE97C403A33F803B3D1A260C9 ] C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
23:43:10.0445 5004 C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll - ok
23:43:10.0448 5004 [ 3A523765D795DB006C010B915C3A840A ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
23:43:10.0448 5004 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - ok
23:43:10.0450 5004 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
23:43:10.0450 5004 C:\Windows\SysWOW64\EhStorShell.dll - ok
23:43:10.0453 5004 [ F14823F07336AA84D2F5C26834D851E9 ] C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll
23:43:10.0453 5004 C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
23:43:10.0453 5004 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
23:43:10.0453 5004 C:\Windows\SysWOW64\ntshrui.dll - ok
23:43:10.0455 5004 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
23:43:10.0455 5004 C:\Windows\SysWOW64\slc.dll - ok
23:43:10.0458 5004 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
23:43:10.0458 5004 C:\Windows\SysWOW64\imageres.dll - ok
23:43:10.0460 5004 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll
23:43:10.0460 5004 C:\Windows\SysWOW64\gameux.dll - ok
23:43:10.0460 5004 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
23:43:10.0460 5004 C:\Windows\SysWOW64\wer.dll - ok
23:43:10.0463 5004 [ BF0BC4244D43B661AAC00BF1E5E2BA9B ] C:\Program Files (x86)\Steam\bin\friendsui.dll
23:43:10.0463 5004 C:\Program Files (x86)\Steam\bin\friendsui.dll - ok
23:43:10.0465 5004 [ 9EBB690A63755C79D312F80F14126B8C ] C:\Program Files (x86)\Steam\bin\serverbrowser.dll
23:43:10.0465 5004 C:\Program Files (x86)\Steam\bin\serverbrowser.dll - ok
23:43:10.0465 5004 [ 5E08AC958BE05247FF1539E0D1CE7905 ] C:\Windows\SysWOW64\dinput8.dll
23:43:10.0465 5004 C:\Windows\SysWOW64\dinput8.dll - ok
23:43:10.0468 5004 [ 77F595DEE5FFACEA72B135B1FCE1312E ] C:\Windows\SysWOW64\xinput1_3.dll
23:43:10.0468 5004 C:\Windows\SysWOW64\xinput1_3.dll - ok
23:43:10.0470 5004 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
23:43:10.0470 5004 C:\Windows\SysWOW64\d3d9.dll - ok
23:43:10.0473 5004 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
23:43:10.0473 5004 C:\Windows\SysWOW64\d3d8thk.dll - ok
23:43:10.0473 5004 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
23:43:10.0473 5004 C:\Windows\SysWOW64\mlang.dll - ok
23:43:10.0475 5004 [ D7139E04B44274C71B3C1C5DBF3F5F52 ] C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
23:43:10.0475 5004 C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll - ok
23:43:10.0478 5004 [ E39BAE9F813632AC6B434D6BC01A1A6C ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
23:43:10.0478 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll - ok
23:43:10.0480 5004 [ 330922836B5424869DB8597F48CFE1B3 ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
23:43:10.0480 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll - ok
23:43:10.0480 5004 [ D48156B954D8E8974D35CA27628FA623 ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
23:43:10.0480 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll - ok
23:43:10.0483 5004 [ 4125C4D8D5F0DB304B42D0F0AA9E9485 ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
23:43:10.0483 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll - ok
23:43:10.0485 5004 [ 4C938B92F6E389CC22BDE03BE140F43C ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
23:43:10.0485 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll - ok
23:43:10.0488 5004 [ 2880FF5DAABA68431C9CF056786A10FB ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
23:43:10.0488 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll - ok
23:43:10.0490 5004 [ 747F73CD83367B287899CE3A41DD04F0 ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
23:43:10.0490 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll - ok
23:43:10.0490 5004 [ 50E5B61B4BDE3CB0335801F57C7BAE40 ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
23:43:10.0490 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll - ok
23:43:10.0493 5004 [ F509E86EFCBA242200E4C2AFF917D2FC ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
23:43:10.0493 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll - ok
23:43:10.0495 5004 [ C400199CE866C00A806B0EEBB9E5326C ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
23:43:10.0495 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll - ok
23:43:10.0498 5004 [ 0ACDD4EC0A2A2944EEDBD83815226FE5 ] C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
23:43:10.0498 5004 C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll - ok
23:43:10.0498 5004 ============================================================
23:43:10.0498 5004 Scan finished
23:43:10.0498 5004 ============================================================
23:43:10.0503 4996 Detected object count: 4
23:43:10.0503 4996 Actual detected object count: 4
23:44:39.0993 4996 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:39.0993 4996 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:39.0993 4996 IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:39.0993 4996 IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:39.0993 4996 ICCS ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:39.0993 4996 ICCS ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:39.0993 4996 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:39.0993 4996 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#9
Crazy North

Crazy North

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
ComboFix 13-07-06.03 - Petar 06-Jul-13 14:08:52.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16333.13791 [GMT 2:00]
Running from: c:\users\Petar\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-06-06 to 2013-07-06 )))))))))))))))))))))))))))))))
.
.
2013-07-06 12:12 . 2013-07-06 12:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-06 02:12 . 2013-07-06 02:12 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F63618C-45F9-4004-AF74-C61311E3CA22}\offreg.dll
2013-07-05 21:08 . 2013-07-05 21:08 -------- d-----w- c:\windows\system32\appmgmt
2013-07-05 17:31 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F63618C-45F9-4004-AF74-C61311E3CA22}\mpengine.dll
2013-07-02 22:29 . 2013-07-02 22:29 -------- d-----w- C:\FRST
2013-07-02 15:30 . 2013-07-02 15:30 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-06-29 09:33 . 2013-06-29 09:33 -------- d-----w- c:\programdata\Steam
2013-06-25 21:50 . 2013-06-25 21:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-25 21:50 . 2013-06-25 21:50 -------- d-----w- c:\program files (x86)\Java
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-15 13:48 . 2013-06-15 13:48 -------- d-----w- c:\users\Petar\AppData\Local\NVIDIA
2013-06-15 13:37 . 2013-06-15 13:38 -------- d-----w- c:\users\UpdatusUser
2013-06-15 13:31 . 2013-02-25 05:27 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2013-06-15 13:31 . 2013-02-25 05:27 194848 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-06-15 13:31 . 2013-06-21 12:06 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-15 13:31 . 2013-06-21 12:06 12427240 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-06-15 13:31 . 2013-05-12 21:42 1832224 ----a-w- c:\windows\system32\nvdispco6432018.dll
2013-06-15 13:31 . 2013-05-12 21:42 1511712 ----a-w- c:\windows\system32\nvdispgenco6432018.dll
2013-06-15 13:08 . 2013-06-15 13:08 -------- d-----w- c:\users\Petar\AppData\Local\Diagnostics
2013-06-13 23:41 . 2013-06-13 23:41 -------- d-----w- c:\users\Petar\AppData\Local\Macromedia
2013-06-13 23:40 . 2013-06-13 23:40 -------- d-----w- c:\users\Petar\AppData\Local\Mozilla
2013-06-13 23:40 . 2013-06-13 23:40 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-06-13 22:56 . 2013-06-13 22:56 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2013-06-11 20:47 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-07 16:07 . 2013-06-07 16:07 -------- d-----w- c:\users\Petar\AppData\Roaming\Malwarebytes
2013-06-07 16:07 . 2013-06-07 16:07 -------- d-----w- c:\programdata\Malwarebytes
2013-06-07 16:07 . 2013-06-07 16:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-07 16:07 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-07 13:12 . 2013-06-07 13:12 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2013-06-07 13:12 . 2013-06-07 13:12 -------- d-----w- c:\windows\PCHEALTH
2013-06-07 13:12 . 2013-06-07 13:12 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2013-06-07 13:12 . 2013-06-07 13:12 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-06-07 13:10 . 2013-06-07 13:10 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-06-07 13:10 . 2013-06-07 13:10 -------- d-----w- c:\program files\Microsoft Office
2013-06-07 13:09 . 2013-06-07 13:09 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-06-07 13:09 . 2013-06-07 13:09 -------- d-----w- c:\users\Petar\AppData\Local\Microsoft Help
2013-06-07 13:09 . 2013-06-07 13:13 -------- d-----w- c:\programdata\Microsoft Help
2013-06-07 13:09 . 2013-06-07 13:09 -------- d-----r- C:\MSOCache
2013-06-06 17:07 . 2013-06-06 17:07 -------- d-----w- c:\program files (x86)\ESET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-27 20:17 . 2013-06-03 23:55 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 20:17 . 2012-12-06 20:18 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-27 20:17 . 2012-12-06 20:18 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-25 21:50 . 2012-12-17 12:50 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-25 21:50 . 2012-12-17 12:50 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-21 12:06 . 2012-12-06 18:35 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2012-12-06 14:27 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2012-12-06 14:27 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 10:23 . 2012-12-06 14:30 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2012-12-06 14:30 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2012-12-06 14:30 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2012-12-06 14:30 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2012-12-06 14:30 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-20 04:17 . 2012-12-06 14:30 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
2013-06-12 15:31 . 2013-02-20 17:09 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 15:31 . 2013-02-20 17:09 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 00:32 . 2013-02-13 00:35 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-05-22 13:16 . 2013-05-22 13:16 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-05-22 13:16 . 2013-05-22 13:16 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-05-12 00:40 . 2013-05-12 00:40 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-05-09 08:59 . 2013-06-03 23:55 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-12-06 20:18 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2012-12-06 20:18 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2012-12-06 20:18 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2012-12-06 20:18 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2012-12-06 20:15 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2012-12-06 20:18 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2013-02-09 14:38 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-18 10:09 . 2013-04-30 12:55 37344 ----a-w- c:\windows\SysWow64\FsUsbExDisk.Sys
2013-04-18 10:09 . 2013-04-30 12:55 37344 ----a-w- c:\windows\SysWow64\FsUsbExDisk.Sy_
2013-04-18 10:09 . 2013-04-30 12:55 233472 ----a-w- c:\windows\SysWow64\FsUsbExService.Exe
2013-04-13 05:49 . 2013-05-15 17:15 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 17:15 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 17:15 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 17:15 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 17:15 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 17:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-23 17:13 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 17:15 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 17:15 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 17:15 3153920 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-06-06 1641896]
"KiesAirMessage"="d:\programi\Kies\KiesAirMessage.exe" [2013-04-18 578560]
"KiesPreload"="d:\programi\Kies\Kies.exe" [2013-04-23 1561968]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe" [2012-03-15 286720]
"FLxHCIm64"="c:\program files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [2012-05-21 48128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-19 12:40 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-20 15:31]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06 14:07]
.
2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06 14:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Petar\AppData\Roaming\Mozilla\Firefox\Profiles\2cq7sp94.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - ExtSQL: 2013-06-04 01:55; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-06-14 01:44; {64161300-e22b-11db-8314-0800200c9a66}; c:\users\Petar\AppData\Roaming\Mozilla\Firefox\Profiles\2cq7sp94.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-55043794.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B} - c:\program files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3565809694-3766111233-2934028966-1000\Software\SecuROM\License information*]
"datasecu"=hex:79,75,ef,c9,fd,ea,a3,96,24,34,a8,94,30,98,87,35,d9,15,57,ad,f6,
05,98,14,78,da,0b,22,35,9d,b7,4c,e7,83,1c,66,01,41,0b,13,51,23,07,9c,53,69,\
"rkeysecu"=hex:bb,97,1a,c2,e2,27,9e,d8,f9,15,74,b2,99,ec,0f,c4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-07-06 14:14:07
ComboFix-quarantined-files.txt 2013-07-06 12:14
.
Pre-Run: 24,156,532,736 bytes free
Post-Run: 23,957,327,872 bytes free
.
- - End Of File - - C3BA291BAA2636D5F2AE37D593B79075
D41D8CD98F00B204E9800998ECF8427E
  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Crazy North,

Download the ESET services repair tool, extract the file to your desktop.
  • Double-click ServicesRepair.exe.
  • If security notifications appear, click Continue or Run and then click Yes when asked if you want to proceed.
  • Once the tool has finished, you will be prompted to restart your computer. Click Yes to restart.
  • A log will be saved in the CCSupport folder the tool created on your desktop, please post the content in your next reply.

  • 0

Advertisements


#11
Crazy North

Crazy North

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Log Opened: 2013-07-07 @ 01:02:34
01:02:34 - -----------------
01:02:34 - | Begin Logging |
01:02:34 - -----------------
01:02:34 - Fix started on a WIN_7 X64 computer
01:02:34 - Prep in progress. Please Wait.
01:02:35 - Prep complete
01:02:35 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
01:02:35 - Services Repair Complete.
01:02:48 - Reboot Initiated
  • 0

#12
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again Crazy North,

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic and tell me how your machine is now.

  • 0

#13
Crazy North

Crazy North

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
Unfortunately I haven't had time to use my PC lately to check how it works. I hope I will in the next couple of days.

Here is the log, no threats were found:



ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=14c80591f1e4de4890c87fe157944cbe
# engine=14013
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-06 05:49:55
# local_time=2013-06-06 07:49:55 (+0100, Central Europe Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 183082 147250867 0 0
# compatibility_mode=5893 16776573 100 94 182765 122170845 0 0
# scanned=435242
# found=7
# cleaned=7
# scan_time=2363
sh=BA27319705A611CF42F92A851A2B255317B03233 ft=1 fh=747b56ee11c81286 vn="a variant of Win32/Packed.VMProtect.AAA trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\The Witcher 2 Assassins of Kings\bin\paul.dll"
sh=886E36C6F04F391E2E90A05F73C8EC05E0A61A3E ft=1 fh=2b7d5155e462497f vn="a variant of Win32/Packed.VMProtect.AAH trojan (cleaned by deleting - quarantined)" ac=C fn="D:\IGRICE INSTALIRANO\MAX PAYNE\gsrld.dll"
sh=E592559E1339D7C4621C1261ACCA3ADD94074AF6 ft=1 fh=df6d1106df9b0f04 vn="a variant of Win32/Packed.VMProtect.AAH trojan (cleaned by deleting - quarantined)" ac=C fn="D:\IGRICE INSTALIRANO\PES 2013\rld.dll"
sh=A32AA942597786B380ABDA361918B5E6BF4F26D1 ft=1 fh=e10233d53431d7f2 vn="a variant of Win32/Packed.VMProtect.AAH trojan (cleaned by deleting - quarantined)" ac=C fn="D:\IGRICE INSTALIRANO\PES 2013\rld_103.dll"
sh=0FC145D539EF7A2D88FA76DE573B25AB9EB2A317 ft=1 fh=0484962387c0b26c vn="a variant of Win32/Packed.VMProtect.AAA trojan (cleaned by deleting - quarantined)" ac=C fn="D:\IGRICE INSTALIRANO\Splinter Cell Conviction\src\system\ubiorbitapi_r2.dll"
sh=76ABD9D0A748FFF452A9D0A3136543A98314681E ft=1 fh=61e3d33e72793996 vn="a variant of Win32/Packed.VMProtect.AAH trojan (cleaned by deleting - quarantined)" ac=C fn="D:\IGRICE INSTALIRANO\Total War Shogun 2 - Fall Of The Samurai\steam_[bleep]er.dll"
sh=52BB89E73D2517EE5C469BEAE2F6F8ED99D573BD ft=1 fh=12a6fa50d13a51e4 vn="a variant of Win32/Packed.VMProtect.AAH trojan (cleaned by deleting - quarantined)" ac=C fn="D:\PESEDIT.COM 2013 PATCH 2.8\Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=14c80591f1e4de4890c87fe157944cbe
# engine=14015
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-07 01:25:14
# local_time=2013-06-07 03:25:14 (+0100, Central Europe Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 210401 147278186 0 0
# compatibility_mode=5893 16776573 100 94 210084 122198164 0 0
# scanned=434339
# found=4
# cleaned=4
# scan_time=5725
sh=CEEFED45CCD70527CC26AE53C1D84438BE174E3C ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan (deleted - quarantined)" ac=C fn="D:\IGRICE IMAGES\Max.Payne.3-RELOADED\DVD4\rld-mp3d.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAA trojan (deleted - quarantined)" ac=C fn="D:\IGRICE IMAGES\Tom.Clancys.Splinter.Cell.Conviction-SKIDROW\sr-tcscc.iso"
sh=F672802C4F22507C7595E3D65A7FF56F6758664A ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan (deleted - quarantined)" ac=C fn="D:\Zajebancije\PESEdit.com_2012_Patch_2.8.rar"
sh=668D2179681EADA2F7E6BC00AF6C7170622DA8D7 ft=0 fh=0000000000000000 vn="Win32/RiskWare.HackAV.BG application (deleted - quarantined)" ac=C fn="D:\Zajebancije\NOD32 Antivirus 3.0.642(with unlimited update fix)\NOD32 Antivirus 3.0.642(with unlimited update fix).rar"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=14c80591f1e4de4890c87fe157944cbe
# engine=14077
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-15 02:35:07
# local_time=2013-06-15 04:35:07 (+0100, Central Europe Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 948994 148016779 0 0
# compatibility_mode=5893 16776573 100 94 53998 122936757 0 0
# scanned=450139
# found=0
# cleaned=0
# scan_time=2511
# version=8
# IEXPLORE.EXE=10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=14c80591f1e4de4890c87fe157944cbe
# engine=14139
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-23 10:53:38
# local_time=2013-06-24 12:53:38 (+0100, Central Europe Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 1670105 148737890 0 0
# compatibility_mode=5893 16776573 100 94 200245 123657868 0 0
# scanned=449555
# found=0
# cleaned=0
# scan_time=2458
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=14c80591f1e4de4890c87fe157944cbe
# engine=14301
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-07-07 01:24:12
# local_time=2013-07-07 03:24:12 (+0100, Central Europe Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 244508 149913324 0 0
# compatibility_mode=5893 16776573 100 94 51668 124833302 0 0
# scanned=445525
# found=0
# cleaned=0
# scan_time=4771
  • 0

#14
Crazy North

Crazy North

    Member

  • Topic Starter
  • Member
  • PipPip
  • 78 posts
It seems that my PC is having less problems... I didn't notice any in Opera, BS player doesn't bug anymore when I hit pause, and generally I didnt get any not responding programs...
  • 0

#15
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again Crazy North,

Unfortunately I haven't had time to use my PC lately to check how it works. I hope I will in the next couple of days.


Assuming things are okay then I think you are good to go.

Tell me if they aren't otherwise we have a couple of last steps to perform and then you're all set.Posted Image

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.

  • Go to Start > Programs > Accessories and click on Run
  • Copy and paste the the bolded text below in the box then hit OK

    Combofix /Uninstall

    Posted Image
Step 2
  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.
Any other tools remaining may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

* Click Start > Control Panel > System and Security > Windows Update
* Under Windows Update click on Turn automatic updating on or off
* Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP